OPV Logo

Privacy Policy

Last updated: June 22, 2026

Original Persona Vault Systems ("OPV", "we", "us") builds a platform for the digital continuation of human presence. We care deeply about privacy because the data people entrust to us — voices, memories, and conversations — is profoundly personal. This policy explains what we collect, why, how we use it, who processes it on our behalf, and the rights you have over your data.

1. Who We Are

Original Persona Vault Systems is the data controller responsible for this website (opvsystems.com) and the OPV Persona experience. For any privacy question or request, contact us through our contact page or at digital@opvsystems.com.

2. Data We Collect

We keep data collection to the minimum needed to operate the platform. Depending on how you use the site, we may process:

  • Automatic technical data: a pseudonymous device identifier and session identifiers stored in your browser, your timezone, and your selected language. These let the site function and prevent abuse — they are not linked to your real identity unless you sign in.
  • Analytics data: aggregated, cookieless page-view statistics collected via Plausible Analytics (page path, referrer, approximate country, device type). This data does not identify you and is never combined across other websites.
  • Account and identity data: if you choose to sign in on the OPV Persona page, we receive your name, email address, and Google account identifier from Google OAuth. Signing in is always optional.
  • Conversation data: messages you exchange with an OPV Persona, summaries of those conversations, and memory facts derived from them (stored as text and vector embeddings) so the persona can maintain continuity.
  • Voice and video data: if you enable your microphone or camera during a persona session, audio and video streams are processed in real time to power voice and avatar interaction.
  • Contact form data: the name, email, phone number, and message you submit through the contact form.

3. How We Use Your Data

We use the data above to: operate and secure the website; provide and improve the OPV Persona conversation, voice, and avatar experience; remember who you are across a conversation when you are signed in; analyze aggregate usage to improve our product; and respond to your inquiries. We never sell your personal data and never use your private content for advertising.

  • Legal bases (where GDPR applies): performing the service you request (contract); your consent (for optional analytics, sign-in, microphone, and camera); and our legitimate interest in keeping the platform secure and improving it.

4. Cookies and Local Storage

We use browser local storage rather than tracking cookies for most functionality. Specifically:

  • Local storage: stores your pseudonymous device and session identifiers, cookie-consent choice, timezone, language, and conversation state on your own device. You can clear this at any time in your browser settings.
  • Authentication cookie: if you sign in, an essential HTTP-only session cookie is set to keep you logged in for up to 24 hours.
  • Analytics: Plausible Analytics does not use cookies and does not store any data on your device.

5. Analytics

We use Plausible Analytics, a privacy-focused analytics tool, to understand how the site is used. It is cookieless, collects only aggregated metrics, does not track you across other sites, and does not build advertising profiles. No personal data is sold or shared.

plausible.io →

6. Third-Party Service Providers

We rely on a small number of trusted processors who handle data strictly on our instructions to deliver the service:

  • Plausible Analyticsprivacy-friendly, cookieless website analytics.
  • Google OAuthoptional sign-in and identity verification.
  • MongoDB Atlassecure storage of conversations, memory facts, contacts, and operational analytics.
  • OpenAIlarge language model processing for conversations, memory extraction, and identity checks.
  • Deepgramreal-time speech-to-text transcription during voice sessions.
  • Tavusreal-time video avatar generation for the persona.
  • LiveKitreal-time audio and video session transport.
  • ElevenLabsvoice synthesis for the persona.
  • Nodemailerdelivery of contact-form emails.

7. Data Retention

We retain data only as long as needed. Authentication sessions expire within 24 hours. Locally stored identifiers and conversation state remain on your device until you clear them. Conversations, derived memories, and operational analytics are retained to provide continuity and improve the service, and are deleted or anonymized when no longer needed or upon a valid deletion request.

8. International Data Transfers

Some of our service providers process data outside your country, including in the United States. Where required, we rely on appropriate safeguards such as standard contractual clauses to protect your data during these transfers.

9. Your Privacy Rights

Depending on where you live, you may have the right to access, correct, delete, or export your personal data, to object to or restrict processing, and to withdraw consent at any time. Users in California have the right to know what we collect and to opt out of any sale of personal information — we do not sell personal information. To exercise any right, contact us and we will respond within the timeframe required by law.

  • Access and portability — request a copy of your data.
  • Rectification — correct inaccurate data.
  • Erasure — request deletion of your data.
  • Objection and restriction — limit how we process your data.
  • Withdraw consent — disable analytics, sign-in, microphone, or camera at any time.

10. Data Security

We protect your data with industry-standard measures including encryption in transit, HTTP-only session cookies, scoped access controls that isolate each person's private memories, and strict server-side validation. No system is perfectly secure, but we work continuously to safeguard your information.

11. Children's Privacy

The platform is not directed to children under 16, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.

12. Sensitive and Memorial Data

OPV is often used in legacy contexts, which can involve deeply sensitive information about you and people you have lost. We treat this content with special care, keep it private to you, never use it for advertising, and apply additional safeguards appropriate to its emotional and personal nature.

13. Changes to This Policy

We may update this policy as the platform evolves. We will revise the "Last updated" date above and, for significant changes, provide a more prominent notice.

14. Contact Us

For any privacy question or to exercise your rights, reach us through our contact page or at digital@opvsystems.com.