Last Updated: June 3, 2020

Overview
Protecting consumer privacy is important to Omniex Holdings, Inc and Omniex Services LLC (collectively “Omniex” “we” or “us”). This privacy policy explains what personal information Omniex and its affiliates gather about you, what we use that information for, and who we give that information to in our capacity as data controllers. It also sets out your rights in relation to your information and who you can contact for more information or queries.

About Omniex
Omniex is a global company. You acknowledge and consent that any information you provide or we may collect pursuant to this policy may be used, processed or transferred to the United States or other countries or territories and that those countries or territories may not offer the same level of protection as the country where you reside. In the privacy policy, the terms “Omniex”, “we” or “us” refers to Omniex Holdings, Inc. and Omniex Services, LLC.

Terminology
In this privacy policy, your information is sometimes called “personal data,” “data” or “personal information”. Personal data does not include information that is anonymized or publicly available information that has not been combined with non-public personal data. We also sometimes collectively refer to handling, collecting, protecting or storing your personal information as “processing” such personal information. And our “agents” are any third party that collects or uses personal information pursuant to our instructions or to which we disclose personal information for use on our behalf.

Scope of This Policy
This privacy policy applies to personal data that you provide in any onboarding or communicated documentation to Omniex.

What we may collect
The types of personal information we collect from you may include: Full legal name/Name, Job title, Company name, Postal or other physical address, Email address, Telephone/Fax number, IP Addresses/Device identifier/Application identifier, User ID and password if you establish an account with us, Login Date and Time, Log data, Social Security Number/Foreign ID, Nationality, Date of Birth. We do not seek to collect or process sensitive personal information unless it is required or permitted by law; necessary for the detection or prevention of crime; necessary to establish, exercise or defend legal rights; or we have your prior explicit consent.

How we collect
The personal information we collect is via: Submitting client onboarding documents , Content or information included in or attached to your email in connection to raised support tickets;, Participating in “join our mailing list” initiatives;, Information you provide, Contacting us for further information, Providing us with business cards or other contact information.

How we use
The personal data we collect may be used where we have your specific consent to do so, or where Omniex has a legitimate interest in or other legal basis for processing such information. We will disclose personal information if it’s necessary to comply with a legal obligation, prevent fraud, enforce our terms of use or customer agreements, or protect our users’ safety or security. Omniex may use your personal data to: Fulfill your requests for information or support, To verify your identity, To communicate with you, To finalize an application and otherwise setup an account for access to the Online Services, Process your request to participate in events, Personalize content that you view, Communicate with you (including for product support or billing issues), Verify compliance with and enforce the terms of Omniex’s licenses and other agreement governing the use of our products and services, Carry out transactions with you, Authenticate users, Distribute newsletters and alerts to you, and for other marketing purposes, Comply with all applicable laws and corporate reporting obligations, Accomplish other purposes you may initiate or request Omniex uses personal data only in ways that are compatible with and relevant to the purposes for which it was collected or authorized by you. We may keep any of your personal data on file and use it to contact you. We will take reasonable steps to ensure that personal data is accurate, complete, current and reliable for its intended use.

Consent
If you choose to provide sensitive data to us for any reason, the act of doing so constitutes your explicit consent, where such consent is necessary and valid under your local law, for us to collect and use that information in the ways described in this privacy policy or as described at the point where you choose to disclose this information.

Transfers to Third Parties
Personal data collected in accordance with this privacy policy is not shared with Third Parties. However, your personal information may be transferred to and stored outside the country where you are located. This includes countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information. Where we collect your personal information within the EEA, transfer outside the EEA will be only: (a) to a recipient located in a country which provides an adequate level of protection for your personal information; and/or (b) under an agreement which satisfies EU requirements for the transfer of personal data to data processors or data controllers outside the EEA. By using the Sites and providing information to use in accordance with this privacy policy, you voluntarily consent to such trans-border transfer and hosting of such information.

Omniex’s U.S. entities, Omniex Holdings, Inc. and Omniex Services LLC, adhere to the EU-US and Swiss-U.S Privacy Shield principles. Information regarding Privacy Shield can be found at the website https://www.privacyshield.gov

Other Disclosures
In addition, we may disclose information about you: If we are required to do so by law or legal process. To law enforcement authorities or other government officials. If required by the investigatory and enforcement powers of the Federal Trade Commission (FTC). When we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity. If disclosure is necessary to protect the vital interests of a person. To protect our property, services and legal rights. To prevent fraud against Omniex, our subsidiaries, affiliates and/or business partners. To support auditing, compliance, and corporate governance functions, or To comply with any and all applicable laws.

We may also disclose or transfer your personal data in the event of a re-organization, merger, sale, joint venture, assignment, or other transfer or disposition of all or any portion of our business.

