Oomnitza is the “Data Controller” for operational data, such as telemetry and logs.
Oomnitza is the “Data Processor”, and our users are the controllers, for all other data that the users provide as they use our product.
Oomnitza knows that you care about how your Personal Information is used and shared, and we take your privacy seriously.
PERSONAL INFORMATION THAT OOMNITZA COLLECTS
We collect the following types of information from our end users:
Information You Provide to Us:
We may receive and store any information you enter into and/or otherwise use the Services. For example:
- User’s Name: User information exists in Oomnitza for asset association/assignment.
- User’s Email: Email is used for workflow and saved searches notifications that must be sent to a given user.
- User’s Phone: This field is completely optional, and may be used for a holistic overview.
- User’s Address: This field is completely optional, and may be used for a holistic overview.
- User’s Location: This field is completely optional, and may be used for a holistic overview.
- User’s photograph: This field is completely optional, and may be used for a holistic overview.
Google OAuth Identity Platform scope
We may receive and store the following information from Google OAuth service to support our Services (view /read-only access is used):
- View domain users: To add users accounts to Oomnitza.
- User’s Name and Last Name: To create user accounts in Oomnitza or to authenticate users. User information exists in Oomnitza for asset association/assignment.
- User’s Email: To add this Email address to the corresponding user account in Oomnitza. Email is used for workflow and saved searches notifications that must be sent to a given user.
- Organizational unit's pathname (view organizational units in the domain): To assign a role with a predefined set of permissions to a given user account.
Google Sheets integration scope:
- File Content: read-only access to the user's file metadata and file content to import Google sheets directly into Oomnitza, mapped to your fields.
Like many site operators, we collect information that your browser sends whenever you visit our Site ("Log Data"). This Log Data may include information such as your computer's Internet Protocol (“IP”) address, browser type (“User Agent”), browser version, the pages of our Site that you visit, the time and date of your visit, Google OAuth audit data and errors. In addition, we may use third party services such as Google Analytics that collect, monitor and analyze this.
When you use certain features of the Oomnitza, we may collect different types of information about your general location.
HOW OOMNITZA USES PERSONAL INFORMATION
We only use your Personal Information internally - to: (i) provide Services to our Customers (meaning the websites that have implemented our Services) and (ii) further develop and improve such Services.
The privacy principles in this Policy are based on the Privacy Shield Principles.
Where Oomnitza collects personal information directly from individuals in the European Union and Switzerland, it will inform them about the type of personal information collected, the purposes for which it collects and uses the personal information, and the types of non-agent third parties to which Oomnitza discloses or may disclose that information, and the choices and means, if any, Oomnitza offers individuals for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Oomnitza , or as soon as practicable thereafter, and in any event before Oomnitza uses or discloses the information for a purpose other than that for which it was originally collected.
Where Oomnitza receives personal information from their subsidiaries, affiliates or other entities in the EU and Switzerland, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.
SHARING ANY OF THE PERSONAL INFORMATION THAT OOMNITZA RECEIVES
Personal Information about our end users is an integral part of our business. We do not rent, sell or disclose your Personal Information (including Google user data and other user data received from third-party services) to anyone (including our Customers) – except for the following limited purposes:
Agents: We may employ other companies and people to perform tasks on our behalf - meaning they are helping us provide our Services. We may share your Personal Information with such companies/persons solely as necessary for them to help us provide the Services. Unless we tell you differently, Oomnitza’s agents do not have any right to use Personal Information we share with them beyond what is necessary to assist us.
Business Transfers: In some cases, we may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that are transferred. Moreover, if Oomnitza, or substantially all of its assets were acquired, or in the unlikely event that Oomnitza goes out of business or enters bankruptcy, customer information would be one of the assets that are transferred or acquired by a third party.
Protection of Oomnitza and Others: We may release Personal Information when we believe in good faith that release is necessary to meet national security or to comply with the law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Oomnitza, our employees, our users, or others.
With Your Consent: Except as set forth above, you will be notified when your Personal Information may be shared with third parties and will be able to prevent the sharing of this information.
In the section “Choices that you have” described Your choices in case of sharing Your personal information.
THIRD PARTY PARTNERS & INTEGRATIONS
The Oomnitza may contain links to third party agents, websites or services, such as third-party integrations and identity providers (‘Third Party Partner’).
Oomnitza sometimes contract with other companies and individuals to perform functions or services on our behalf. They may have access to Personal Information needed to perform their functions, but are restricted from using the Personal Information for purposes other than providing services for us or to us.
Oomnitza will obtain assurances from its agents that they will only process the data for the limited and specified purposes consistent with the consent provided by the individual and will safeguard personal information consistently with this Policy. Examples of appropriate assurances that may be provided by agents include: a contract obligating the agent to provide at least the same level of protection as is required by the relevant Privacy Shield Principles or equivalent.
It is our responsibility to take steps to ensure that the Third Party Partner processes personal information appropriately. Where Oomnitza becomes aware that an agent is using or disclosing personal information in a manner contrary to this Policy, we will take reasonable steps to prevent or stop the use or disclosure. If the agent will no longer meet its obligation to provide adequate Protections, we require that agent to notify us, at such time we will take reasonable and appropriate steps to stop and remediate unauthorized processing.
CHOICES THAT YOU HAVE
You are the owner of your Personal Information.
Prior to sharing any information with non-agent third parties, or sharing information for a purpose other than the purpose for which it was originally collected or subsequently authorized for use, Oomnitza. will offer individuals clear, conspicuous, and readily available mechanisms to choose:
In the case of personal information, to (opt-out) of having their personal information (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
In the case of sensitive personal information, to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
You may access, review and update the information in your Oomnitza account by logging into your Oomnitza account and reviewing your profile.
If your Personal Information that we hold is inaccurate and you cannot update it, let us know and we will update the relevant information.
You may mark your information as private data when you create or fill a custom field. In addition, you may contact us if there is no such possibility. Otherwise, all other information will be processed as commercial.
You may request deletion of your Personal Information by sending an e-mail.
You may request copies of your Personal Information held by us by sending an e-mail.
We will notify you within 45 days of your valid request about the relevant action taken.
CONDITIONS OF USE FOR CALIFORNIA & VERMONT RESIDENTS
GDPR, EU-US & SWISS-US PRIVACY SHIELD
Oomnitza complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Oomnitza complies with the GDPR, EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the UK, European Union and Switzerland to the United States.
Under the Privacy Shield Framework, Oomnitza is subject to the authority of the Federal Trade Commission.
Oomnitza team and its contractors are continuously implementing and updating administrative, technical, and physical security measures to help protect your Personal Data against unauthorized access, loss, misuse, destruction, unavailability or unauthorized changes. Oomnitza takes into account the risks associated with processing and the nature of personal data.
Oomnitza will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Oomnitza will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current.
PERSONAL DATA BREACH
As a Data Processor, Oomnitza will notify to a Customer (‘Data Controller’) without undue delay after becoming aware of a personal data breach.
The notification and information will be provided in phases without undue delay.
QUESTIONS OR CONCERNS
In compliance with the Privacy Shield Principles, Oomnitza commits to resolve complaints about our collection or use of your Personal Information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Oomnitza at:
Chief Technical Officer
393 Tehama St.,
San Francisco, CA 94103
We will make every effort to resolve your concerns and questions and respond within 4-5 days.
Oomnitza has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland. DPAs and FDPIC services are provided at no cost to you.
In certain circumstances, you may also have the right to pursue binding arbitration through the Privacy Shield Framework, as described in Annex I to the Privacy Shield Principles.
Effective Date: May 16, 2018
2019 © Oomnitza, Inc. All rights reserved.