Privacy Policy

Omnidox ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and join our waitlist.

1. Information We Collect

Personal Information

We collect email addresses that you voluntarily submit through our waitlist form. This is the only personal information we directly collect from you.

Automatically Collected Data

When you visit our website, we automatically collect certain information, including:

• IP address and geographic location
• Browser type and version
• Device information (type, operating system)
• Pages visited and time spent on our website
• Referring website or source

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience and analyze website traffic. See our Cookie Policy below for details.

Children's Privacy (COPPA Compliance)

We do not knowingly collect personal information from children under 13 years of age. If we discover that we have inadvertently collected data from a child under 13, we will delete it immediately. Parents or guardians who believe we may have collected information from a child under 13 should contact us at privacy@omnidox.org.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Waitlist Management: To notify you when Omnidox launches and provide early access
• Product Updates: To send announcements, feature updates, and important product information
• Analytics: To understand user behavior, improve website performance, and optimize our platform
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Security: To detect, prevent, and address fraud, security issues, and technical problems

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

• Consent: By submitting your email address, you consent to our collection and processing of your data
• Legitimate Interest: We have a legitimate business interest in operating our waitlist, improving our services, and communicating with potential customers

4. Data Sharing and Third Parties

We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Service Providers

We may share your information with trusted third-party service providers who assist us in operating our website and business, including:

• Email service providers (e.g., for sending waitlist updates)
• Analytics providers (e.g., Google Analytics)
• Web hosting and infrastructure providers

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

Legal Obligations

We may disclose your information if required by law, court order, subpoena, or government request, or to protect our rights, property, or safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change via email.

5. Data Security

We take data security seriously and implement industry-standard security measures to protect your information:

• Encryption: SSL/TLS encryption for data in transit, AES-256 encryption for data at rest
• Access Controls: Role-based access controls and multi-factor authentication for our systems
• Audit Trails: Comprehensive logging of all data access and modifications
• HIPAA-Grade Security: Although waitlist data is not Protected Health Information (PHI), we use HIPAA-grade security standards in preparation for handling sensitive healthcare data when our product launches

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Your Rights

Depending on your location, you have the following rights regarding your personal data:

GDPR Rights (European Economic Area)

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Restrict Processing: Limit how we use your data
• Right to Object: Object to our processing of your data
• Right to Withdraw Consent: Withdraw consent at any time

CCPA/CPRA Rights (California Residents)

• Right to Know: Know what personal information we collect, use, and share
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the "sale" of personal information (we do not sell data)
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@omnidox.org. We will respond to your request within 30 days.

7. Cookie Policy

We use cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic. Cookies are small text files stored on your device.

Types of Cookies We Use

• Essential Cookies: Necessary for website functionality, session management, and security
• Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics)
• No Marketing Cookies: We do not use third-party advertising or marketing cookies on the waitlist site

Managing Cookies

You can control and delete cookies through your browser settings. Note that disabling cookies may affect website functionality. To opt-out of Google Analytics, visit Google Analytics Opt-Out.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

• Waitlist Data: Retained until product launch + 1 year, or until you request deletion
• Analytics Data: Retained for 26 months (Google Analytics default), or until you opt-out

9. International Data Transfers

Your information may be transferred to and stored on servers located in the United States. If you are located outside the U.S., please be aware that your data will be processed in a country with different data protection laws.

For transfers from the European Economic Area, we comply with GDPR Standard Contractual Clauses (SCCs) to ensure adequate protection of your data.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will update the "Last Updated" date at the top of this page and notify waitlist members via email.

Your continued use of our website after changes are posted constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

This Privacy Policy is designed to comply with GDPR (EU), CCPA/CPRA (California), COPPA (Children's Online Privacy Protection Act), and HIPAA security standards.