PRIVACY
Share less. Keep private material out of search.
Open Medici is built around public opportunity data. Search and matching work best with concise eligibility filters, not personal biographies.
Search and browsing
Search terms and filters appear in page or API URLs. URLs may be present in Nginx and Cloudflare request logs. Web infrastructure also receives network and request metadata needed to deliver and protect the service.
Do not put names, email addresses, CV text, application drafts, or other sensitive identifiers in search fields or API queries. Open Medici sends a narrow set of public-site events to PostHog: allowlisted public page paths and categories, page exits with elapsed duration, the referring hostname without its path or query, limited campaign tags, search and filter counts, result counts, approved official or application link clicks, AI-provider handoffs, and successful contact or update submissions.
Analytics does not send search text, raw page queries, form contents, email addresses, request identifiers, referrer paths or queries, or persistent browser or device identifiers. Browser-tab session storage holds a random pageview session identifier that expires after 30 minutes of inactivity and a per-document marker that prevents duplicate pageviews; neither is reused across tabs or later visits. An in-memory pageview ID links each $pageview to one $pageleave for bounce and duration calculations. Other approved actions retain one fixed aggregate identifier. Analytics does not use cookies, local storage, autocapture, session replay, heatmaps, person profiles, or API, MCP, feed, admin, and background-worker activity.
The server intentionally forwards the request IP to PostHog for traffic-quality checks and approximate geographic reporting. Web Analytics reports pages, sources, geography, bounce rate, and duration; its visitor and session figures represent short-lived browser-tab sessions, not durable people or cross-visit unique users. Retention and person-level reports are not valid for this design. If no trusted client IP is available, geographic enrichment is disabled rather than using the server address.
AI tools
The Find with AI experience builds and displays the research prompt in your browser. Open Medici copies it locally and opens ChatGPT or Claude only when you choose a separate provider link. It does not send the prompt or your answers to those providers from the Open Medici server.
Once you open an external provider and paste or enter information there, that provider’s terms and privacy practices apply. Remove names, email addresses, CV text, and other personal identifiers. Remote MCP and API search requests may also be present in service request logs.
Contact messages
The contact form collects an email address, message, topic, and any optional name or organization you provide. The message is stored for private review and may be routed through private notification channels. The email address is used to reply when needed.
A contact message is not added to alerts or a newsletter.
Update submissions and files
The update form can collect an optional email, program reference, subject, message, source URLs, and supporting files. Submissions are stored for review. Supporting files are quarantined, kept private, and malware-scanned; they are never published automatically.
Reviewed, source-backed facts may later be published to the public register. Private attachments and sender details are not part of public exports.
Newsletter
This release does not provide an active newsletter signup. Contact and update submissions are not newsletter subscriptions. Any future activation requires this notice and the visible consent flow to be updated first.
Cloudflare Turnstile
Turnstile is an optional form-protection control. When the deployment enables it, the form loads Cloudflare’s widget and sends its short-lived verification token with the submission for server-side checking. Cloudflare may process browser and network information under its own terms.
When Turnstile is required but not fully configured, the forms fail closed rather than accepting an unchecked submission.
Public data and external sources
Published opportunity data, public source links, and compatible exports are intentionally public. Exports are licensed CC BY 4.0 with attribution to Open Medici and the original sources. Do not submit private material expecting it to become part of that public dataset.
External official-source and AI-provider links leave Open Medici. Their own privacy practices apply after navigation.
Retention and questions
This notice does not invent or promise a fixed retention period. If you have a privacy question about a contact or update submission, use the privacy topic in the contact form and include enough information to identify your message without repeating sensitive content.