Terms of Service

Status: DRAFT — Not yet reviewed or finalized.

These Terms of Service ("Terms") constitute a legally binding agreement between you ("Customer," "you," or "your") and Baldwin MN LLC ("OpenGander," "we," "us," or "our") governing your access to and use of the OpenGander platform, including our website at opengander.com, our application at app.opengander.io, our browser SDK, our APIs, and all related services (collectively, the "Service").

By creating an account, accessing, or using the Service, you agree to be bound by these Terms. If you are entering into these Terms on behalf of a company or other legal entity, you represent that you have the authority to bind that entity. If you do not agree to these Terms, do not use the Service.

1. Definitions

• "Authorized User" means any individual who is granted access to the Service under a Customer's account, including the Customer's employees, contractors, and — where the Customer is an agency — the employees and representatives of the Customer's downstream clients.
• "Customer Data" means all data that a Customer or its Authorized Users upload, submit, or transmit to the Service, including account configuration, domain settings, integration credentials, and any content entered into the platform.
• "End User" means a visitor to a website or digital property where the Customer has installed the OpenGander SDK or tracking code.
• "End User Data" means the telemetry, analytics, and behavioral data collected by the OpenGander SDK from End Users' interactions with the Customer's instrumented websites and digital properties.
• "SDK" means the OpenGander browser Software Development Kit, including opengander-sdk.js and any related code provided by OpenGander for installation on Customer websites.
• "Subscription" means the Customer's selected service plan, including any usage limits, feature entitlements, and associated fees.
• "Tenant" means a distinct organizational unit within the Service. Tenants may be organized hierarchically, where a parent Tenant (such as an agency) may contain child Tenants (such as the agency's clients).

2. Account Registration and Access

2.1 Account Creation

To use the Service, you must create an account by providing a valid email address and completing our authentication process. You agree to provide accurate, current, and complete information and to update such information as necessary.

2.2 Authentication

The Service uses passwordless authentication via magic links sent to your registered email address. You are responsible for maintaining the security of your email account. You agree to notify us immediately at [email protected] if you become aware of any unauthorized access to your account.

2.3 Multi-Tenant Access

OpenGander supports a hierarchical multi-tenant model:

• Direct Customers may create a Tenant for their organization and configure domains for SDK instrumentation.
• Agency Customers may create child Tenants for their clients. The agency retains administrative access to child Tenants as configured in the platform.
• Client Access: Downstream clients of an agency may be granted direct access to their own Tenant via invitation. The level of access is determined by the role assigned by the agency or Tenant administrator.

You are responsible for managing Authorized User access within your Tenant(s), including assigning appropriate roles, revoking access when no longer needed, and ensuring that Authorized Users comply with these Terms.

2.4 Role-Based Access

The Service provides four access levels: User, Moderator, Admin, and Super Admin. Each role has specific capabilities as documented in our platform. You agree to assign roles consistent with the principle of least privilege and to not grant administrative access to individuals who do not require it.

3. Use of the Service

3.1 Permitted Use

Subject to these Terms and payment of applicable fees, we grant you a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the Service during the Subscription term for your internal business purposes and, in the case of agencies, for the purpose of providing analytics services to your clients.

3.2 SDK Installation

You may install the SDK on websites and digital properties that you own or operate, or that you have been authorized to instrument by the website owner. You are responsible for ensuring that you have all necessary rights and authorizations to install the SDK on each property.

3.3 Acceptable Use

You agree not to:

• Use the Service in violation of any applicable law, regulation, or third-party rights.
• Install the SDK on websites you do not own or have authorization to instrument.
• Attempt to collect personal information of End Users through the SDK beyond what the SDK is designed to collect (as described in our Privacy Policy).
• Use the Service to track individuals across websites without their knowledge or consent, or in a manner that would violate applicable privacy laws.
• Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the Service (except to the extent permitted by applicable law that cannot be waived by contract).
• Access or attempt to access another Customer's data or Tenant without authorization.
• Interfere with or disrupt the integrity or performance of the Service or the data contained therein.
• Transmit any malware, viruses, or other harmful code through the Service.
• Use the Service to send unsolicited communications or for any purpose other than web analytics.
• Exceed any rate limits, usage quotas, or other technical limitations of the Service.
• Resell, sublicense, or make the Service available to third parties except as expressly permitted (i.e., agency access for clients).

