OpenCongress — Privacy Policy

Effective Date: February 20, 2026 · Last Updated: February 20, 2026

1. Introduction

OpenCongress (“we,” “us,” or “our”) operates the website and service at opencongress.app (the “Service”). This Privacy Policy describes how we collect, use, store, and protect your personal information when you use the Service.

We are committed to transparency about our data practices. As a congressional transparency platform, we believe our own operations should reflect the same standard.

2. Information We Collect

2.1 Information You Provide

Account information: Email address, name, and password when you create an account.
Billing information: Payment details are collected and processed by our payment processor, Stripe. We do not store your credit card number, CVV, or full payment details on our servers. We receive and store a Stripe customer ID and basic subscription status.
Location information: If you provide a zip code or address to identify your congressional representatives, we store this to personalize your experience.
User preferences: Your followed members, topic lists, notification preferences, and other settings you configure within the Service.

2.2 Information Collected Automatically

Usage data: Pages visited, features used, session duration, and interaction patterns. We use this data to improve the Service.
Device information: Browser type, operating system, and device type.
IP address: Collected for security purposes and to approximate your general location. We do not use IP addresses for targeted advertising.
AI interaction data: Queries submitted to the AI assistant, including the query text and response metadata (token count, response time, tools used). This data is used to improve AI quality and monitor usage against your subscription allocation. AI query content may be reviewed in aggregate to improve the service but is not shared with third parties.

2.3 Information We Do NOT Collect

Advertising data: We do not collect data for advertising purposes. We do not serve ads.
Biometric data: We do not collect fingerprints, facial recognition data, or other biometric identifiers.

3. How We Use Your Information

We use your information to:

Provide the Service: Personalize your experience, display your followed members and topic lists, send notifications you've configured, and deliver AI responses.
Process payments: Manage your subscription through Stripe.
Improve the Service: Analyze usage patterns in aggregate to identify popular features, fix bugs, and prioritize development.
Communicate with you: Send account-related emails (subscription confirmations, payment receipts, password resets) and, if you opt in, product updates or newsletters.
Ensure security: Detect and prevent fraud, abuse, and unauthorized access.

We do NOT use your information to:

Serve advertisements
Sell to third parties
Build marketing profiles
Train AI models on your individual queries (queries may be used in aggregate to evaluate AI quality)

4. How We Share Your Information

We do not sell your personal information. We share your information only in the following limited circumstances:

4.1 Service Providers

We use third-party service providers to operate the Service:

Stripe: Payment processing. Stripe receives your payment information and is subject to Stripe's privacy policy.
Hosting providers: Our servers are hosted by cloud infrastructure providers who may process data on our behalf under strict data processing agreements.
Email service providers: If you opt in to notifications, your email address is shared with our email delivery provider solely to send notifications you've configured.
AI providers: For paid tiers, your AI queries are processed by third-party AI model providers (such as Anthropic). Queries are sent to these providers to generate responses. We use providers that do not train on customer data sent through their API.

4.2 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request.

4.3 Business Transfers

If OpenCongress is acquired, merged, or sells substantially all of its assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

5. Data Retention

Account data: Retained as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
Billing records: Transaction records are retained for 7 years for tax and accounting compliance.
AI query logs: Query metadata (timestamps, token counts, cache status) is retained for 90 days for service quality and usage tracking. Query content is retained for 30 days and then deleted or anonymized.
Usage analytics: Aggregated, anonymized analytics data may be retained indefinitely.

6. Data Security

We implement commercially reasonable security measures to protect your personal information, including:

Encryption in transit (TLS/HTTPS) for all data transmitted between your browser and our servers
Encryption at rest for stored personal data
Access controls limiting employee access to personal data on a need-to-know basis
Regular security reviews of our infrastructure

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Rights

7.1 All Users

Access: You can request a copy of the personal data we hold about you.
Correction: You can update your account information at any time through your account settings.
Deletion: You can request deletion of your account and associated personal data by contacting us at privacy@opencongress.app.
Data portability: You can request an export of your data (follows, topic lists, notification preferences) in a machine-readable format.
Opt out of communications: You can unsubscribe from non-essential emails at any time using the unsubscribe link in any email.

