Last updated: November 2025

This Privacy Policy is a foundational component of the Open IT Global Legal Framework. To ensure consistency and technical accuracy, this document utilizes the Global Definitions and Interpretations established in our Master Terms and Conditions. All capitalized terms used herein but not otherwise defined shall have the meanings ascribed to them in the Master Terms and Conditions, the Consulting Services Agreement (CSA), the Digital Product Agreement (DPA), and the Initial Contact Commitment (ICC).

1. General
   1.1 Scope of Data Subjects
2. Information Collected
   2.1 Personal Data
   2.2 Technical Triage & Pre-Engagement Data
   2.3 Client Dashboard & Account Data
   2.4 System Access Data (Consulting & Implementation Modules)
   2.5 Data Residency & Security
   2.6 Derivative Data
   2.7 Financial Data & Payment Vaulting
   2.8 Social Networking Data
   2.9 Mobile Device Data
   2.10 Other data
3. Use of Information
   3.1 Administrative & Contractual Communications
   3.2 Revenue Logic & Transactional Triggers
4. Disclosure of Information
   4.1 Affiliates
   4.2 Advertisers
   4.3 Other third parties
   4.4 Sale or Bankruptcy
   4.5 Interaction with others
   4.6 Online postings
   4.7 External Links
   4.8 Other purposes
5. Tracking Technologies
6. Website Analytics
7. Processing Your Information
   7.1 Service-Specific Processing
8. Data Retention
   8.1 Digital Access & Execution Logs
9. Minors
10. Communications and Opt-Out
    10.1 Marketing Communications (Optional)
    10.2 Transactional & Contractual Communications (Mandatory)
11. Your Rights
    11.1 Client Dashboard Security & User Responsibility
    11.2 Update Account Information
    11.3 Confirm Personal Data and Its Use
    11.4 Change Consent
    11.5 Opt-Out of Communications
    11.6 Request a Copy of Data
    11.7 Transfer Your Data
    11.8 Delete All Data / Right to Erasure
    11.9 Restriction of Processing
    11.10 Complaints
    11.11 Newsletter and Marketing
12. Data Breach Procedures
13. Privacy Policy Changes
14. Venue & Jurisdiction
15. International Data Transfers & GDPR Disclaimer
    15.1 Server Locations
    15.2 Cross-Border Consent
    15.3 Safeguards
16. Use of Technology & Artificial Intelligence
    16.1 Pre-Engagement & Triage Confidentiality
    16.2 Strategic Confidentiality Commitment
17. Technical Role Designation (Modules)
18. Contact Us

By using this website as a user (hereafter “You”), You agree to the following Privacy Policy. Please read this policy carefully before using this website. 

This website is owned and operated by Openco S.A. (RUC: 155690046-2-2020), a corporation organized under the laws of the Republic of Panama, operating under the brand Open IT Global (“Company”, “we”, “our”, or “us”). Our principal place of business is located in Panama City, Panama. All administrative operations and data processing inquiries are managed during our Operational Hours: Monday through Friday, 9:00 AM to 5:00 PM (UTC-5), excluding official holidays in Panama.

For any privacy-related questions, you can reach us at contact@openitglobal.com. We respond to all data-related inquiries within one (1) business day during our Operational Hours, in accordance with the standards set forth in our Initial Contact Commitment (ICC).

We at Open IT Global respect Your privacy. This Privacy Policy is designed to explain how We collect, use, share, and protect the personal information You provide to us when You access Our website, purchase Our goods or services, or engage with us on social media, as well as Your own rights to the information We collect.

Please read this Privacy Policy carefully. We will alert You to any changes to this Policy by changing the “last updated” date at the top of this Policy. Any changes become effective immediately upon publication on Our website, and You waive specific notice of any changes to the Policy by continuing to use and access Our site(s). We encourage You to review this Privacy Policy periodically, when You use Our website for any purpose or engage with us on social media. You are deemed to have accepted any changes to any revised Privacy Policy by Your continued use of Our website after the revised Privacy Policy is posted.

Our services and this website are intended exclusively for international business entities (B2B). We do not knowingly offer services to, or collect data from, residents of the Republic of Panama or the Kingdom of Spain. If You are a resident of these jurisdictions, You are prohibited from using this site or providing personal data.

