PRIVACY POLICY

OMNI MIND TECHNOLOGIES L.L.C-FZ

1. INTRODUCTION AND SCOPE

This Privacy Policy governs the collection, processing, storage, and disclosure of personal data by OMNI MIND TECHNOLOGIES L.L.C-FZ ("OmniMind," "we," "us," or "our"), a limited liability company registered in the Meydan Free Zone, Dubai, United Arab Emirates under License Number 2541171.01.

This policy applies to all users of our website located at OmniMindTechnologies.com (the "Website"), our software platforms, applications, and related services (collectively, the "Services"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

If you do not agree with any provision of this Privacy Policy, you must immediately discontinue use of our Services. This policy should be read in conjunction with our Terms of Service and any other applicable agreements.

2. DEFINITIONS

For the purposes of this Privacy Policy, the following terms shall have the meanings ascribed to them below:

1. "Personal Data" means any information relating to an identified or identifiable natural person, including but not limited to name, email address, identification number, location data, online identifier, or factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

2. "Processing" means any operation performed on Personal Data, whether automated or not, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, restriction, erasure, or destruction.

3. "Data Subject" means the individual to whom Personal Data relates.

4. "Controller" means the entity that determines the purposes and means of Processing Personal Data. OmniMind acts as Controller with respect to Personal Data collected through the Services.

5. "Processor" means an entity that processes Personal Data on behalf of the Controller.

3. INFORMATION WE COLLECT

3.1 Personal Data Provided by Users

We collect Personal Data that you voluntarily provide to us when you:

• Complete forms, surveys, or questionnaires on our Website;

• Request information about our products or Services;

• Communicate with us through our contact center, support channels, or customer service;

• Otherwise interact with our Services.

Such Personal Data may include, but is not limited to:

• Full legal name, contact information (email address, telephone number, business address);

• Organization or company name, job title, and business-related information;

• Payment and billing information (credit card details, billing address, transaction history);

• Any other information you choose to provide to us.

3.2 Automatically Collected Data

When you access or use our Services, we automatically collect certain technical and usage data, including:

• Device information (device type, operating system, browser type and version, unique device identifiers);

• Network information (IP address, Internet Service Provider, approximate geographic location);

• Usage data (pages visited, features accessed, time spent on pages, clickstream data, referral sources);

• Performance and diagnostic data (error logs, system performance metrics, crash reports);

• Date and time stamps of access and activities.

3.3 Cookies and Similar Technologies

We employ cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect data about your browsing activities and interactions with our Services. These technologies help us analyze usage patterns, remember your preferences, authenticate users, and improve the functionality and performance of our Services.

We use the following categories of cookies:

1. Strictly Necessary Cookies: Essential for the operation of our Services, including authentication, security, and load balancing.

2. Functional Cookies: Enable enhanced functionality and personalization, such as language preferences and user interface customization.

3. Analytical/Performance Cookies: Collect aggregated information about how visitors use our Services to help us improve functionality and user experience.

4. Targeting/Advertising Cookies: Used to deliver relevant advertisements and marketing communications based on your interests and browsing behavior.

You may control cookie preferences through your browser settings. However, disabling certain cookies may limit your ability to use some features of our Services.

3.4 Communication and Interaction Data

When you communicate with us or interact with our artificial intelligence agents, chatbots, contact center, or support systems, we collect and retain the content of such communications, including but not limited to: chat transcripts, email correspondence, voice recordings, support tickets, uploaded files and documents, and any other information exchanged during such interactions. This data is processed to provide customer support, improve our Services, train our artificial intelligence systems, and fulfill our contractual obligations.

4. LEGAL BASIS FOR PROCESSING

Our processing of Personal Data is conducted in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) where applicable. We process Personal Data on the following legal bases:

1. Consent: Where you have provided explicit, informed, and freely given consent for specific processing activities. You may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

2. Contractual Necessity: Where processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract.

3. Legal Obligation: Where processing is necessary for compliance with legal obligations to which we are subject under applicable law.

