1. Introduction
Omni‑Audit (“we,” “our,” or “us”) provides an enterprise‑grade financial intelligence platform that scans documents and digital wallets to recover dormant cryptocurrency, identify unused subscriptions, and detect hidden bank fees. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website and services (collectively, the “Service”).
We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA/CPRA).
2. Information We Collect
2.1 Information You Provide
- Account Information: Email address, password (hashed), and optional display name when you register.
- Payment Information: Payment method details are processed directly by our third‑party payment processors (Stripe, PayPal, NOWPayments). We do not store full credit card numbers or bank account details on our servers.
- Uploaded Documents: Bank statements (PDF/CSV) you upload for analysis. These files are processed in temporary storage and automatically deleted immediately after analysis is complete.
- Communications: Information you provide when contacting support or submitting inquiries.
2.2 Information Collected Automatically
- Usage Data: IP address, browser type, operating system, referring URLs, pages viewed, and timestamps.
- Cookies and Similar Technologies: We use essential cookies for authentication and security. Non‑essential cookies are only placed with your explicit consent. See our Cookie Policy for details.
3. How We Use Your Information
- To provide, maintain, and improve the Service.
- To process transactions and manage your subscription.
- To communicate with you about service updates, security alerts, and support messages.
- To detect and prevent fraud, abuse, and security incidents.
- To comply with legal obligations and enforce our Terms of Service.
Important: We do not use uploaded financial documents or seed phrases for any purpose other than providing the requested analysis. Private keys and seed phrases are never stored or logged.
4. How We Share Your Information
We do not sell your personal information. We may share information with:
- Service Providers: Trusted third parties who assist us in operating the Service, including:
- Supabase (database hosting)
- Stripe, PayPal, NOWPayments (payment processing)
- Render (cloud hosting infrastructure)
- Legal Requirements: When required by law, subpoena, or similar legal process.
- Business Transfers: In connection with a merger, acquisition, or sale of assets.
5. Data Retention
We retain personal information only as long as necessary to provide the Service and fulfill the purposes described in this Policy.
- Account Data: Retained until you delete your account.
- Uploaded Documents: Deleted immediately after analysis (Zero Data Retention).
- Private Keys / Seed Phrases: Never stored or logged.
- Transaction History: Retained for audit and legal compliance.
6. Your Rights (GDPR & CCPA)
Depending on your jurisdiction, you may have the right to:
- Access, correct, or delete your personal information.
- Object to or restrict certain processing activities.
- Data portability (receive your data in a structured format).
- Withdraw consent where processing is based on consent.
- Opt‑out of the sale or sharing of personal information (we do not sell data).
7. Security
We implement industry‑standard security measures including encryption (TLS), secure authentication, and access controls. However, no method of transmission over the Internet is 100% secure.
8. International Data Transfers
Your information may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where required.
9. Changes to This Policy
We may update this Privacy Policy periodically. The “Last updated” date indicates the latest revision. Continued use of the Service constitutes acceptance of the updated Policy.