We collect a variety of information from You when You visit Our website, make purchases, or interact with us on social media. By accepting this Privacy Policy, You are specifically consenting to Our collection of the data described below, to Our use of the data, to the processing of this data, and to Our sharing of the data with third-party processors as needed for Our legitimate business interests The information We collect may include:

Personal Data is information that can be used to identify You specifically, including Your name, shipping address, email address, telephone number, job title, company information or demographic information like Your age, gender, or hometown. You consent to giving us this information by providing it to us voluntarily on Our website or any mobile application. You provide some of this information when You register with or make purchases from Our website. You may also provide this information by participating in various activities associated with Our site, including responding to blogs, contacting us with questions, or participating in group training. Your decision to disclose this data is entirely voluntary. You are under no obligation to provide this information, but Your refusal may prevent You from accessing certain benefits from Our website or from making purchases.  

When You provide information via our contact forms, such data is utilized to perform the Technical Triage described in our Initial Contact Commitment (ICC). Detailed technical specifications provided during this phase are governed by the protections in Section 2.2 (Technical Triage & Pre-Engagement Data).

When You submit an inquiry via our contact forms or book a Discovery Session, We collect “Technical Triage Data.” This includes project descriptions, system architectures, specific software versions (e.g., Oracle, Windchill, SAP, Salesforce), and corporate metadata.

• Purpose: This data is used exclusively to evaluate technical feasibility and verify B2B eligibility under our Initial Contact Commitment (ICC).
• Protection: This data is treated as a professional “Strategic Asset.” It is handled by senior consultants and is explicitly excluded from processing by public AI models, as detailed in our Technology & AI policy.

When You perform Your first purchase, a Client Dashboard account is automatically generated. We collect and store Your name, professional email, and a hashed (encrypted) version of the password You set in the Client Account section. This data is essential for the delivery of the Consulting Service Agreement (CSA) and managing Your digital access windows.

For the execution of Pillar 2 (Configuration & Customization) and specific Implementation Modules (e.g., Core Commerce, Subscription Engineering), We require temporary administrative access to Your host environment (e.g., Hostinger), Content Management System  (e.g., WordPress), and commerce engine (e.g., SureCart). This includes system credentials, URLs, configuration files, and environment metadata.

In accordance with our Consulting Engagement Management Protocol, this data is:

• Temporary: Access is strictly limited to the duration of the specific engineering sprint or technical task.
• Secure: Handled via Client-provided credentials, secure remote channels (VPN/Screen-sharing), or temporary “Manager/Administrator” roles within the hosting/CMS platform.
• Minimized: We only access the specific directories, database tables, and API keys required for the “Definition of Done” of the purchased Module.
• Auditability & AI Safety: We maintain internal logs of access for accountability. We do not input proprietary project architectures, system credentials, or Personally Identifiable Information (PII) into public AI models, as outlined in our Use of Technology & Artificial Intelligence policy.

In the course of providing Strategic Execution, Open IT Global may access Client systems (PLM/ERP). We do not store, harvest, or move Client data to external servers; all work is performed within the Client’s secure environment. This data is governed by the confidentiality provisions in the Consulting Services Agreement, located here: https://openitglobal.com/consulting-services-agreement/. Any temporary credentials provided by the Client should be revoked by the Client immediately upon project completion.

Derivative data is information that Our servers automatically collect about You when You access Our website, such as Your IP address, browser type, the dates and times that You access Our website, and the specific pages You view. If You are using a mobile application, Our servers may collect information about Your device name and type, Your phone number, Your country of origin, and other interactions with Our application.

Financial data includes information related to Your payment method. We collect this data to allow You to purchase services from Our website and to manage recurring billing logic for implementation projects.