4. Legitimate Interests: Where processing is necessary for the purposes of legitimate interests pursued by us or a third party, except where such interests are overridden by your fundamental rights and freedoms. Our legitimate interests include operating and improving our Services, ensuring security, preventing fraud, conducting research and development, and marketing our Services.

5. PURPOSE OF PROCESSING

We process Personal Data for the following purposes:

5.1 Service Provision and Account Management

• Providing access to and functionality of our Services;

• Processing transactions and managing billing and payments;

• Fulfilling our contractual obligations to you.

5.2 Customer Support and Communication

• Responding to inquiries, requests, and support tickets;

• Providing technical assistance and troubleshooting;

• Sending transactional communications, service updates, and administrative notices;

• Managing customer relationships and communications.

5.3 Artificial Intelligence Development and Training

• Training and improving our artificial intelligence models, algorithms, and machine learning systems;

• Enhancing natural language processing capabilities;

• Developing predictive analytics and recommendation systems;

• Conducting research and development activities to advance our technology.

5.4 Service Improvement and Analytics

• Analyzing usage patterns and user behavior to improve our Services;

• Conducting statistical analysis and generating aggregated reports;

• Identifying and resolving technical issues and bugs;

• Optimizing performance, functionality, and user experience;

• Conducting market research and business intelligence activities.

5.5 Security and Fraud Prevention

• Detecting, preventing, and investigating security incidents, fraud, and unauthorized access;

• Monitoring and maintaining the security and integrity of our systems and infrastructure;

• Implementing access controls and authentication measures;

• Complying with security standards and best practices.

5.6 Marketing and Promotional Activities

• Sending marketing communications, newsletters, and promotional materials (where you have consented or where permitted by law);

• Conducting targeted advertising and personalized marketing campaigns;

• Organizing and managing events, webinars, and promotional activities;

• Measuring the effectiveness of marketing campaigns.

5.7 Legal Compliance and Protection

• Complying with applicable laws, regulations, and legal obligations;

• Responding to legal process, court orders, and governmental requests;

• Enforcing our Terms of Service and other agreements;

• Protecting our rights, property, and safety, and that of our users and the public;

• Establishing, exercising, or defending legal claims.

6. DATA SHARING AND DISCLOSURE

We do not sell, rent, or trade Personal Data to third parties for their marketing purposes. We may share Personal Data with the following categories of recipients under the circumstances described below:

6.1 Service Providers and Processors

We engage third-party service providers to perform functions on our behalf, including cloud infrastructure hosting, data storage, payment processing, email delivery services, customer relationship management, analytics services, marketing automation, and technical support. These service providers are contractually obligated to process Personal Data only in accordance with our instructions and to implement appropriate technical and organizational measures to protect Personal Data. They are prohibited from using Personal Data for their own purposes or disclosing it to unauthorized parties.

6.3 Legal and Regulatory Requirements

We may disclose Personal Data when required or permitted by law, including to comply with subpoenas, court orders, legal process, or governmental requests; to establish or exercise our legal rights; to defend against legal claims; to investigate, prevent, or take action regarding suspected or actual illegal activities, fraud, threats to physical safety, violations of our Terms of Service, or as otherwise required by applicable law.

6.4 With Your Consent

We may share Personal Data with third parties when you have provided explicit consent for such disclosure, including when you authorize integration with third-party services or applications.

6.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify individual Data Subjects with third parties for research, analytics, marketing, or other business purposes. Such data is not considered Personal Data under this Privacy Policy.

7. DATA SECURITY

We implement and maintain appropriate technical and organizational security measures designed to protect Personal Data against unauthorized access, alteration, disclosure, destruction, or loss. Our security measures include:

• Encryption of data in transit using Transport Layer Security (TLS) protocols;

• Network security measures including firewalls, intrusion detection and prevention systems;

• Access controls based on role-based permissions and least privilege principles;

• Multi-factor authentication for administrative access;

• Regular security assessments, vulnerability scanning, and penetration testing;

• Security monitoring and incident response procedures;

• Employee training on data protection and security best practices;

• Physical security controls for data centers and facilities;

While we employ industry-standard security measures, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security of Personal Data.