Security
We care about your data and are committed to protecting the data you provide us. We use industry-standard security technologies, procedures and organizational safeguards to protect your personal data from unauthorized access, use and disclosure. We treat personal data as an asset that must be protected against loss and unauthorized access. We employ various security practices to protect your personal data from unauthorized users and recommend you take every precaution in protecting your Personal Data when you are on the Internet.

Links, Third Party Applications and Software
Our website may contain links to other sites or may give you access to applications, software, or products provided by third parties (“Third Party Sites and Products”). Please understand that those Third Party Sites and Products may have different terms of use and privacy policies. You should review those terms of use and privacy policies prior to using them. We are not responsible for the privacy practices of any Third Party Sites and Products. We are also not responsible for the terms of use you may be required to agree to in order to use such Third Party Sites and Products.

Legal Grounds for Processing Personal Information
Your local law may require us to set out in this privacy policy the legal grounds on which we rely in order to process your personal information. In such cases, we rely on one or more of the following processing conditions:

● our legitimate interests in the effective delivery of information and services to you and in the effective and lawful
operation of our businesses (provided these do not interfere with your rights);
● to satisfy any legal and regulatory obligations to which we are subject; or
● where no other condition for processing is available, if you have agreed to us processing your personal information for the relevant purpose.

Rights in Relation to Your Information
You may have certain rights under your local law in relation to the personal information we hold about you. In particular, if you are an individual whose personal data, and the processing of that personal data by Omniex, are subject to the application of the European General Data Protection Regulation, you have the following rights:

Right of Access: This enables you to receive a copy of the personal information we hold about you and to check that we
are lawfully processing it, and that it is accurate, complete and current.
Right of Correction: This enables you to have any incomplete or inaccurate information we hold about you corrected.

Right of Erasure: This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to objection

Right to Objection: Where we are relying on a legitimate interest as justification, or where it is used for direct marketing purposes, you have the right to object to the processing of your personal information.

Right of Restriction: You have the right to request that we restrict the processing of your personal data in certain:
o If you contest the accuracy of your personal data, you may request that its processing is restricted while we verify its accuracy.
o If the processing of your personal data is considered unlawful, but you do not require the deletion of your personal data.
o If we no longer need the data for the purposes of its processing, but you need it for the establishment, exercise or defense of legal claims.
o If you object to our processing of your data based on our legitimate interests, or where the processing is based on Art. 6(1) (e) GDPR.

Right of Data Portability: When the processing takes place on the basis of your consent or contract, and is carried out by automated means, you have the right to request that we provide your personal data to you in a machine-readable format;

Right to withdraw consent: If your personal data is processed on the basis of your consent, you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal. You may also have the right under certain conditions to invoke binding arbitration. Different laws may prevent us from providing access to your personal data or otherwise fully complying with your request depending upon the circumstances and the request, for example where producing your information may reveal the identity of someone else.

You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en

Retention of Personal Information
We will retain your personal information on our systems only for as long as we need it, given the purposes for which it was collected, in accordance with our internal recordkeeping policies, or as required to do so by law. The exact length of time will vary, and may be subject to applicable contracts or agreements. We keep contact information (such as mailing list information) until a user unsubscribes or requests that we delete that information. If you choose to unsubscribe from a mailing list, we may keep certain limited information about you so that we may honor your request. We dispose of resumes when they are no longer under consideration.

Our Commitment to the EU-US Privacy Shield Principles
Omniex complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States in reliance on Privacy Shield. Omniex has certified that it
adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Omniex is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Privacy Shield Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to privacy@omniex.io. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@omniex.io.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Omniex’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Omniex remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Omniex proves that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Omniex is committed to resolving complaints about its collection and use of your personal data. You may direct inquiries or complaints about our use of your personal data pursuant to this privacy policy by sending us an email to the following address: privacy@omniex.io.

Omniex has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

California Privacy Disclosures
Pursuant to California Civil Code Section 1798.83(c)(2), Omniex does not share your personal data with third parties for those third parties’ direct marketing use.

Omniex does not track website visitors over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of visitors’ browsing activities when they serve the visitors’ content, which enables them to tailor what they present to you. If you are visiting such sites, your web browser may allow you to set the DNT signal on your browser so that third parties (particularly advertisers) know you do not want to be tracked.

We do not currently honor Do Not Track signals from internet browsers; when a universal standard for processing them emerges, we will follow it.

Contact Information
You may contact us regarding this privacy policy, our data collection and processing practices or to opt-out. In compliance with the Privacy Shield Principles, Omniex commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our privacy policy should contact Omniex at:

Omniex Holdings, Inc.
333 Bryant St, Ste 310
San Francisco, 94107
United States
Attention: Privacy & Compliance
privacy@omniex.io

Omniex has further committed to refer unresolved Privacy Shield complaints to BBB EU Privacy Shield, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://bbbprograms.org/programs/all-programs/bbb-privacy-shield for more information or to file a complaint. The services of BBB EU Privacy Shield are provided at no cost to you.

Amendments
Omniex may update this Privacy Policy at any time by publishing an updated version here.