• For Purchases from Open IT Global: We do not store or process full credit card numbers or CVV codes on Our servers. Data is transmitted directly to Our secure third-party payment processors (e.g., Stripe, PayPal). When You utilize the “+Add” feature in Your Client Dashboard, details are sent directly to the processor’s secure vault. We only store a secure “token” and limited metadata (e.g., transaction history and the last four digits of the card) for accounting and future checkout convenience.
• For Implementation Modules: For the Subscription Tier Engineering and Core Commerce modules, we implement “Secure Payment Tunneling” via Stripe or PayPal APIs within Your environment. This involves configuring secure webhook endpoints and recurring billing tokens. While we architect the technical logic for prorating, billing cycles, and checkout triggers, all sensitive financial data of Your end-users remains vaulted exclusively within the secure environments of the third-party processors.
• Compliance: All third-party processors are independently responsible for PCI DSS (Payment Card Industry Data Security Standard) compliance. In accordance with our B2B Export model, transactions are processed as international payments. You should review the respective Privacy Policies of these processors to determine how they protect financial data.

We may access personal information from social networking sites and apps, including Facebook, Instagram, Linkedin, Twitter, Snapchat or other social networking sites or apps not named specifically here, which may include Your name, Your social network username, location, email address, age, gender, profile picture, and any other public information. If You do not want us to access this information, please go to the specific social networking site and change Your privacy settings.

If You use Our website via a mobile device or app, We may collect information about Your mobile device, including device ID, model and manufacturer, and location information.

On occasion, You may give us additional data in order to enter into a contest or giveaway or to participate in a survey. You will be prompted for this information and it will be clear that You are offering this kind of information in exchange for an entry into such a contest or giveaway.

Your information allows us to provide elite technical consulting and proprietary assets, to fulfill our contractual obligations, and to maintain the high standards of Open IT Global. We process Your data to serve Our legitimate business interests and to ensure the seamless operation of the Client Dashboard.

Specifically, We use the information and data described above to:

1. Create and administer Your Client Dashboard account;

2. Deliver products or services purchased by You via the Client Dashboard and email;

3. Fulfill contractual obligations, including the provisioning of the Consulting Service Agreement (CSA) and onboarding instructions;

4. Process payments and maintain a Lifetime Order History for Your tax and accounting records;

5. Correspond with You regarding project roadmaps or support inquiries;

6. Process refunds or manage billing methods in Your Billing Account;

7. Verify license compliance and enforce the 10-day activation window;

8. Contact You about new technical offerings or “Engineering-Grade” updates;

9. Send You newsletters or updates about Our company (You may opt-out at any time);

10. Notify You of updates to Our product and service catalog;

11. Resolve disputes, troubleshoot technical problems, and assist law enforcement;

12. Prevent fraudulent activity on Our website;

13. Analyze trends to improve the technical accuracy and performance of Our website and offerings.

14. Perform Technical Triage to assess the alignment of Your systems with Our “Four Pillars of Execution” prior to formal engagement.

15. To facilitate the Two-Step Engagement Process: Utilizing submitted data to perform Technical Triage and determine eligibility for a Technical Discovery Session or a Consulting/Storefront Package purchase, in accordance with the standards of our Initial Contact Commitment (ICC).

By purchasing a product or service, You consent to our Dual-Notification Protocol. This includes the automated delivery of secure backup links for Digital Products or the Consulting Service Agreement (CSA) via email and the Client Dashboard.

These communications are deemed “Transactional” and are strictly necessary for the fulfillment of our contract. You acknowledge the following delivery framework:

• Verified Logs: For security purposes, the Company maintains logs of these communications to verify the successful delivery of proprietary assets and contractual documents.
• Automated Delivery: Secure links and Dashboard access are provisioned instantly upon checkout, regardless of the time of purchase.
• Human Support & Coordination: While delivery is automated, all manual administrative actions, technical support, and project coordination are governed by our Operational Hours (Mon–Fri, 9:00 AM – 5:00 PM UTC-5) and our Initial Contact Commitment (ICC).

For clients utilizing the Sales Momentum Bundle, we implement automated logic flows (Order Bumps and Post-Purchase Upsells). The processing of data for these modules is strictly “Logic-Based” (e.g., triggering an offer based on a SKU mapping). We do not use these triggers to collect, aggregate, or profile end-user behavior for any purpose outside of the Client’s specific storefront optimization.

We may share Your information with third parties in certain situations. In particular, We may share Your data with third-party processors as needed to serve Our legitimate business interests, which include administration of Our website, administration of Your account, entering into contracts with You, communicating with You, taking orders for goods or services, delivering Our goods and services, identifying trends, protecting the security of Our company and website, and marketing additional goods and services to You. The legal basis for Our disclosure of Your data is both Your Consent to this Privacy Policy and Our own right to protect and promote Our legitimate business interests.  

