Omnidocs Create privacy policy - DEV: Omnidocs

Omnidocs Create - Privacy Policy

Transparency, security and compliance

Effective Date: 27.08.2025

Last Updated: 16.10.2025

Omnidocs (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal data. This Privacy Policy explains how we handle your information when you use Omnidocs Create.

1. Who We Are

At Omnidocs, we believe work should be seamless, not stressful. Our goal is to enable productive workdays and shape the future of productivity. By simplifying document management, we empower talent and create a smarter, happier workplace where every workday works better.

Regarding GDPR, we process personal data based on contractual necessity, legitimate interest, legal obligation, or consent, depending on the context.

Omnidocs A/S acts as the data controller for personal data collected through Omnidocs Create. If you believe your data has been mishandled, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet) or your local supervisory authority.

If you have any questions about this Privacy Policy, you can contact us at:

📍 Company Name: Omnidocs A/S

📍 Address: Wilders Plads 15A, 1403 Copenhagen K, Denmark

📧 Email: info@oddev.demo.supertusch.com

📞 Phone: +45 70 20 72 47

2. What Data We Collect

We may collect the following types of personal data:

  • Contact Information – Name, email address, phone number, job title, company name, when required to set up or support your account.
  • Account Information – Account governance is always handled by the authorization authority or Identity and Access Management (“IAM”) suite under control of the end user’s Organization.
    Only certain strictly non-Personal Identifiable Information (“non-PII”) Unique Identifiers (“UIDs”) are gathered for the purpose of account binding, like their login email address, plus other user opted-in data, such as user preferences.
  • Communication Data – When you communicate with us via email, chat, or forms, we store the messages and contact details.
  • Technical Data – To ensure the security and functionality of our service, we collect IP address, device information, add-in version, performance logs, and error reports.
  • Billing Information – If you purchase services, we may collect payment details (handled securely through third-party providers).
  • Support Data – If you register a support case, we collect basic contact information in order to service you. We may also analyse support inquiries to improve our services.
  • Usage Analytics and Licensing Data – Omnidocs collects limited telemetry and licensing data to maintain service integrity and verify licenses. Email addresses are pseudonymized before storage, keeping only the domain and masked characters, e.g.: a@oddev.demo.supertusch.com → *@oddev.demo.supertusch.com.

Data is used only in aggregated form and linked only to Organization-wide Unique Identifiers (“UIDs”).

3. Legal Basis for Processing

Under GDPR, we process personal data based on the following legal bases:

  • Consent – When you provide explicit consent, such as subscribing to marketing communications.
  • Contractual Necessity – When processing is required to fulfil a contract, such as providing requested services.
  • Legitimate Interest – When processing supports business operations in ways that do not override your rights and freedoms, such as improving services and analyzing trends.
  • Legal Obligation – When we are required to process personal data to comply with laws and regulations.

4. How We Use Your Data

We use the collected data to:

  • Provide and improve our services
  • Respond to inquiries and customer support requests
  • Authenticate users and ensure secure access
  • Analyse performance and troubleshoot technical issues
  • Integrate with third-party vendors and platforms
  • Comply with legal and regulatory requirements

We do not sell or rent personal data to third parties.

5. Data sharing & Third-party services

We may share personal data with:

  • Service Providers – Third-party vendors that help us with hosting, analytics, email delivery, and customer support.
  • Legal & Compliance Authorities – If required by law, regulatory authorities, or to protect our legal rights.

6. Cookies & Tracking Technologies

Omnidocs Create uses only strictly necessary cookies and functional telemetry to ensure service functionality, security, and performance (for example, error logs and usage statistics).

We do not use marketing cookies, advertising trackers, or cross-site tracking technologies.

7. Data Retention & Security

We retain personal data only as long as necessary for the purposes described, and in accordance with legal obligations.

  • Customer data – Retained for the duration of the business relationship
  • Technical logs – retained for 90 days for troubleshooting and security
  • Billing data – retained for 5 years as required by tax law
  • Account and support data – retained for 12 months after account closure

For more information on how to exercise your data protection rights, please see Section 8 – User Rights & Choices.

Our data security measures include:

  • Encryption & Secure Storage
  • Access Controls & Authentication
  • Regular Security Audits

8. Data Breach Notification

In the event of a data breach likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, in accordance with applicable data protection laws.

9. User Rights & Choices

Depending on your location, you may have rights under GDPR, CCPA, or similar laws, including access, correction, deletion, restriction, objection, and data portability.

Currently, only deletion of your user account and related data can be requested, as other rights are not applicable to this product’s processing.

To exercise your rights, contact us at info@oddev.demo.supertusch.com.

We will respond to your request within 30 days. If you are unsatisfied, you may make a complaint with Datatilsynet.

10. International Data Transfers

If we transfer personal data outside the EU/EEA or other jurisdictions with data protection laws, we ensure safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) – Contractual agreements ensuring data protection.
  • Data Processing Agreements (DPAs) – Ensuring third parties adhere to GDPR compliance.
  • Hosting Data in Compliant Regions – Where possible, data is stored within GDPR-compliant regions.

Where data is transferred outside the EU/EEA (for example, to the United States in connection with our use of cloud services such as Microsoft, such transfers are carried out under the European Commission’s SCCs or adequacy decisions (such as the EU–US Data Privacy Framework), ensuring that appropriate safeguards are in place.

13. Storage of Data

We store all customer data securely using Microsoft Azure, a trusted cloud service provider. Azure’s infrastructure is designed with advanced security measures, including encryption, access controls, and compliance with leading international standards (such as ISO 27001 and GDPR). This ensures that your data is protected, highly available, and stored in accordance with applicable laws and regulations.

12. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated effective date. We encourage you to review this policy regularly.

×