3.4 Mandatory Consent Module

The OpenGander SDK includes a built-in consent module that automatically presents End Users with a consent prompt before any data collection occurs. This consent module:

• Detects the End User's jurisdiction using browser timezone and language signals (no IP geolocation or third-party lookups).
• Presents a full-page consent gate for End Users in strict-consent jurisdictions (including the EU/EEA, UK, Brazil, South Korea, Japan, India, and South Africa) and a consent banner for End Users in standard-consent jurisdictions (including the United States, Canada, and Australia).
• Defaults to strict (full-page gate) when jurisdiction cannot be determined.
• Honors the Do Not Track browser signal globally, preventing any data collection without further prompting.
• Collects zero data — no tokens, no telemetry, no localStorage writes — until the End User explicitly grants consent.

The consent module is mandatory and cannot be removed, bypassed, or downgraded by the Customer. Customers may customize the consent text, visual theme, and privacy policy URL, but may not reduce the consent level below what the End User's detected jurisdiction requires. Any attempt to circumvent or disable the consent module constitutes a material breach of these Terms.

3.5 Customer Compliance Obligations

Notwithstanding the built-in consent module, you remain responsible for:

• Maintaining a privacy policy on each website where the SDK is installed that accurately discloses the use of analytics tools, including OpenGander, and the data collected.
• Ensuring that your use of the Service, including the data collected by the SDK, complies with all applicable laws in the jurisdictions where your End Users are located.
• Ensuring compliance with the Children's Online Privacy Protection Act (COPPA) if the SDK is installed on any website directed to children under 13 years of age.
• Not deploying a modified, stripped, or partial version of the SDK that removes or disables the integrated consent module. The consent module is a built-in component of the SDK, not a separate file. Deploying any version of the SDK with the consent module removed or disabled constitutes a material breach of these Terms.

4. Fees and Payment

4.1 Subscription Fees

Access to the Service requires a paid Subscription unless you are participating in a free trial or free tier. Fees are based on the Subscription plan selected and are described on our pricing page or in a separate order form or statement of work.

4.2 Billing

Fees are billed in advance on a monthly or annual basis as selected at signup. All fees are quoted and payable in U.S. dollars unless otherwise agreed in writing. Payments are processed by Stripe. Accepted payment methods include major credit and debit cards (Visa, Mastercard, American Express). By providing payment information, you authorize Stripe to charge the applicable fees to your selected payment method.

4.3 Taxes

All fees are exclusive of taxes. You are responsible for all applicable taxes, including sales tax, use tax, VAT, and similar levies, except for taxes based on OpenGander's net income.

4.4 Late Payment

If payment is not received within 15 days of the due date, we may (a) charge interest at the lesser of 1.5% per month or the maximum rate permitted by law, and (b) suspend access to the Service upon 10 days' written notice.

4.5 No Refunds

Except as required by applicable law or as otherwise stated in a separate agreement, fees are non-refundable. If you cancel your Subscription mid-term, you will retain access through the end of the current billing period but will not receive a prorated refund.

5. Data Ownership and Licenses

5.1 Customer Data

You retain all right, title, and interest in and to your Customer Data. You grant OpenGander a limited, non-exclusive license to use, process, and store Customer Data solely for the purpose of providing and improving the Service.

5.2 End User Data

End User Data collected via the SDK is processed by OpenGander on behalf of the Customer. As between the Customer and OpenGander:

• The Customer owns and controls the End User Data collected from their instrumented websites.
• OpenGander processes End User Data as a service provider (or data processor, as applicable under GDPR) on the Customer's behalf and in accordance with our Privacy Policy and any applicable Data Processing Agreement.

5.3 Aggregated and De-Identified Data

We may use aggregated, anonymized, or de-identified data derived from Customer Data and End User Data solely for internal product improvement. Such aggregated data:

• Must be derived from the data of a minimum of 50 Customers combined, ensuring no individual Customer's data can be isolated or reverse-engineered.
• Will be retained for no longer than 2 years from the date of aggregation, after which it will be permanently deleted.
• Will not identify any individual Customer, Authorized User, or End User.
• May not be sold, published, shared externally, or disclosed to any third party for any purpose, including benchmarking, research reports, or marketing materials.

5.4 OpenGander Intellectual Property

OpenGander retains all right, title, and interest in and to the Service, including all software, technology, algorithms, user interfaces, documentation, trademarks, and other intellectual property. These Terms do not grant you any rights to OpenGander's intellectual property except the limited right to use the Service as described herein.

5.5 Feedback

If you provide suggestions, ideas, or feedback about the Service ("Feedback"), you grant OpenGander a perpetual, irrevocable, royalty-free, worldwide license to use, modify, and incorporate that Feedback into the Service without obligation to you.

6. Data Processing and Security

6.1 Data Processing

We process data in accordance with our Privacy Policy, which is incorporated into these Terms by reference. For Customers subject to GDPR or similar data protection laws, we will enter into a Data Processing Agreement (DPA) upon request.

