Legal

Privacy Policy

Last updated: April 2026. This summary outlines how Omnilytics, Inc. collects, processes, retains, and protects information.

1. Who we are

Omnilytics, Inc. (“Omnilytics”, “we”, “us”) is a Delaware corporation that provides Document AI, Identity AI, and Security AI APIs to business customers (“Customers”). This Privacy Policy explains how we handle information when you visit our website or use our APIs.

2. Information we collect

We collect three categories of information:

  • Account information. When you sign up or contact us, we collect your name, work email, company, and any details you choose to share.
  • API inputs and outputs. When Customers send data to our APIs, we process documents, identity attributes, and device signals on their behalf as a Processor under GDPR.
  • Usage and telemetry. We log API requests for security, billing, and performance — IP address, user-agent, timestamp, endpoint, and response status.

3. How we use information

We use information to deliver the service, secure it, bill for it, and improve it. We do not sell personal information. We do not use Customer API inputs to train shared models.

4. Retention

API inputs and outputs are retained for a default of 30 days for debugging and abuse prevention. Customers on Growth and Enterprise plans can shorten retention to zero, or extend up to seven years for regulatory needs. Account information is retained for the life of your account plus seven years for tax and audit compliance.

5. Sharing and sub-processors

We share information with carefully vetted sub-processors that help us operate the service — cloud infrastructure, customer support, billing, and analytics. A current list of sub-processors is available on request.

6. Your rights

If you are a resident of the EU, UK, California, or another jurisdiction with privacy rights, you may request access, correction, deletion, or portability of your information. We honor opt-out signals including Global Privacy Control. Contact us at privacy@omnilytics.ai.

7. Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access is restricted to authorized personnel, monitored continuously, and audited annually under SOC 2 Type II. Vulnerability reports can be sent to security@omnilytics.ai.

8. Changes

We may update this Privacy Policy from time to time. Material changes will be announced on this page with at least 30 days of notice. The “Last updated” date at the top reflects the most recent revision.

9. Contact

Omnilytics, Inc. — Delaware, USA. Privacy inquiries: privacy@omnilytics.ai.