Privacy Policy

Omar Calzada, a sole proprietorship in the State of Texas, doing business as OA Systems ("OA Systems," "we," "us," "our") operates Trakr at https://www.trakr.run and app.trakr.run (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect personal information.

For questions or requests regarding this policy, contact support@trakr.run.

This policy applies to visitors to our marketing site, account holders of the dashboard, and telemetry sent through our integration tools. It does not apply to third-party websites or services you link to from the Service.

For account and billing information about you and your team, OA Systems collects personal information to provide the Service.

For run telemetry your applications send about your end users or customers, you are generally responsible for determining why and how that data is collected. We process that telemetry on your instructions to operate Trakr. You must provide any notices and obtain any consents required by your policies and applicable law before sending personal data to us.

Account and profile data: name, email address, organization name, authentication identifiers, and settings you configure in the dashboard.

Billing data: subscription status, plan tier, and payment-related identifiers processed by our payment processor. We do not store full payment card numbers on our systems.

Run telemetry: workflow names, model and provider identifiers, token counts, latency, status, error messages, tool names, optional tool input and output data, optional metadata you attach to runs, relationships between related runs, and related fields needed for observability.

Technical and security data: IP address, browser or client type, request logs, credential identifiers stored securely, and similar data used for security, abuse prevention, and operations.

Communications: messages you send to support or contact addresses and our responses.

• Provide, maintain, and secure the Service
• Authenticate users and enforce organization access controls
• Calculate usage, costs, alerts, and billing (including overage)
• Send transactional emails (invites, alerts, billing notices)
• Respond to support requests and maintain reliability
• Comply with law and protect our rights, users, and the public

We do not sell your personal information. We do not use your run telemetry to train third-party foundation models.

Where GDPR or similar laws apply, we rely on: (a) Contract — processing needed to provide the Service you requested; (b) Legitimate interests — security, fraud prevention, and maintaining the Service, balanced against your rights; and (c) Legal obligation — where required by law. You may object to certain legitimate-interest processing or request restriction where applicable.

We share personal information with service providers that help us operate the Service, under contracts that require appropriate protection:

• Payment processing

  What we share: Billing contact information, subscription status, and payment-related identifiers

  Purpose: Process subscriptions, invoices, and payment disputes

  Provider: Stripe — Privacy policy

• Infrastructure, storage, and authentication

  What we share: Account information, run telemetry, authentication data, and other data necessary to operate the Service

  Purpose: Host, store, authenticate users, and deliver the Service securely

  Provider: Our cloud infrastructure partners

• Transactional email

  What we share: Email address, name, and message content needed to send account and product emails

  Purpose: Deliver verification, alert, billing, and support communications

  Provider: Our email delivery provider — Privacy policy

• Operational monitoring

  What we share: Diagnostic information such as error events, performance data, and device or browser type when an issue occurs

  Purpose: Detect outages, investigate errors, and maintain reliability

  Provider: Our operational monitoring partners

We may also disclose information if required by law, in connection with a merger or acquisition, or to protect rights, safety, and security.

Run telemetry is retained according to your plan: 14 days (Starter), 90 days (Pro), and 365 days (Scale), then deleted per our retention schedule. Account data is kept while your account is active and deleted within 30 days of confirmed account deletion, except where longer retention is required for legal, tax, or fraud-prevention purposes.

We use technical and organizational measures including encryption in transit and at rest where appropriate, access controls, organization-scoped data isolation, and secure storage of credentials. No method of transmission or storage is completely secure; protect your account credentials and rotate access keys if compromised.

Depending on where you live, you may have rights to access, correct, delete, or export personal information, and to opt out of certain processing. Submit requests to support@trakr.run. We will verify your request and respond within the timeframe required by applicable law (including 30 days where required by GDPR).

California residents (CCPA/CPRA): You have rights to know, delete, and correct personal information, and to opt out of sale or sharing. We do not sell or share personal information for cross-context behavioral advertising.

Texas residents: If the Texas Data Privacy and Security Act applies to our processing, you may have additional rights regarding your personal data. Contact us to exercise applicable rights.

EEA/UK: You may lodge a complaint with your local supervisory authority. Business customers may request a data processing agreement where required.

We use cookies and similar technologies as described in our Cookie Policy.

We process data in the United States. If you access the Service from other regions, your information may be transferred to and processed in the U.S. Where required, we use appropriate safeguards and can provide further information to business customers upon request.

The Service is not directed to children under 13 (or 16 in certain jurisdictions), and we do not knowingly collect personal information from children. Contact support@trakr.run if you believe we have collected such data.

We may update this Privacy Policy with a new "Last updated" date. Material changes will be communicated by email or through the Service when practicable. Your continued use after the effective date constitutes acceptance where permitted by law.

See also our Terms of Service and Cookie Policy.