Privacy Policy of oomnis Limited
Last updated: July 29th 2022
At oomnis Limited, we take your privacy very seriously. We respect your rights and understand the importance of protecting your personal data or personally identifiable information (PII).
We have analyzed how and when we collect your PII. With this policy, we want to share with you our policies and processes regarding the collection, handling and deletion of your PII.
First, we shall explain what PII we may collect about you and how we collect it. Then, we will present how we use or process your PII and when required what our legal basis to do so is.
We also explain how you are able to request about your PII, withdraw consent and request deletion of your PII.
In the second part, we will explain how we handle the service data that we process on your behalf.
Finally, we have a few important items to cover regarding PII of children, geographical location of data, legal obligations and data retention policies.
Collecting and processing your information
Information we collect
We only collect information for a legitimate purpose.
We will have information about you only if
You have provided us with this information yourself OR
This is information we receive and process on your behalf OR
We have automatically collected this information OR
We have received this information from a third party
Information you provide us
a) You provide your information to us directly either online of physically
When you contact oomnis in order to receive information about oomnis, our products or services, we collect your name, contact number, email address, company name and country, and other relevant personally identifiable information (PII) in order to provide you a meaningful reply.
b) You registered to an event
We will collect your name, contact, number, email, company name and other relevant PII in order to send you information relevant to the event as well as enable you to access the relevant event information online or offline.
c) Payment Processing
When you buy something from us, we ask you to provide your name, contact information in order to create relevant transaction documentations.
If you elect to buy by credit card, we will provide you with a link to our payment processor Stripe (whose privacy policy is posted here : https://stripe.com/en-hk/privacy)
d) Personal information you provided on our online services (FlexO, Media4Display digital signage, other services)
In order for you to be able to use some of our online services, the systems may require a working email address, your name (and a limited set of other PII) in order to identify and authenticate you with as well as send you relevant notices and notifications about the operation of the system.
You may use unique aliases or one-time emails however in doing so you may not be able to use all features of the systems.
e) Detailed schedule information for FlexO workspace booking management services
If you use our FlexO product as a cloud-service, you may be providing us with detailed information about your everyday schedule, meetings, meeting titles, meeting agenda and description, meeting location, attendee names and emails.
These PII will be used on your behalf to provide you with the relevant FlexO resource booking management services as well as to provide anonymous or denominated information about resource usage as tabulated by the FlexO system.
f) Interaction with oomnis
We may record, analyze and use your interactions with us including email, telephone, social networks, chat conversations with our sales and customer support personnel in order to improve our interactions with you and other customers.
g) Your pictures or videos during web meetings
If you participate in a web meeting or webinar with us and switch on your web camera, we may collect your pictures, moving pictures or likeness if the session is recorded.
While we do *not* routinely record such sessions, we may do it in order to provide you a copy of such session later or to analyze after the fact to improve our services.
Information we receive and process on your behalf
a) Personally authorized access to data from other online services:
If you enabled the data integration capability between our services and other party services (including but not limited to Microsoft 365, Google Workspace, Google Calendar, Outlook, Youtube, Instagram, Facebook) that may contain or provide us with some of your PII, we may collect the PII that are strictly relevant to the use of the product or services.
b) Calendar Sync:
In particular, if you have activated the synchronization of booking data between our online service and other calendar management services, we will receive from such services personal information relevant to replicate this data within our service including meeting titles, agendas and locations as well as other attendees personal information such as names, emails, company names and phone numbers.
c) Professional Calendar Sync:
If your employer or your system provider has activated on your behalf the synchronization of booking data between our online service and other calendar management services managed by your employer or system provider, we will receive from such services personal information relevant to replicate this data within our service including meeting titles, agendas and locations as well as other attendees personal information such as names, emails, company names and phone numbers.
Information we collect automatically
a) Information from browsers, devices and servers: when you visit our websites or use our online services, we collect information that web browsers, mobile devices and servers make available such as IP address, browser type, language preferences, operating system, device manufacturer, network information, timezone. etc
This data is collected into our logs that enables us to understand better and segment our visitors and users.
b) Information from first- and third-party cookies and tracking technologies : We use temporary and permanent cookies to identify users of our services and to enhance user experience.
