Your privacy and the protection of your personal data are a priority for us. We therefore ask you to read carefully our Privacy and Data Protection Policy where we describe who we are, for what purposes we treat your personal data, how we treat it, with whom we share it, for how long we keep it, and how you can exercise your rights.
OmoLab komunikacije d.o.o., located at Avenija Dubrovnik 15/12, 10000 Zagreb, Croatia („OmoLab“, “we”, „our“), hereby undertakes to protect personal data of users of the Omotype web (Services). Any personal data we gather is used to aid the provision of our products/services. All personal information collected is safely stored and available only to employees whose jobs require access to such information. All OmoLab employees are under obligation to respect the principles of privacy protection. At OmoLab, we have a few fundamental principles:
We are thoughtful about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
We store personal information for only as long as we have a reason to keep it.
We help protect you from overreaching government demands for your personal information.
We aim for full transparency on how we gather, use, and share your personal information.
How and Why We Use The Information We Collect
We only collect and use the information about you for the purposes:
To provide our Services. For example, to set up and maintain your account, provide customer service, process payments, and orders, and verify user information.
To ensure quality, maintain safety, and improve our Services. For example, by providing automatic upgrades and new versions of our Services. Or, for example, by monitoring and analyzing how users interact with our Services so we can create new features that we think our users will enjoy and that will help them to learn and read more easily, as well as making predictions about user retention.
To protect our Services, our users, and the public. For example, by detecting security incidents; detecting and protecting against malicious, deceptive, fraudulent, or illegal activity; fighting spam; complying with our legal obligations. To fix problems with our Services. For example, by monitoring, debugging, repairing, and preventing issues. This means we collect information about the actions that site administrators and users perform on a site.
To customize the user experience. For example, to personalize your experience by serving you relevant notifications and content. This means, for example, we collect information when you create or make changes, such as what font, size, thickness, background color and which features you use.
To communicate with you. For example, by emailing you to ask for your feedback, share tips for getting the most out of our products, or keep you up to date on OmoType.
Location information: We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.
Stored information: We may access information stored on your mobile device via our mobile app. We access this stored information through your device operating system’s permissions. For example, you give us permission to access the photographs on your mobile device’s camera roll to convert photos to text documents.
Legal Basis for Collecting and Using Information
A note here for those in the European Union about our legal grounds for processing information about you under EU data protection laws, which is that our use of your information is based on the grounds that:
(1) The use is necessary in order to fulfill our commitments to you under the applicable terms of service or other agreements with you or is necessary to administer your account — for example, in order to enable access to our website on your device or charge you for a paid plan; or
(2) The use is necessary for compliance with a legal obligation; or
(3) The use is necessary in order to protect your vital interests or those of another person; or
(4) We have a legitimate interest in using your information — for example, to provide and update our Services; to improve our Services so that we can offer you an even better user experience; to safeguard our Services; to communicate with you; to measure; to monitor and prevent any problems with our Services; and to personalize your experience; or
Your personal data will be processed in accordance with the terms and provisions of the General Data Protection Regulation- Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 (GDPR).
We share information about you in limited circumstances, and with appropriate safeguards on your privacy.
Third-party vendors: We may share information about you with third-party vendors who need the information in order to provide their services to us. This includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information, payment providers you use for your own ecommerce operations, fraud prevention services that allow us to analyze fraudulent payment transactions, cloud storage services, postal and email delivery services that help us stay in touch with you).
Aggregated or de-identified information: We may share information that has been aggregated or de-identified, so that it can no longer reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
Your information, which we receive when you use our services, may be transferred to and from the United States, the EU and other countries we may operate in. In some of those countries, the privacy and data protection laws and rules on when the data may be accessed may differ from those in the country where you live. As such, we ensure an adequate level of protection for the rights of the data subjects based on adequacy of the receiving country’s data protection laws, contractual obligations placed on the recipient of the data or other legal bases to lawfully transfer personal data around the world, the EU-US Privacy Shield or EU Commission approved model contractual clauses.
How Long We Keep Information
We generally discard information about you when it is no longer needed for the purposes for which we collect and use it and we’re not legally required to keep it.
Your personal data will be anonymised or deleted if your last interaction with our Services was over 5 years ago.
While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so.
We monitor our Services for potential vulnerabilities and attacks.
The processing of personal data shall only occur under instructions from OmoLab or a certified and allowed third party, unless a natural or legal person is required to so by law.
We ensure reasonable efforts to check that the consent given is in line with the law, namely concerning the consent to process children’s data.
European General Data Protection Regulation (GDPR)
If you are located in a country that falls under the scope of the GDPR, data protection laws give you certain rights with respect to your personal data, subject to any exemptions provided by the law, including the rights to:
Request access to your personal data, as well as to the purposes of the processing, the category of the data, the recipients, the intended storage period and the existence or otherwise of automated decisions, including the definition of profiles;
Request correction or deletion of your personal data, if they are inaccurate or incomplete;
Object to our use and processing of your personal data, whenever it is no longer necessary for the purposes for which it was processed, whenever consent is withdrawn when this is the only legal basis for the processing, whenever you object to the processing in cases where it is done for the purposes of direct marketing, or whenever your data have been processed unlawfully;
Request that we limit our use and processing of your personal data, whenever you contest the accuracy of your personal data and during the period of time in which we verify the accuracy of such data, whenever the processing is illicit and in the circumstance that you have opposed the erasure of the data, wanting only the limitation of its use, or whenever your personal data are no longer necessary for the purposes for which they were processed, but are nevertheless required by you for the purpose of declaration, exercise or defense of a right in a legal proceeding;
Request portability of your personal data, which means that you have the right to receive the personal data concerning you and that you have provided to us in a structured, commonly used and automatically readable format, and also the right to pass on such data to another controller;
You also have the right to make a complaint to a government supervisory authority.
When you contact us about one of your rights under this section, we’ll need to verify that you are the right person before we disclose or delete anything. For example, if you are a user, we will need you to contact us from the email address associated with your account. You can also designate an authorized agent to make a request on your behalf by giving us written authorization. We may still require you to verify your identity with us.
You should note that in certain cases (e.g. due to legal requirements), your request may not be fulfilled immediately. In any case, you will be informed without delay about the reasons why we did not comply with your request.
The Right to Object
If you consider that, in the course of processing your personal data, we committed any violation of the European Regulation on data protection and privacy, please do not hesitate to contact us at email@example.com. Additionally, you can file a complaint with your Personal Data Protection Agency.
The information in our Privacy and Data Protection Policy can be updated at any time, so we recommend that you consult this page regularly. Whenever our Privacy and Data Protection Policy changes, you will be informed when you visit our website.