Scope
This policy explains how Migrate LLC, doing business as OpenRush, handles information for our website, app, API, MCP service, and support channels.
This Privacy Policy applies to OpenRush, including our website, dashboard, API, MCP server, documentation, support, communications, and related services. In this policy, the words we, us, and our mean Migrate LLC, a Wyoming limited liability company doing business as OpenRush.
This policy does not cover third-party websites, AI clients, platforms, integrations, or data providers that we do not control. Their own privacy policies apply to their services.
Information We Collect
We collect the information needed to run accounts, authenticate users, process payments, answer support requests, and return marketing intelligence.
Depending on how you use OpenRush, we may collect:
- Account information: name, email address, company, workspace, login method, account settings, and support history.
- Authentication and credential information: user IDs, OAuth grants, session metadata, API key metadata, credential status, and related security records. We do not intentionally show full secret API keys after creation.
- Billing information: plan, credits, usage, payment status, transaction identifiers, invoices, tax-related details, and limited payment metadata. Payment card details are processed by our payment provider.
- Product and API information: domains, URLs, keywords, competitors, prompts, requests, responses, logs, usage records, credit charges, configuration choices, and agent/client activity.
- Connected-source information: data you authorize us to access from search, analytics, advertising, website, content, or other business systems.
- Device and website information: IP address, browser type, pages viewed, referral information, approximate location, device identifiers, cookies, and similar technologies.
How We Use Information
We use information to provide OpenRush, secure it, improve it, support users, and meet legal obligations.
We may use information to:
- create, authenticate, and manage accounts;
- provide marketing intelligence, reports, API responses, MCP responses, and product features;
- process credits, payments, checkout sessions, invoices, and account usage;
- connect and maintain authorized integrations and data sources;
- monitor reliability, prevent abuse, debug errors, and protect the Service;
- respond to support, sales, privacy, and operational requests;
- measure product onboarding, website performance, and feature usage;
- develop, test, and improve OpenRush; and
- comply with law, enforce terms, and protect rights, safety, and security.
Customer Data
You control the business inputs and connected-source data you submit to OpenRush.
Customer Data may include domains, URLs, keywords, competitors, prompts, API payloads, reports, connected-source records, and other business context you submit or authorize. We process Customer Data to provide, support, secure, troubleshoot, improve, and develop the Service.
We do not claim ownership of Customer Data. You are responsible for making sure you have permission to submit it, connect it, and instruct us to process it.
AI Agents, MCP Clients, and API Use
If you connect an agent or client to OpenRush, that client may send your prompts, requests, and outputs through its own systems.
OpenRush is designed to work with AI agents, API clients, MCP clients, and automations. When you connect a third-party client, that client may receive, store, or process your prompts, tool calls, outputs, credentials, or related metadata under its own terms and privacy policy.
You should only connect clients you trust, use least-privilege credentials where possible, and review agent actions before relying on them for important business decisions.
Legal Bases Where Required
Where privacy laws require a legal basis, we rely on contract, legitimate interests, consent, and legal obligations.
Depending on where you are located and how you use the Service, our legal bases may include providing the Service under a contract, pursuing legitimate business interests, complying with legal obligations, protecting vital interests, or using consent where required.
Retention
We keep information for as long as needed to provide the Service, run the business, protect security, and meet legal obligations.
Retention periods vary based on the type of information, account status, security needs, billing and tax requirements, support needs, backups, legal obligations, and whether information is needed to prevent abuse or resolve disputes.
When information is no longer needed, we will delete, de-identify, or aggregate it where reasonably practical, subject to backups and legal or operational requirements.
Security
We use reasonable safeguards, but no internet service can be guaranteed perfectly secure.
We use technical and organizational measures designed to protect information, including access controls, provider security features, credential handling practices, monitoring, and operational safeguards. No method of transmission or storage is completely secure.
You can help protect your account by using strong authentication, limiting who can access your workspace and API keys, rotating credentials when needed, and connecting only trusted clients.
International Processing
Information may be processed in the United States and other places where we or our providers operate.
We are based in the United States. If you access the Service from another country, your information may be transferred to, stored in, or processed in the United States or other jurisdictions that may have different privacy laws than your location.
Your Choices and Rights
You can contact us to access, correct, delete, or export personal information, subject to legal and operational limits.
Depending on your location, you may have rights to request access, correction, deletion, portability, restriction, objection, or withdrawal of consent. You may also have the right to appeal a decision we make about a privacy request.
To make a request, contact us at support@openrush.com. We may need to verify your identity and account authority before acting on a request. We will not discriminate against you for exercising privacy rights.
US State Privacy Notices
Some US state laws provide additional rights. We will honor applicable rights based on your location and our legal obligations.
If a state privacy law applies to your personal information, you may have rights to know or access the categories and specific pieces of personal information we process, correct inaccurate information, delete information, obtain a portable copy, opt out of certain uses, limit certain sensitive-information uses, or appeal a rights decision.
We do not knowingly sell personal information. If we ever offer advertising or analytics practices that are considered sharing, targeted advertising, or sale under an applicable state law, we will provide the notices and choices required by that law.
Children
OpenRush is not directed to children.
The Service is intended for business users who are at least 18 years old. We do not knowingly collect personal information from children under 13. If you believe a child provided personal information to us, contact us and we will take appropriate steps.
Changes to This Policy
We may update this Privacy Policy as OpenRush and privacy requirements change.
We may update this Privacy Policy from time to time. If changes are material, we will take reasonable steps to notify you, such as posting the updated policy, updating the date above, or sending notice through the Service.
Contact
Privacy questions and requests can be sent to our support address.
Contact Migrate LLC doing business as OpenRush at support@openrush.com.