7.2 California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

Right to know what personal information we collect, use, and disclose.
Right to delete your personal information, subject to certain exceptions.
Right to non-discrimination for exercising your privacy rights.
Right to opt out of sale of personal information. We do not sell personal information.

To exercise these rights, contact us at privacy@opencongress.app.

7.3 European Economic Area Residents (GDPR)

If you are located in the EEA, you have additional rights under the General Data Protection Regulation:

Legal basis for processing: We process your data based on: (a) your consent (account creation, notifications); (b) contractual necessity (providing the Service); and (c) legitimate interests (security, service improvement).
Right to restrict processing of your personal data.
Right to object to processing based on legitimate interests.
Right to lodge a complaint with a supervisory authority.

To exercise these rights, contact us at privacy@opencongress.app.

8. Cookies and Tracking

We use minimal cookies necessary to operate the Service:

Session cookies: To keep you logged in and maintain your session.
Preference cookies: To remember your settings and preferences.
Analytics: We use privacy-focused analytics to understand how the Service is used in aggregate. We do not use Google Analytics or other advertising-based tracking tools.

We do not use cookies for advertising, retargeting, or cross-site tracking.

9. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at privacy@opencongress.app.

10. Third-Party Links

The Service may contain links to third-party websites (such as Congress.gov, official government sources, or news articles). We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice on the Service at least 30 days before the changes take effect. The “Last Updated” date at the top of this policy indicates when it was last revised.

12. Contact

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at:
Email: privacy@opencongress.app
Website: opencongress.app

OpenCongress — Privacy Policy

Effective Date: February 20, 2026 · Last Updated: February 20, 2026

1. Introduction

We are committed to transparency about our data practices. As a congressional transparency platform, we believe our own operations should reflect the same standard.

2. Information We Collect

2.1 Information You Provide

Account information: Email address, name, and password when you create an account.
Billing information: Payment details are collected and processed by our payment processor, Stripe. We do not store your credit card number, CVV, or full payment details on our servers. We receive and store a Stripe customer ID and basic subscription status.
Location information: If you provide a zip code or address to identify your congressional representatives, we store this to personalize your experience.
User preferences: Your followed members, topic lists, notification preferences, and other settings you configure within the Service.

2.2 Information Collected Automatically

Usage data: Pages visited, features used, session duration, and interaction patterns. We use this data to improve the Service.
Device information: Browser type, operating system, and device type.
IP address: Collected for security purposes and to approximate your general location. We do not use IP addresses for targeted advertising.
AI interaction data: Queries submitted to the AI assistant, including the query text and response metadata (token count, response time, tools used). This data is used to improve AI quality and monitor usage against your subscription allocation. AI query content may be reviewed in aggregate to improve the service but is not shared with third parties.

2.3 Information We Do NOT Collect

Advertising data: We do not collect data for advertising purposes. We do not serve ads.
Biometric data: We do not collect fingerprints, facial recognition data, or other biometric identifiers.

3. How We Use Your Information

We use your information to:

Provide the Service: Personalize your experience, display your followed members and topic lists, send notifications you've configured, and deliver AI responses.
Process payments: Manage your subscription through Stripe.
Improve the Service: Analyze usage patterns in aggregate to identify popular features, fix bugs, and prioritize development.
Communicate with you: Send account-related emails (subscription confirmations, payment receipts, password resets) and, if you opt in, product updates or newsletters.
Ensure security: Detect and prevent fraud, abuse, and unauthorized access.

We do NOT use your information to:

Serve advertisements
Sell to third parties
Build marketing profiles
Train AI models on your individual queries (queries may be used in aggregate to evaluate AI quality)

4. How We Share Your Information

We do not sell your personal information. We share your information only in the following limited circumstances:

4.1 Service Providers

We use third-party service providers to operate the Service:

Stripe: Payment processing. Stripe receives your payment information and is subject to Stripe's privacy policy.
Hosting providers: Our servers are hosted by cloud infrastructure providers who may process data on our behalf under strict data processing agreements.
Email service providers: If you opt in to notifications, your email address is shared with our email delivery provider solely to send notifications you've configured.
AI providers: For paid tiers, your AI queries are processed by third-party AI model providers (such as Anthropic). Queries are sent to these providers to generate responses. We use providers that do not train on customer data sent through their API.