6.2 Data Location

All data is currently processed and stored in the United States (AWS US-East-1). We will provide reasonable advance notice before materially changing the geographic location of data processing.

6.3 Dedicated Infrastructure

For enterprise Customers, OpenGander may offer dedicated ClickHouse instances or other dedicated infrastructure components under a separate agreement and pricing. Such arrangements will be documented in a separate order form or statement of work.

6.4 Security Measures

We maintain commercially reasonable technical and organizational security measures as described in our Privacy Policy. In the event of a security breach affecting your data:

• Customer Notification: OpenGander will notify affected Customers with a preliminary written notice within 48 hours of confirming a breach that affects their data. This timeline is designed to give Customers sufficient time to meet their own regulatory notification obligations (e.g., the 72-hour window under GDPR Article 33). The preliminary notice will include: (a) the nature of the breach, (b) the categories of data affected, (c) the approximate date and time of the breach, and (d) immediate remediation steps taken.
• Regulatory Notification: The Customer is responsible for notifying the relevant supervisory authority and affected individuals where required by applicable law. OpenGander will provide reasonable assistance in preparing such notifications.
• Full Incident Report: Within 30 days of the preliminary notice, OpenGander will provide a full incident report that includes: (a) a detailed root cause analysis, (b) the scope of data affected, (c) measures taken to prevent recurrence, and (d) any recommended actions for the Customer.

6.5 Data Export and Portability

During the Subscription term and for 30 days following termination, you may request an export of your Customer Data and End User Data in a machine-readable format. After this period, we will delete your data in accordance with our standard retention schedules.

7. Service Level and Availability

7.1 Availability Target

We target 99.9% uptime for the Service, measured monthly, excluding scheduled maintenance. This is a target, not a guarantee, unless a separate Service Level Agreement (SLA) has been executed.

7.2 Scheduled Maintenance

We will provide at least 48 hours' notice before scheduled maintenance that may affect Service availability. We will use commercially reasonable efforts to schedule maintenance during off-peak hours (nights and weekends, U.S. Eastern Time).

7.3 Support

Support is available via email at [email protected]. Response times and support levels may vary based on your Subscription plan.

8. Term and Termination

8.1 Term

These Terms are effective when you create an account and continue until terminated. Subscriptions renew automatically for successive periods equal to the initial Subscription term unless either party provides written notice of non-renewal at least 30 days before the end of the current term.

8.2 Termination for Convenience

You may terminate your Subscription at any time by providing written notice to [email protected]. Termination takes effect at the end of the current billing period.

8.3 Termination for Cause

Either party may terminate these Terms immediately upon written notice if the other party:

• Materially breaches these Terms and fails to cure such breach within 30 days after receiving written notice.
• Becomes insolvent, files for bankruptcy, or ceases to operate in the ordinary course of business.

8.4 Suspension

We may immediately suspend your access to the Service if:

• We reasonably believe your use violates these Terms or applicable law.
• Your use poses a security risk to the Service or other Customers.
• We are required to do so by law or governmental order.
• Your account is more than 30 days past due on payment.

We will provide notice of suspension and the reason therefor as soon as reasonably practicable.

8.5 Effect of Termination

Upon termination:

• Your right to access the Service ceases immediately (or at the end of the current billing period for termination for convenience).
• You may request an export of your data within 30 days of termination.
• After the 30-day post-termination period, we will delete your Customer Data and End User Data in accordance with our retention policies.
• Sections 5 (Data Ownership), 9 (Indemnification), 10 (Limitation of Liability), 11 (Disclaimer), and 13 (General) survive termination.

9. Indemnification

9.1 By Customer

You agree to indemnify, defend, and hold harmless OpenGander and its officers, directors, employees, and agents from and against any third-party claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising out of or related to:

• Your use of the Service in violation of these Terms.
• Your violation of any applicable law, including privacy and data protection laws.
• Your failure to maintain an adequate privacy policy or obtain required consents for SDK deployment.
• Any dispute between you and your End Users or your downstream clients relating to data collected through the Service.

9.2 By OpenGander

OpenGander agrees to indemnify, defend, and hold harmless the Customer from and against any third-party claims that the Service, as provided by OpenGander, infringes any U.S. patent, copyright, or trademark of such third party. This obligation does not apply to claims arising from (a) Customer's modification of the Service, (b) Customer's combination of the Service with non-OpenGander products, or (c) Customer's use of the Service after being notified to cease due to an infringement claim.