The following are specific reasons why We may share Your information.

Third-party Processing: We may disclose Your information to third parties who assist us with various tasks, including payment processing, hosting services, email delivery and customer service. For more information, see the “Third-party Processing” Section below.

By Law: We may share Your data as required by law or to respond to legal process, including a subpoena, or as necessary to protect the rights, property, and safety of others. This includes sharing information with other parties to prevent or address fraud and to avoid credit risks.

To Protect Our Company: We may use Your information to protect Our company, including to investigate and remedy any violations of Our rights or policies. We may also disclose Your information as reasonably necessary to acquire and maintain insurance coverage, manage risks, obtain financial or legal advice, or to exercise or defend against legal claims. 

We may share Your personal information with Our business affiliates who promote Our product(s) or service(s) for a commission fee. We require Our affiliates to honor this Privacy Policy. They are not allowed to spam You and must disclose they are an affiliate for us. If they do not do so, they are in violation of their affiliate terms and this Privacy Policy, and any violation of this nature should be reported to

We may use third-party advertising companies to run and manage Our ads to produce ads that appears when You visit Our Website or mobile app. These companies may use information about Your visit to Our website and other websites that are contained in web cookies (as described below) to offer You personalized advertisements about goods and services that might interest You. We cannot control the activities of, such other advertisers or web sites. You should consult the respective Privacy Policies of these third-party advertisers for more detailed information on their practices as well as for instructions about how to opt-out of certain practices.

We may share information with advertisers, Our investors, or other third-parties for the purpose of conducting general business analysis. If We do so, We will make reasonable efforts to inform You if required by law.

In the event that Our company is sold, goes out of business or enters bankruptcy, Your information may be an asset that is transferred to a third-party successor. Such a successor is not bound by Our Privacy Policy and may have its own. You will be notified in the event Our Company is sold, goes out of business or enters bankruptcy.

If You interact with others on Our website or mobile app, such as participating in a group chat or a group online course, other users may have access to some of Your data, including Your name, profile picture, and Your history of interaction with Our website, such as prior comments or posts.

When You post online, Your posts may be viewed by others, and We may distribute Your comments outside the website.

Our website may include hyperlinks to other websites not controlled by us. We suggest You exercise caution when clicking on a hyperlink. Although We use reasonable care in including a hyperlink on Our own web page, We do not regularly monitor the websites of these third-parties, are not responsible for any damage or consequences You suffer by using these hyperlinks. We are not bound by the Privacy Policies of any third-party website that You access by a hyperlink, nor are they bound by ours. We encourage You to read the Policies of those third-party websites before interacting with them or making purchases. They may collect different information and use? different methods than We do. 

We may disclose Your personal data as necessary to protect Your interests, or the vital interests of others or Our company.

Cookies, Log Files and Web Beacons: Like many other websites, We makes use of log files. These files merely logs visitors to the site – usually a standard procedure for hosting companies and a part of hosting services’ analytics. The information inside the log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date/time stamp, referring/exit pages, and possibly the number of clicks. This information is used to analyze trends, administer the site, track user’s movement around the site, and gather demographic information. IP addresses and other such information are not linked to any information that is personally identifiable.

We also use cookies – small text files sent to us by Your computer – and web beacons to store certain information. We may use cookies to authenticate Your identity, to determine if You are logged onto Our website, for personalization, for security, for targeted advertising, or for analysis of the performance of Our website and services. For example, cookies allow us to recommend blog posts to You based on what You have read on Our site in the past. We use cookies that are not specific to Your account but unique enough to allow us to analyze general trends and use, and to customize Your interaction with Our website.

Most browsers are set to accept cookies by default. In addition, when You first encounter Our website, You will be asked to “consent to cookies.” If You wish to disable cookies, You may do so through Your individual browser options. However, this may affect Your ability to use or make purchases from Our website. By continuing to use Our website and not disabling cookies on Your browser, You are consenting to Our use of cookies in accordance with the terms of this policy.

