privacy

Last updated: August 29, 2025

This Privacy Policy explains how Ottoform LLC (“Ottoform,” “we,” “us,” or “our”) collects, uses and protects personal information when you use ottoform.ai, our related sites and our infrastructure services that power customer projects.

1. Scope & roles

• Controller: Ottoform is the controller for data we collect through our websites, support channels, billing, recruiting and compliance activities.
• Processor/service provider: For customer projects that run on our infrastructure (e.g., nctitletransfer.com), we process data strictly under the customer’s instructions. Those customers are the controllers for their end-user data.

2. Information we collect

• Contact and account information: your name, email address, phone number and company or role.
• Billing details: limited payment metadata such as billing name and address. Card numbers and full payment details are handled by our payment processor (Stripe) and are not stored by us.
• Usage data: device and browser type, IP address and approximate location derived from the IP, pages viewed, referral and campaign parameters, cookie identifiers and support or chat transcripts.
• Operational content (processor role): documents, form fields, signatures, IDs and other content you or your customers submit to projects hosted on our platform.

3. How we use information

• Provide, secure and operate our sites and infrastructure services.
• Communicate about account setup, onboarding, billing and product updates.
• Detect, investigate and prevent fraud, abuse and security incidents.
• Comply with legal, tax and regulatory requirements and maintain business records.
• Analyse aggregated, pseudonymous usage metrics to improve reliability and user experience.

4. Sharing information

We do not sell personal information. We may share limited data with:

• Service providers: vendors that provide hosting, communications, payment processing, analytics and other functions. They are bound by contracts requiring confidentiality and data protection.
• Legal and safety authorities: when required to comply with law, enforce our agreements or protect rights, property or safety.
• Corporate events: in connection with a merger, acquisition, financing or sale of assets.

5. SMS, calls and messaging

By providing your phone number, you consent to receive calls or texts about your account, security or transactions. Message and data rates may apply. To opt out, text STOP; for help, text HELP. Carriers are not liable for delayed or undelivered messages.

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

6. Data retention & security

We retain information only as long as needed to provide services and meet legal and regulatory requirements. Processor-role data is retained according to our customers’ instructions. We use layered security controls, including encryption in transit, role-based access controls, secure document storage, network segmentation and monitoring. No method of transmission or storage is 100 % secure; we continually work to reduce risk and respond to issues.

7. Your rights & choices

• Access, correction and deletion: to request a copy of your data or ask us to correct or delete it, contact legal@ottoform.ai. For data submitted through a customer project, contact that project directly.
• Communication preferences: you can unsubscribe from marketing emails via the link in each message. Text STOP to opt out of SMS communications.

8. International use

Ottoform operates in the United States, and personal data may be processed in the U.S. under U.S. law. If you access our services from another country, you consent to the transfer of data to the U.S.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will update the “Last updated” date above and provide additional notice when required.

10. Security (detail)

We follow a defence-in-depth strategy: encryption (in transit and provider-managed at rest), least-privilege access, monitoring, vulnerability management, incident response, backups and continuity. We review access rights periodically, update dependencies and protect against common web vulnerabilities. Document uploads are transmitted over encrypted channels, stored securely and access-logged. If you find a vulnerability, please email legal@ottoform.ai with steps to reproduce, impact and your contact details. Do not publicly disclose until we confirm a fix.

11. Accessibility (summary)

We aim to meet WCAG 2.2 Level AA. We consider keyboard navigation, semantics, focus states, labels, contrast and responsive layouts. For alternative formats or assistance, contact legal@ottoform.ai or +1 (980) 701-5265.

12. Contact us

For privacy questions, email legal@ottoform.ai. You can also visit the contact page.