1. Who we are
Omniloud (omniloud.com) is operated by DROPP-X Daniel Jedrzejak, Mostki 8, 63-507 Mostki, Poland, VAT ID: PL5140359181 ("we", "us"). We are the data controller for the processing described here. Contact: [email protected].
2. Scope
This policy covers visitors to omniloud.com and anyone who contacts us by email. The Omniloud platform is currently invite-only; before customer accounts go live, this policy will be updated to cover platform data in detail.
3. What we process, why, and on what basis
- Correspondence. If you email us (for example to request access), we process your email address, your name if you provide it, and the content of your message — to respond, to manage access requests, and to keep a record of the exchange. Legal basis: Article 6(1)(b) GDPR (steps taken at your request prior to a contract) and Article 6(1)(f) GDPR (our legitimate interest in handling correspondence).
- Analytics. We use Cloudflare Web Analytics, a privacy-first, cookieless measurement tool. It sets no cookies, uses no localStorage and does not fingerprint or track you across sites. We see only aggregated metrics such as page views, referrers, country and browser class. Legal basis: Article 6(1)(f) GDPR (understanding how the site is used).
- Technical logs. Cloudflare, which serves and protects this site, processes standard connection data (such as IP address and user agent) for security and delivery, with short standard retention. Legal basis: Article 6(1)(f) GDPR (site operation and security).
This website does not use cookies. That is why you do not see a cookie banner.
4. Recipients of data
We use a small number of service providers acting as processors or independent controllers:
- Cloudflare, Inc. (USA) — hosting, CDN, DNS, email routing and cookieless analytics.
- Google LLC (USA) — email infrastructure for our hello@ mailbox (Gmail).
When platform integrations launch (for example social or publishing APIs), the providers involved will be listed here before any customer data flows to them.
5. Transfers outside the EEA
Our providers above process some data in the United States. Transfers rely on the EU–U.S. Data Privacy Framework and/or Standard Contractual Clauses.
6. Retention
Correspondence: up to 24 months after our last exchange, unless a longer period is required by law or needed to establish or defend legal claims. Analytics data is aggregated and does not identify you. Technical logs follow Cloudflare's standard short retention periods.
7. Your rights
Under the GDPR you have the right to access, rectify and erase your data, to restrict or object to processing, and to data portability. To exercise any of these rights, email [email protected]. You also have the right to lodge a complaint with the Polish supervisory authority: Prezes Urzędu Ochrony Danych Osobowych (PUODO), ul. Stawki 2, 00-193 Warsaw, uodo.gov.pl.
8. Data Deletion
To request deletion of your personal data — including, in the future, any data associated with accounts or integrations connected to Omniloud — email [email protected] with the subject line "Data Deletion Request", sent from (or identifying) the address or account concerned.
We will confirm receipt within 72 hours with a reference code, complete the deletion within 30 days, and confirm completion to you. This section serves as our data-deletion instructions for third-party platform integrations (including Meta) that require a public deletion-request URL: https://omniloud.com/privacy#data-deletion.
9. Children
This site and service are not directed to children under 16, and we do not knowingly process their data.
10. Changes
We will post any changes here with a new version number and effective date.