In addition, We may use third-party software to post advertisements on Our website or mobile app to oversee marketing or email campaigns, or manage other company initiatives. These third-party softwares may use cookies or similar tracking technology. We have no control over these third-parties or their use of cookies. For more information on opting out of interest-based ads, visit the Network Advertising Initiative Opt-Out Tool or Digital Advertising Alliance Opt-Out Tool.

We may partner with third-party analytic companies, including but not limited to Google Analytics. The analytic companies may also use cookies or other tracking technologies to analyze visitors’ use of Our website or mobile app to determine the popularity of the content, and better understand online activity. We do not transfer personal information to these third-party vendors.

To maintain our boutique service standards, we utilize industry-standard third-party applications for scheduling, video conferencing, and project management. Your data may be processed through these platforms as necessary to facilitate our consulting sessions.

In most circumstances, We do not process Your information in-house, but give it to third-party processors for processing. For example, when PayPal takes Your payment information, they are a third-party processor. They process Your payment and remit the funds to Us.

We may, from time to time, process Your data internally. Our purposes in processing this information is to administer, maintain, and improve Our website and offerings, to enter into contracts with You, to fulfill the terms of those contracts, to keep records of Our transactions and interactions, to be able to provide You with goods and services, to comply with Our legal obligations, to obtain professional advice, and to protect the rights and interests of Our company, Our customers (including You), and any third-parties. We may process the following data: 

1. Data associated with Your account, such as Your name, address, email address and payment information.

2. Data about Your usage of Our website, such as Your IP address, geographical information, and how long You accessed Our website and what You viewed.

3. Data related to Your personal profile, such as Your name, address, profile picture, interests and hobbies, or employment details.

4. Data that You provide us in the course of using Our services.

5. Data that You post on Our website, such as comments or responses to blogs.

6. Data that You submit to us when You make an inquiry regarding Our website or offerings.

7. Data related to Your transactions with us, including Your purchase of Our goods or services. This information may include contact details and payment information.

8. Data that You provide to us when You subscribe to Our emails or newsletters, including Your email address and contact information.

9. Data that You submit to us via correspondence, such as when You email us with questions.

10. Any other data identified in this policy, for the purpose of complying with Our legal obligations, or to protect the vital interests of You or any other natural person.

In alignment with our boutique standards, we prioritize the processing of contact data for newly purchased consulting packages and qualified business inquiries. Per our Initial Contact Commitment (ICC), we utilize Your provided to perform a Technical Triage and initiate the execution roadmap within one (1) business day. This processing is strictly limited to project coordination and is conducted within our defined Operational Hours. This ensure that Your data is used exclusively to transition from purchase to technical delivery without unnecessary delay.

We retain personal data only for as long as is necessary to conduct Our legitimate business purposes, comply with legal/tax obligations, and enforce Our professional agreements.

Certain personal information is retained indefinitely to maintain Your Client Dashboard account and Lifetime Order History. Data gathered for specific purposes (such as assisting law enforcement) will not be kept longer than necessary for that purpose. You may request deletion of Your data at any time; however, We reserve the right to retain data necessary for the fulfillment of active contracts or legal record-keeping.

Specifically regarding Digital Products and Consulting Services, We retain technical logs—including IP addresses, timestamps of access, and download/document status—to ensure the integrity of Our high-stakes delivery process. This data is utilized to:

1. Verify successful delivery of proprietary technical assets and the Consulting Service Agreement (CSA);
2. Enforce the 10-day activation window for Digital Products;
3. Monitor for unauthorized distribution, account sharing, or licensing violations;
4. Track the 6-month execution window for Consulting Hour Packages and Technical Discovery Sessions to ensure contractual compliance and accurate utilization reporting.

While specific delivery logs may be truncated or anonymized following the expiration of an activation window, basic metadata and proof-of-delivery records are retained for the duration of Your account’s Lifetime Order History to support Your tax and accounting requirements.

This website is not designed for use by children under age 18, and We do not knowingly solicit personal data from anyone under age 18. If You are under age 18, do not access or use Our website or related products or services. If You become aware that We have collected data of anyone under the age of 18, please contact us so that We may delete that data.

