Last Updated: June 3, 2020
Scope of This Policy
What we may collect
The types of personal information we collect from you may include: Full legal name/Name, Job title, Company name, Postal or other physical address, Email address, Telephone/Fax number, IP Addresses/Device identifier/Application identifier, User ID and password if you establish an account with us, Login Date and Time, Log data, Social Security Number/Foreign ID, Nationality, Date of Birth. We do not seek to collect or process sensitive personal information unless it is required or permitted by law; necessary for the detection or prevention of crime; necessary to establish, exercise or defend legal rights; or we have your prior explicit consent.
How we collect
The personal information we collect is via: Submitting client onboarding documents , Content or information included in or attached to your email in connection to raised support tickets;, Participating in “join our mailing list” initiatives;, Information you provide, Contacting us for further information, Providing us with business cards or other contact information.
How we use
Transfers to Third Parties
Omniex’s U.S. entities, Omniex Holdings, Inc. and Omniex Services LLC, adhere to the EU-US and Swiss-U.S Privacy Shield principles. Information regarding Privacy Shield can be found at the website https://www.privacyshield.gov
In addition, we may disclose information about you: If we are required to do so by law or legal process. To law enforcement authorities or other government officials. If required by the investigatory and enforcement powers of the Federal Trade Commission (FTC). When we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity. If disclosure is necessary to protect the vital interests of a person. To protect our property, services and legal rights. To prevent fraud against Omniex, our subsidiaries, affiliates and/or business partners. To support auditing, compliance, and corporate governance functions, or To comply with any and all applicable laws.
We may also disclose or transfer your personal data in the event of a reorganization, merger, sale, joint venture, assignment, or other transfer or disposition of all or any portion of our business.
We care about your data and are committed to protecting the data you provide us. We use industry-standard security technologies, procedures and organizational safeguards to protect your personal data from unauthorized access, use and disclosure. We treat personal data as an asset that must be protected against loss and unauthorized access. We employ various security practices to protect your personal data from unauthorized users and recommend you take every precaution in protecting your Personal Data when you are on the Internet.
Links, Third Party Applications and Software
Legal Grounds for Processing Personal Information
- our legitimate interests in the effective delivery of information and services to you and in the effective and lawful
- operation of our businesses (provided these do not interfere with your rights);
- to satisfy any legal and regulatory obligations to which we are subject; or
- where no other condition for processing is available, if you have agreed to us processing your personal information for the relevant purpose.
Rights in Relation to Your Information
You may have certain rights under your local law in relation to the personal information we hold about you. In particular, if you are an individual whose personal data, and the processing of that personal data by Omniex, are subject to the application of the European General Data Protection Regulation, you have the following rights:
- Right of Access: This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it, and that it is accurate, complete and current.
- Right of Correction: This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Right of Erasure: This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to objection
- Right to Objection: Where we are relying on a legitimate interest as justification, or where it is used for direct marketing purposes, you have the right to object to the processing of your personal information.
- Right of Restriction: You have the right to request that we restrict the processing of your personal data in certain:
- If you contest the accuracy of your personal data, you may request that its processing is restricted while we verify its accuracy.
- If the processing of your personal data is considered unlawful, but you do not require the deletion of your personal data.
- If we no longer need the data for the purposes of its processing, but you need it for the establishment, exercise or defense of legal claims.
- If you object to our processing of your data based on our legitimate interests, or where the processing is based on Art. 6(1) (e) GDPR.
- Right of Data Portability: When the processing takes place on the basis of your consent or contract, and is carried out by automated means, you have the right to request that we provide your personal data to you in a machine-readable format;
- Right to withdraw consent: If your personal data is processed on the basis of your consent, you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal. You may also have the right under certain conditions to invoke binding arbitration. Different laws may prevent us from providing access to your personal data or otherwise fully complying with your request depending upon the circumstances and the request, for example where producing your information may reveal the identity of someone else.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en
Retention of Personal Information
We will retain your personal information on our systems only for as long as we need it, given the purposes for which it was collected, in accordance with our internal recordkeeping policies, or as required to do so by law. The exact length of time will vary, and may be subject to applicable contracts or agreements. We keep contact information (such as mailing list information) until a user unsubscribes or requests that we delete that information. If you choose to unsubscribe from a mailing list, we may keep certain limited information about you so that we may honor your request. We dispose of resumes when they are no longer under consideration.
Our Commitment to the EU-US Privacy Shield Principles
Omniex complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States in reliance on Privacy Shield. Omniex has certified that it
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Omniex is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Omniex’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Omniex remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Omniex proves that it is not responsible for the event giving rise to the damage.
Omniex has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
California Privacy Disclosures
Pursuant to California Civil Code Section 1798.83(c)(2), Omniex does not share your personal data with third parties for those third parties’ direct marketing use.
Omniex does not track website visitors over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of visitors’ browsing activities when they serve the visitors’ content, which enables them to tailor what they present to you. If you are visiting such sites, your web browser may allow you to set the DNT signal on your browser so that third parties (particularly advertisers) know you do not want to be tracked.
We do not currently honor Do Not Track signals from internet browsers; when a universal standard for processing them emerges, we will follow it.
Omniex Holdings, Inc.
333 Bryant St, Ste 310
San Francisco, 94107
Attention: Privacy & Compliance
Omniex has further committed to refer unresolved Privacy Shield complaints to BBB EU Privacy Shield, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://bbbprograms.org/programs/all-programs/bbb-privacy-shield for more information or to file a complaint. The services of BBB EU Privacy Shield are provided at no cost to you.