openCenter LogoopenCenter
Back to Home
Legal
Public overview

Privacy Policy

How openCenter collects, uses, stores, and protects personal information when you visit our website or use the openCenter Platform.

This Privacy Policy describes how Rackspace Technology, Inc. ("Rackspace", "we", "us") collects, uses, stores, and protects information when you visit opencenter.cloud (the "Site") or use the openCenter Platform, openCenter Managed Platform, or openCenter Blueprints (collectively, the "Service").

For customers, the processing of Customer Data (as defined in the Subscription Terms) is governed by the Data Processing Addendum. This policy covers our general privacy practices for site visitors, prospective customers, and customers.

Privacy inquiriesCookie Policy
Privacy Policy
Last updated May 21, 2026

Purpose

Describes what personal data openCenter handles, the legal bases for processing, who receives it, how long it is retained, and how individuals can exercise their privacy rights.

Effective date
May 21, 2026
Applies to
Site visitors, prospective customers, and customers
Privacy contact
privacy@opencenter.cloud
Data sales
We do not sell personal information
Personal information collected

Contact details, account information, website usage data unless analytics are disabled, log data, and infrastructure metadata when providing the Service.

Legal basis and purpose

Legitimate interests for optional analytics, security, operations, service delivery, and handling inbound requests. Visitors can opt out of analytics through cookie preferences.

Third-party processors

PostHog for optional analytics, Mailgun for contact-form delivery. Customer-specific subprocessors are disclosed separately during procurement.

Information We Collect

Information you provide

Contact information (name, email, company, job title, phone) via contact forms or demos. Account information when added as an Authorized User. Support information in tickets. Commercial information for billing.

Information collected automatically

Usage data (pages visited, time spent, referral source, browser type). PostHog analytics unless the visitor opts out. Log data (IP address, timestamps, HTTP method, response codes) from web servers.

Information collected through the Service

Infrastructure metadata (cluster configs, node inventories). Operational data (FluxCD status, Prometheus metrics, audit logs). SOPS-encrypted secrets. Kubernetes API audit logs and authentication events.

How We Use Information
  • Provide the Service: provision clusters, deploy platform services, manage GitOps lifecycle, provide support.
  • Operate the Site: display content, process contact requests, improve the Site.
  • Communicate: respond to inquiries, send service notifications, provide support.
  • Improve: analyze usage patterns using aggregated, de-identified data.
  • Secure: detect and prevent security threats, enforce the Acceptable Use Policy, investigate incidents.
  • Comply: meet legal obligations and respond to lawful requests.
How We Share Information
  • Service providers: third-party processors who help provide the Service (see Subprocessor List).
  • Infrastructure providers: the provider specified in your Order Form (e.g., VMware, OpenStack) as necessary to operate your clusters.
  • Legal requirements: when required by law, regulation, court order, or governmental request.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, with notice to affected customers.
  • With your consent: when you direct us to share information with a third party.
Data Retention

Site visitor data

Retained for 24 months from last interaction, then deleted.

Customer account data

Retained for the Subscription Term plus 30 days (Data Retrieval Period), then deleted.

Support data

Retained for 36 months from ticket closure for quality and continuity purposes.

International Data Transfers

Customer Data is stored and processed in the infrastructure environment specified in the Order Form. If data is transferred outside the European Economic Area, we rely on appropriate transfer mechanisms including standard contractual clauses as described in the DPA.

Your Rights
  • Access the personal information we hold about you.
  • Correct inaccurate personal information.
  • Delete your personal information (subject to legal retention requirements).
  • Restrict processing of your personal information.
  • Port your personal information to another provider.
  • Object to processing based on legitimate interests.
  • Withdraw consent where processing is based on consent.
Children's Privacy

The Site and Service are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children.

Related Resources
Cross-links that help buyers and reviewers keep moving.
Cookie Policy

See how cookie preferences, storage, and analytics tracking are handled on the public website.

DPA Overview

Understand controller and processor responsibilities for customer data.

Subprocessor List

Review the current third parties disclosed for website and service operations.