Open IT Global provides two distinct categories of communication. Your rights regarding these communications are as follows:

If You no longer wish to receive secondary communications, such as newsletters, technical insights, or new product offerings, You may opt out by:

• Clicking the “Unsubscribe” link at the bottom of any marketing email.
• Contacting us during Operational Hours at contact@openitglobal.com.

By maintaining a Client Dashboard account or purchasing a Service, You acknowledge that certain communications are necessary for the fulfillment of Our contract. You cannot opt out of “Transactional” emails, which include:

• Client Dashboard Account creation and password reset notifications.
• Automated delivery of Digital Products and secure backup links.
• Provisioning of the Consulting Service Agreement (CSA) and Onboarding instructions.
• Invoices, receipts, and 10-day activation window reminders.

If You wish to cease all Transactional Communications, You must request the formal closure of Your Client Dashboard account and the termination of any active Service agreements. Please note that such closure does not entitle You to a refund of previously purchased assets or reserved consulting hours.

You have certain rights with respect to Your personal data. We reserve the right to request evidence of Your identity before taking action. Your rights may be restricted or nullified to the extent they conflict with Our compelling business interests, the public interest, or the law.

Access to Your Downloads, Orders, Invoices, and signed Consulting Service Agreements (CSA) is protected by the password You set. You are solely responsible for maintaining the confidentiality of Your login credentials and for all activities that occur under Your account. Open IT Global shall not be liable for any unauthorized access, loss, or damage resulting from Your failure to secure Your account or password.

You have the right to update or change any information You have provided to us. To update or delete Your information, please contact us at contact@openitglobal.com.

You have the right to request that We confirm what data We hold about You, and for what purposes. You also have the right to confirmation of whether We process Your data or deliver Your data to third-party processors, and for what purposes. We will supply You with copies of Your personal data unless doing so would affect the rights and freedoms of others.

You have the right to change Your consent to Our use of Your information. In such cases, We may require You to delete Your account with us, as described above, and You may not have full access to Our website.

You have the right to opt-out of receiving marketing communications. The specific procedures and the distinction between optional Marketing and mandatory Transactional/Contractual communications are detailed in Section 10 of this Policy.

You have the right to request a digital copy of the data that We hold about You. We will provide the first copy of Your personal data free of charge; subsequent or manifestly unfounded/excessive requests will incur a reasonable fee.

You have the right to request that We gather and transfer Your data to another controller, in a commonly used and machine-readable format, unless doing so would cause us an undue burden.

You have the right to request that We delete the personal data We hold about You. However, in accordance with global privacy standards and Our professional protocols, We reserve the right to defer or refuse the deletion of specific records, including:

• Signed Consulting Service Agreements (CSA) and onboarding records;
• Financial transaction data and tax-compliant invoices;
• Technical Validation Logs and “Definition of Done” receipts for Commerce Implementation Modules;
• Execution logs required to verify the fulfillment of Our non-refundable Service Level Agreements (SLA).

Retention of these records is necessary to comply with legal/accounting obligations and to maintain the integrity of Our service delivery records. A request for total data erasure will result in the immediate termination of Your Client Dashboard account, the forfeiture of any remaining 10-day download windows, and the expiration of any unused consulting hours without a refund. Retention of these records is necessary to comply with Panamanian commercial law and international export regulations, which require us to maintain proof of the foreign residency of our B2B clients for tax and audit purposes.

In some circumstances You may restrict the processing of Your data, such as when You contest the accuracy of Your data or when You have objected to processing, pending the verification of that objection. When processing has been restricted, We will continue to store Your data but will not pass it on to third-party processors without Your consent, or as necessary to comply with legal obligations or protect Your rights or those of others or Our company. In addition, You may opt out of any processing of Your data altogether. Note: If You object to or restrict processing that is essential for fulfilling Our contract with You (e.g., processing payment, delivering the product, or maintaining your purchase records), such action may prevent Us from fulfilling Our obligations and may result in a termination of Your account with us and You may have limited or no use of Our website. 

You have the right to complain to a supervising authority if You believe We are misusing Your data or have violated any of Your rights under this Privacy Policy or applicable law.

You may volunteer certain information to Us that is used for email and marketing purposes. This information includes, but is not limited to, Your name and email. You can unsubscribe from any future communications via email, but We reserve the right to maintain a database of past email subscribers. We reserve the right to use this information as reasonably necessary in Our business and as provided by law. Your information will be shared with reasonably necessary parties for the ordinary course of conducting Our business, such as through Facebook ads or other marketing campaigns.