We also use cookies, beacons, tags, scripts, and other similar technologies to identify visitors, track website navigation, gather demographic information about visitors and users, understand email campaign effectiveness and for targeted visitor and user engagement by tracking your activities on our websites.
We use Zoho Analytics, Zoho SalesIQ as well as Google Analytics cookies for this. (https://www.zoho.com/privacy.html, https://policies.google.com/privacy?hl=en-US)
Information we received through a third-party
a) Information received from your employer or service provider
In order for you to be able to authenticate with and use our online services or for other legitimate business needs, your employer (or service provider) will have provided us with PII such as your name, company name, email address and other relevant information.
b) Information received from marketing data providers
For the legitimate goal of establishing a first marketing contact with potential customers, we may received curated lists of contacts including your PPI including name, address, company name, title.
c) Information received from resume database and staff service providers.or other legitimate contact information providers
For the legitimate goal of hiring new employees, we may received curated lists of contacts including your PII including name, address, company name, title.
d) Personal Information contained within business electronic communications metadata received from a third-party
We may receive your PII (including but not limited to email address and name) within electronic communications (including but not limited to emails, multi-party chat, etc.) within the metadata or headers of multiparty communication messages.
Purpose for using the information
We may have one or multiple purposes for using and processing your PII:
To communicate with you (such as through email, phone, social networks, etc.) for marketing, support or sales development, about our or your business, product and services, about products we have provided you, services you signed up for, changes to agreements you have entered to or changes to policies such as this privacy policy.
To let you know, through online of offline marketing campaigns, about new products and services oomnis is developing or distributing on behalf of other companies, upcoming promotions, events and offers as well as other information that may be of interest to you.
To analyze the impact of such marketing campaigns
To ask you to participate in surveys or to request feedback regarding our products or services and to analyze such survey results or feedbacks
To set up or maintain account information in our online services or to provide specific functionalities requiring the use of your personal information such as connecting to other third-party services on your behalf
To better understand how our users use our products and services, to monitor and prevent issues
To improve our products and services
To provide customer support as well as to improve the products and services concerned by customer support conversations
To supplement our business records, make hiring decisions, identify new customers and provide products and services that could be of interest to you
To analyze trends on our online resources (including our online services) in order to improve navigation, information presentation to provide a better experience
To provide detailed analytical information within our products and services either on your behalf, on behalf of your employer or customer if you are self-employed
to .protect or defend oomnis' rights, safety or property.
Legal basis for collection
If you are an individual from the EEA, our legal basis for information collection may depend on the context in which we collected the data.
We may have collected the data based on contractual or legal necessity, based on one or more legitimate interests of oomnis (including but not limited to the handling and management of customers and employees information solely for our sole business and business management purposes) not overridden by data protection needs, or based on a legitimate authorization provided by your employer (or your customer/system provider if you are self-employed) on your behalf, or your direct consent.
Withdrawal of Consent
If our legal basis for collecting and processing your data is consent, you may contact our data controller at any time to withdraw this consent (privacy@oomnis.com)
If our legal basis for collecting and processing your data was a legitimate authorization to process such data by your employer (or your client if you are self-employed), you may request the withdrawal of your consent and as a result the online services provided to you may not be accessible or be functional.
We may contact the organization that provided us the legitimate authorization to act as a data processor for your data in the first place to ensure how to handle your data going forward, you may have to withdraw consent from this other party as well.
Your choice in information use
You have options in how your information may be used:
You may opt out of receiving newsletters and other non-essential messages by using the "unsubscribe" button function when present in such message or by contacting our Data Controller privacy@oomnis.com
You can disable cookies while visiting our websites or any of our other web based applications. However, by doing so, you may be unable to use any of its functions.
Optional Information
You can choose not to provide any non-mandatory personal information in any form on our website.
Sharing your PII
We do not sell nor offer personal information to any third-party. We may share your information only in ways described in this policy and only with third-parties that have adopted appropriate confidentiality and security measures.
Employees and contractors: the employees, directors and independent contractors of oomnis Limited only have access to your information on a need-to-know basis.
