Security at Ottopen

Ottopen is designed for private creative work. Manuscripts, story notes, adaptation drafts, and generated audio are protected with account-scoped access controls, private file handling, and authorization checks before sensitive actions.

Account-scoped access

Projects, manuscripts, chapters, notes, adaptation outputs, and audio assets are designed to be accessible only to the account or workspace authorized to use them.

Private manuscript and audio handling

Ottopen keeps manuscript and generated audio assets in private storage. Preview and test audio is offered as playback inside Ottopen, while final audio downloads use expiring access links instead of permanent public file links.

Provider use is user-initiated

Ottopen sends selected text or instructions to AI or audio providers only when you choose a feature that requires processing, such as revision, adaptation, voice preview, or chapter rendering.

Privacy-conscious logging

Ottopen avoids sending manuscript text, full chapters, or generated audio transcripts to analytics. Operational logs should use structured metadata such as status, error type, and usage state.

Billing safeguards

For paid audio generation, Ottopen shows or confirms usage before final rendering. Failed renders are not treated as successful finished output when the render does not complete.

Abuse prevention

Ottopen uses safeguards to reduce misuse of expensive AI, adaptation, and audio workflows.

Internal security reviews

We continue to review access controls, storage permissions, billing safeguards, and provider integrations as the product grows.

Vulnerability reporting

If you believe you found a security issue, email security@ottopen.app with reproduction steps, screenshots, and any affected account details you are comfortable sharing.