10. Limitation of Liability

10.1 Exclusion of Consequential Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NEITHER PARTY SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING DAMAGES FOR LOST PROFITS, LOST REVENUE, LOST DATA, LOSS OF BUSINESS OPPORTUNITY, OR LOSS OF GOODWILL, ARISING OUT OF OR IN CONNECTION WITH THESE TERMS, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL THEORY, EVEN IF THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

10.2 Cap on Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE TOTAL AGGREGATE LIABILITY OF OPENGANDER FOR ALL CLAIMS ARISING OUT OF OR IN CONNECTION WITH THESE TERMS SHALL NOT EXCEED THE GREATER OF (A) THE TOTAL FEES PAID BY THE CUSTOMER TO OPENGANDER DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (B) ONE HUNDRED U.S. DOLLARS ($100).

10.3 Exceptions

The limitations in Sections 10.1 and 10.2 do not apply to (a) either party's indemnification obligations, (b) either party's breach of confidentiality obligations, (c) Customer's payment obligations, or (d) liability that cannot be limited under applicable law.

11. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. OPENGANDER DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR COMPLETELY SECURE, OR THAT ANY DEFECTS WILL BE CORRECTED.

OPENGANDER MAKES NO WARRANTY REGARDING THE ACCURACY, COMPLETENESS, OR RELIABILITY OF ANY DATA OR ANALYTICS PROVIDED THROUGH THE SERVICE. ANALYTICS DATA IS PROVIDED FOR INFORMATIONAL PURPOSES AND SHOULD NOT BE THE SOLE BASIS FOR BUSINESS DECISIONS.

12. Confidentiality

12.1 Definition

"Confidential Information" means any non-public information disclosed by one party to the other in connection with these Terms, including business plans, technical data, product roadmaps, pricing, Customer Data, and End User Data.

12.2 Obligations

The receiving party agrees to (a) use Confidential Information only for purposes of performing under these Terms, (b) protect Confidential Information using at least the same degree of care it uses to protect its own confidential information (but no less than reasonable care), and (c) not disclose Confidential Information to third parties except to employees, contractors, and agents who need to know and are bound by confidentiality obligations at least as protective as these.

12.3 Exceptions

Confidential Information does not include information that (a) is or becomes publicly available without breach of these Terms, (b) was known to the receiving party before disclosure, (c) is independently developed without use of the Confidential Information, or (d) is lawfully received from a third party without restriction.

13. General Provisions

13.1 Governing Law

These Terms are governed by the laws of the State of Minnesota, without regard to its conflict of law provisions. Any dispute arising under these Terms shall be resolved exclusively in the state or federal courts located in Hennepin County, Minnesota, and each party consents to the personal jurisdiction of such courts.

13.2 Dispute Resolution

Before initiating any legal proceeding, the parties agree to attempt to resolve any dispute through good faith negotiation for a period of at least 30 days. Either party may initiate negotiation by sending written notice to the other party describing the dispute.

13.3 Assignment

You may not assign or transfer these Terms or any rights hereunder without the prior written consent of OpenGander, except in connection with a merger, acquisition, or sale of all or substantially all of your assets. OpenGander may assign these Terms without restriction.

13.4 Entire Agreement

These Terms, together with the Privacy Policy, any Data Processing Agreement, and any applicable order form or statement of work, constitute the entire agreement between you and OpenGander regarding the Service and supersede all prior agreements, proposals, and communications.

13.5 Amendments

We may modify these Terms from time to time. We will provide at least 30 days' notice of material changes by email to the address associated with your account. If you do not agree to the modified Terms, you may terminate your Subscription before the changes take effect. Your continued use of the Service after the effective date of modified Terms constitutes acceptance.

13.6 Severability

If any provision of these Terms is held to be unenforceable, the remaining provisions shall remain in full force and effect. The unenforceable provision shall be modified to the minimum extent necessary to make it enforceable while preserving its original intent.

13.7 Waiver

The failure of either party to enforce any provision of these Terms shall not constitute a waiver of that provision or any other provision.

13.8 Force Majeure

Neither party shall be liable for any delay or failure to perform due to causes beyond its reasonable control, including natural disasters, war, terrorism, pandemic, government actions, internet or telecommunications failures, or third-party service outages.

13.9 Notices

Notices to OpenGander shall be sent to [email protected]. Notices to you will be sent to the email address associated with your account. Notices are deemed received when sent via email.

13.10 Independent Contractors

The parties are independent contractors. Nothing in these Terms creates a partnership, joint venture, employment, or agency relationship.

14. Contact Information

For questions about these Terms, please contact us at:

Baldwin MN LLC
Email: [email protected]
Website: https://opengander.com