Third-Party Service Provider and Data Processors:
We may submit your PII to services or store such PII with third-party service providers that provide essential business services to oomnis including but not limited to our customer relationship management system, our ERP system, our web hosting system, our marketing automation system, our virtual machine hosting providers, our enterprise file management providers etc. and only for legitimate processing purposes.
We only provide or store your data with such third-parties for which we have verified that they have established clear data processing rules regarding the processing of PII data as well as strong commitment to information security.
Current Data Processors
Google Inc.: Analytics
Microsoft Inc. : Azure VMs and Microsoft 365
Zoho Inc. : Zoho One (CRM, ERP, marketing automation etc.)
Information we process on your behalf
You may entrust information to us that you (or your organization) control by submitting them to our online services.
This may include information regarding your customers or employees or data that you hold on behalf or another person or organization for a specific purpose such as a customer to whom you provide services.
The data may be either stored on our servers or services when you use our services or transferred or shared with us as part of a request for technical support or other services.
All the data you entrust to oomnis is YOUR "service data".
You own your service data. We provide you full control over your service data by letting you access, edit and modify your service data, share it with third-party through supported third-party integration as well as request the export or deletion of such service data.
How we use your service data?
We only use your service data at your behest to provide the services you are paying us for to provide on your or your customer behalf.
Who we share your service data with?
While we do not share your data with third-party, your PII may be submitted to legitimate data processors in order to deliver our products and services and accessed by our staff for the purpose of providing you such services:
Your service data may be shared with our third-party sub-processors (including Azure and Zoho) in order to provide the actual services as well as to provide technical or commercial support for our products.
Our employees and independent sub-contractors may have access to your service data to identify analyze and resolve issues or errors occurring during the use of our online services.
General Terms
Children Personal Information
our products and services are not aimed at children and we will not knowingly collect information about individuals under 16 of age.
If you are aware that such information has been collected by us, please contact us at privacy@oomnis.com and we will take the appropriate steps to delete such information.
Geographical Location of your data
When we provide the technical services (hosting, backup, etc.) ourselves in order to deliver one of our online services, we can provide you the exact location of where your data will be situated (for example, we keep EU customers' data in EU and Australia customers' data in Australia).
We strive to keep your data in a jurisdiction close to you when it is legally, technically and economically possible.
For data hosted and processed on third-party systems, we rely on the privacy policy covenants provided by that party.
Third-Party Products and Services
We deliver some of our products or services as a distributor of those third-parties. While we strive to associate with the best vendors, you may want to check the privacy policy of such vendors directly, especially in cases when you contact them directly.
Public Forums
We may provide public discussion and commentating facilities on our website, our social network channels or within our products and services.
This privacy policy does not apply to public facilities that are accessible by anyone on the internet.
Please do not submit personal information to these public forums unless you understand and agree that such information may be vastly distributed beyond our control.
Legal Obligations
To the fullest extent permitted under applicable legislation, we may preserve or disclose your PII and any service data if we believe in good faith to be required to do so in order:
to protect or defend the rights, safety or property of oomnis Limited, related parties or any third-party, or
to comply with legislation requiring data capture or preservation, or
to comply with lawful subpoenas and lawful orders to preserve evidence
We shall have sole discretion in electing to contest such information disclosure.
We may also not be able to let you know that such enforcement activity was initiated on you or your service data.
Business transfer
In the event of a transfer of the majority of the shareholding of oomnis Limited, and whenever possible, we will get in touch with you to let you know of such change and to provide with the opportunity to request the deletion of any PII we may have from you.
Notification of Changes
While we may update this policy without notice to you,
If an update of this privacy policy materially affects your rights and recourse, we will try and contact you to provide you the opportunity to review the PII collected on your behalf and decide if you prefer to request us to delete such PII.
Data Retention
We will keep your data only if we have received your approval to do so, or if we have any specific legal basis to do so.
We will delete your PII if requested to do so unless we have a legal obligation or if we have an overriding basis to keep this data.
We will hold your service data for as long as we are in an active commercial relationship.
After termination of a contractual relationship, we can delete the service data immediately at your request.
Even after deletion, inactive data fragments may be retained in automated data backups and such backups shall be retained for a maximum period of 2 years. Apart from data retained in backups. any service data retained beyond the termination is typically deleted during routine database maintenance and optimization processes (typically once a year).