OOSIRIS

Privacy Policy

Last updated: 5 June 2026

OSIRIS ("we", "us") provides Iris, an AI front-desk and CRM platform for home-services businesses. This policy explains what we collect, why, and the choices you have. We keep it plain and short on purpose.

Who controls the data

For the business owner's account information, OSIRIS is the data controller. For the customer/contact records a business stores in Iris, the business is the controller and OSIRIS is the processor — we process that data only to provide the service to that business.

What we collect

Account data — your name, business name, email, phone, and login credentials (passwords are stored only as salted scrypt hashes; we never see them in plain text).
Business content you add — contacts/leads, calls, messages, bookings, deals, invoices, notes and tasks you create or import.
Usage analytics — which screens and actions you use, and when, to power "Iris Assist" and improve the product. This is behavioural counts only — never your customers' personal data.
Technical data — IP address and basic request logs for security and reliability.

How we use it

To provide and operate the CRM, calendar, messaging and AI features you've enabled.
To generate AI suggestions and briefings. When AI features are on, relevant non-sensitive context may be sent to our AI provider (Anthropic) solely to produce your result; it is not used to train their models.
To secure the service (rate-limiting, abuse prevention) and to fix problems.

We do not sell your data or your customers' data, and we don't use it for third-party advertising.

Sharing

We share data only with sub-processors that help us run the service — e.g. our hosting provider (Render) and, when you enable AI, Anthropic. Each is bound to protect the data. We may disclose data if required by law.

Security & retention

Data is transmitted over HTTPS, sessions are signed (HMAC) and HttpOnly, and access is role-gated. We retain your data while your account is active. You can export (CSV/vCard) at any time, and clear or delete data from within the app.

Your rights

You can access, export, correct or delete your data using the in-app tools, or by contacting us. Depending on your region (e.g. GDPR/CCPA) you may have additional rights, including objection and portability.

Contact

Questions or requests: privacy@osiris.one.

← Back to OSIRIS