As a boutique firm, we take the security of your data personally. We implement industry-standard encryption and rely on secure, recognized third-party processors. In the unlikely event of a data loss or compromise, we will notify the relevant authorities within 72 hours of discovery, where required by applicable law.

Affected clients will be notified via email without undue delay, including those who have provided information during the Technical Triage phase but have not yet entered a formal engagement. Because we utilize third-party applications for scheduling and payment, we will work closely with those providers and you to determine necessary steps, such as credential rotation or patch implementation, to secure your environment.

Regarding Implementation Modules: Because we operate within Client-hosted environments (e.g., Hostinger, WordPress), our security protocol requires that all temporary administrative credentials provided to us be revoked by the Client immediately upon the conclusion of the 7-Day Technical Review. Open IT Global is not liable for breaches occurring in the Client’s environment due to unrevoked credentials or third-party hosting vulnerabilities.

Notification timelines and remedial actions are calculated based on our Operational Hours. While our technical systems are monitored 24/7 by our third-party hosts, administrative notifications and client correspondence regarding security will be initiated during our Operational Hours.

Although most changes are likely to be minor, We may change our Privacy Policy from time to time, and at Our sole discretion.

The laws of the Republic of Panama shall govern this Policy. Any dispute or claim arising out of or relating to this Policy shall be resolved exclusively through binding arbitration in Panama City, Panama, administered by the Center for Conciliation and Arbitration of Panama (CeCAP) or the Conciliation and Arbitration Center of the Chamber of Commerce, Industries and Agriculture of Panama (CeCOM).

This website’s servers are located within the United States. If you are visiting this website from outside the United States, your personal data will be transferred to and processed in the United States.

Openco S.A. is a Panamanian corporation. By using our services, You explicitly consent to the transfer and processing of Your data in both the United States and Panama as necessary for the fulfillment of our B2B Export contracts.

For residents of the EU or UK, We rely on Standard Contractual Clauses (SCCs) to govern the transfer of Your personal data. You have the right to object to this processing at any time, noting that such objection may prevent the fulfillment of our Service agreements.

Open IT Global may utilize Large Language Model (LLM)-augmented content strategies to optimize technical documentation, code structure, and linguistic accuracy.

In accordance with our Initial Contact Commitment (ICC), any technical data, project descriptions, or corporate metadata provided during the Technical Triage phase are treated as strictly confidential. We do not utilize public AI models to process, summarize, or analyze the specific contents of Your initial inquiry or triage data.

We maintain strict operational boundaries and do not input proprietary client code, sensitive project architectures, or Personally Identifiable Information (PII) into public AI models. All AI-assisted output is subjected to our Engineering-Grade Scrutiny, meaning a senior consultant personally verifies all logic, configurations, and code before it is presented as a Deliverable.

We do not use “black-box” automated solutions for client environments; our process ensures technical accuracy and total compliance with the Client’s specific enterprise requirements through direct human oversight. This includes the manual verification of all Secure Payment Tunneling and Subscription Lifecycle logic to ensure that financial triggers and prorating calculations function with 100% technical accuracy before the handover.

For the execution of the Compliance Architecture Framework and Core Commerce Implementation, Open IT Global acts solely as a Technical Processor.

• Infrastructure vs. Content: We deploy the technical infrastructure for legal nodes (Terms, Privacy, etc.) and footer synchronization. However, the Client remains the Data Controller for all text, policies, and legal disclosures hosted within those nodes.
• Third-Party Integrations: Where we integrate 3rd-party legal generators at the Client’s request, the Client is responsible for maintaining the subscriptions and legal accuracy of those external services.

If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact our Data Privacy Liaison at: Email: contact@openitglobal.com

Omnibus Effect: This document is part of the Open IT Global Legal Framework. It is designed to be read in conjunction with our Master Terms and Conditions, Legal Notice, and Initial Contact Commitment (ICC). Use of the Site or purchase of any Product or Service (as defined in our Global Definitions) constitutes an Omnibus Acceptance of the entire Framework and all linked policies.