4.2 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request.

4.3 Business Transfers

If OpenCongress is acquired, merged, or sells substantially all of its assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

5. Data Retention

Account data: Retained as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
Billing records: Transaction records are retained for 7 years for tax and accounting compliance.
AI query logs: Query metadata (timestamps, token counts, cache status) is retained for 90 days for service quality and usage tracking. Query content is retained for 30 days and then deleted or anonymized.
Usage analytics: Aggregated, anonymized analytics data may be retained indefinitely.

6. Data Security

We implement commercially reasonable security measures to protect your personal information, including:

Encryption in transit (TLS/HTTPS) for all data transmitted between your browser and our servers
Encryption at rest for stored personal data
Access controls limiting employee access to personal data on a need-to-know basis
Regular security reviews of our infrastructure

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Rights

7.1 All Users

Access: You can request a copy of the personal data we hold about you.
Correction: You can update your account information at any time through your account settings.
Deletion: You can request deletion of your account and associated personal data by contacting us at privacy@opencongress.app.
Data portability: You can request an export of your data (follows, topic lists, notification preferences) in a machine-readable format.
Opt out of communications: You can unsubscribe from non-essential emails at any time using the unsubscribe link in any email.

7.2 California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

Right to know what personal information we collect, use, and disclose.
Right to delete your personal information, subject to certain exceptions.
Right to non-discrimination for exercising your privacy rights.
Right to opt out of sale of personal information. We do not sell personal information.

To exercise these rights, contact us at privacy@opencongress.app.

7.3 European Economic Area Residents (GDPR)

If you are located in the EEA, you have additional rights under the General Data Protection Regulation:

Legal basis for processing: We process your data based on: (a) your consent (account creation, notifications); (b) contractual necessity (providing the Service); and (c) legitimate interests (security, service improvement).
Right to restrict processing of your personal data.
Right to object to processing based on legitimate interests.
Right to lodge a complaint with a supervisory authority.

To exercise these rights, contact us at privacy@opencongress.app.

8. Cookies and Tracking

We use minimal cookies necessary to operate the Service:

Session cookies: To keep you logged in and maintain your session.
Preference cookies: To remember your settings and preferences.
Analytics: We use privacy-focused analytics to understand how the Service is used in aggregate. We do not use Google Analytics or other advertising-based tracking tools.

We do not use cookies for advertising, retargeting, or cross-site tracking.

9. Children's Privacy

10. Third-Party Links

11. Changes to This Privacy Policy

12. Contact

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at:
Email: privacy@opencongress.app
Website: opencongress.app

Search

OpenCongress — Privacy Policy

1. Introduction

2. Information We Collect

2.1 Information You Provide

2.2 Information Collected Automatically

2.3 Information We Do NOT Collect

3. How We Use Your Information

4. How We Share Your Information

4.1 Service Providers

4.2 Legal Requirements

4.3 Business Transfers

4.4 With Your Consent

5. Data Retention

6. Data Security

7. Your Rights

7.1 All Users

7.2 California Residents (CCPA)

7.3 European Economic Area Residents (GDPR)

8. Cookies and Tracking

9. Children's Privacy

10. Third-Party Links

11. Changes to This Privacy Policy

12. Contact

Search

OpenCongress — Privacy Policy

1. Introduction

2. Information We Collect

2.1 Information You Provide

2.2 Information Collected Automatically

2.3 Information We Do NOT Collect

3. How We Use Your Information

4. How We Share Your Information

4.1 Service Providers

4.2 Legal Requirements

4.3 Business Transfers

4.4 With Your Consent

5. Data Retention

6. Data Security

7. Your Rights

7.1 All Users

7.2 California Residents (CCPA)

7.3 European Economic Area Residents (GDPR)

8. Cookies and Tracking

9. Children's Privacy

10. Third-Party Links

11. Changes to This Privacy Policy

12. Contact