Privacy Policy

Last Updated October 27, 2024

Overview

Omniflo Limited ("we", "us", or "our") is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (omniflo.ai) and use our AI consulting and development services.

Data Controller: Omniflo Limited, registered in England and Wales (company number TBC), with registered office at 281 Kennington Lane, London, SE11 5AR, United Kingdom. We are the data controller responsible for your personal information.

This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We offer our Services to customers and users directly or via resellers. Where we refer to "Customers", we mean organizations that have entered into a service agreement with us. Customer website users or visitors are referred to as "End Users."

By using or accessing our website and Services, you accept the practices and policies outlined in this Privacy Policy and acknowledge that we may process and share your information as described herein.

1. Information We Collect

1.1 That You Provide Directly

We collect information that you provide directly to us, including:

  • Contact Form Data: Name, email address, phone number, company name, company size, project details, and any message content you provide
  • Account Information: If you create an account, username, email, and password
  • Communication Data: Information you provide when corresponding with us via email, phone, or other channels
  • Project Data: Information necessary to deliver our consulting and development services
  • Payment Information: Billing details and payment information (processed securely by our payment processor)
  • Marketing Preferences: Newsletter subscriptions and communication preferences

Legal Basis (UK GDPR): We process this information based on (a) contractual necessity to provide Services, (b) your consent for marketing communications, or (c) our legitimate interests in responding to inquiries and operating our business.

1.2 From Third Parties

We use the following third-party service providers who may provide us with information:

  • PostHog: Analytics and session recording data to understand user behavior and improve our services
  • Resend: Email delivery service for transactional and marketing emails
  • Authentication Services: If applicable, login and authentication data
  • Business Partners: Referrals or leads from authorized partners

Legal Basis: Legitimate interests in improving our Services and communicating effectively.

1.3 Automatically

We automatically collect certain information when you visit our website:

  • Technical Data: IP address, browser type and version, operating system, device information
  • Usage Data: Pages visited, time spent on pages, links clicked, referring websites
  • Location Data: General geographic location based on IP address (country/city level)
  • Cookies: See our Cookie Policy for details

This information is collected using cookies and similar tracking technologies. You can control cookie preferences through our cookie banner and browser settings.

Legal Basis: Your consent (for non-essential cookies) and legitimate interests in operating and securing our website.

2. How We Use Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices, updates, and support messages
  • Respond to your comments and questions
  • Analyze usage patterns and trends
  • Detect, prevent, and address technical issues and fraud

3. How We Retain Information

We retain your information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

  • Contact Form Inquiries: 3 years from last contact or until you request deletion
  • Customer Account Data: Duration of contract plus 6 years (UK statutory limitation period)
  • Project Files & Deliverables: As specified in Service Agreement, typically 2-3 years post-completion
  • Financial Records: 6 years (UK tax law requirement)
  • Marketing Data: Until you unsubscribe or object, or 3 years of inactivity
  • Website Analytics: Up to 26 months (PostHog retention period)
  • Security Logs: 90 days to 1 year

When we no longer need your information, we will securely delete or anonymize it in accordance with our data retention schedule and applicable legal requirements.

4. How We Disclose Information

We may share your information in the following circumstances:

Service Providers (Data Processors): We engage third-party companies to perform services on our behalf, including:

  • PostHog (US/EU): Analytics and session tracking - Privacy Policy
  • Resend (US): Email delivery service - Privacy Policy
  • Hosting Providers: Website and application hosting services
  • Payment Processors: Secure payment processing (when applicable)

Other Disclosures:

  • With your explicit consent or at your direction
  • To comply with legal obligations, court orders, or regulatory requirements
  • To protect the rights, safety, and security of Omniflo, our users, and the public
  • In connection with a business transaction (merger, acquisition, sale of assets)
  • With professional advisors (lawyers, accountants) under confidentiality obligations

International Transfers: Some of our service providers are located outside the United Kingdom. Where we transfer personal data internationally, we ensure appropriate safeguards are in place, such as:

  • EU/EEA transfers: Adequacy decisions and standard contractual clauses
  • US transfers: Standard contractual clauses and additional security measures
  • Data Processing Agreements with all processors ensuring UK GDPR compliance

5. Data Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Cookies & Tracking

We use cookies and similar tracking technologies to collect information about your browsing activities. You can control cookies through your browser settings, but disabling cookies may limit your ability to use certain features of our services.

7. Third-Party Services

Our services may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information to them.

8. Your Privacy Rights

Under UK GDPR and the Data Protection Act 2018, you have the following rights regarding your personal information:

  • Right of Access (Subject Access Request): Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure ('Right to be Forgotten'): Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request that we limit how we use your personal data
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Data Portability: Receive your personal data in a structured, commonly used format
  • Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis
  • Right to Lodge a Complaint: File a complaint with the Information Commissioner's Office (ICO)

How to Exercise Your Rights:

To exercise any of these rights, please contact us at:

  • Email: privacy@omniflo.ai
  • Post: Data Protection Officer, Omniflo Limited, 281 Kennington Lane, London, SE11 5AR, UK

We will respond to your request within one month of receipt. In complex cases, we may extend this by two further months and will inform you accordingly.

ICO Contact Information:

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Website: ico.org.uk
Phone: 0303 123 1113

9. Privacy Policy Updates

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. Your continued use of our services after any changes indicates your acceptance of the updated policy.