8. DATA RETENTION

We retain Personal Data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The retention period depends on the nature of the data, the purposes for which it was collected, and applicable legal or regulatory requirements.

Our retention criteria include:

• Account data is retained for the duration of your account's active status and for a reasonable period thereafter to allow for account reactivation;

• Transaction and financial records are retained for seven (7) years in accordance with applicable accounting and tax regulations;

• Communication and interaction data is retained in identifiable form for up to ninety (90) days, after which it is anonymized for AI training purposes;

• Anonymized and aggregated data used for AI training and analytics may be retained indefinitely;

• Security logs and incident reports are retained for one (1) year for security monitoring and investigation purposes;

• Data necessary for legal compliance, dispute resolution, or enforcement of our agreements is retained for the period required by applicable law or until such matters are resolved.

Upon expiration of the applicable retention period, Personal Data is securely deleted or anonymized in accordance with our data deletion procedures. Deleted data cannot be recovered.

9. DATA SUBJECT RIGHTS

Subject to applicable law, including the GDPR where applicable, you have the following rights regarding your Personal Data:

9.1 Right of Access

You have the right to obtain confirmation as to whether we process your Personal Data and, where applicable, to access such Personal Data and receive information about the processing, including the purposes, categories of data, recipients, retention periods, and your rights.

9.2 Right to Rectification

You have the right to request correction of inaccurate Personal Data and to have incomplete Personal Data completed, taking into account the purposes of the processing.

9.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your Personal Data where:

• The Personal Data is no longer necessary for the purposes for which it was collected;

• You withdraw consent and there is no other legal basis for processing;

• You object to processing and there are no overriding legitimate grounds;

• The Personal Data has been unlawfully processed;

• Deletion is required to comply with a legal obligation.

This right is subject to exceptions, including where processing is necessary for compliance with legal obligations, establishment or defense of legal claims, or for archiving purposes in the public interest.

9.4 Right to Restriction of Processing

You have the right to request restriction of processing where:

• You contest the accuracy of the Personal Data (for a period enabling verification);

• Processing is unlawful and you oppose erasure and request restriction instead;

• We no longer need the Personal Data but you require it for legal claims;

• You have objected to processing pending verification of whether our legitimate grounds override yours.

9.5 Right to Data Portability

Where processing is based on consent or contract and is carried out by automated means, you have the right to receive your Personal Data in a structured, commonly used, and machine-readable format and to transmit that data to another controller without hindrance.

9.6 Right to Object

You have the right to object to processing of your Personal Data based on legitimate interests or for direct marketing purposes. Upon receiving an objection, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is necessary for establishment, exercise, or defense of legal claims.

9.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

9.8 Exercising Your Rights

To exercise any of the above rights, please submit a request to info@omnimindtechnologies.com or through your account settings where applicable. We will respond to verified requests within thirty (30) days of receipt, or within the timeframe required by applicable law. We may request additional information to verify your identity before processing your request. There is no fee for exercising these rights unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable administrative fee or refuse to act on the request.

If we are unable to fulfill your request, we will provide an explanation of the reasons and inform you of your right to lodge a complaint with a supervisory authority.

10. THIRD-PARTY WEBSITES AND SERVICES

Our Website and Services may contain links to third-party websites, applications, or services that are not owned or controlled by OmniMind. This Privacy Policy applies only to our Services. We are not responsible for the privacy practices, content, or security of third-party websites or services. We encourage you to review the privacy policies of any third-party websites or services before providing any Personal Data to them.

Any integration with third-party services requires your explicit authorization. When you authorize such integration, you agree to share your data with the third party in accordance with their privacy policy. We are not responsible for third-party processing of your Personal Data.

11. AMENDMENTS TO THIS PRIVACY POLICY

We reserve the right to modify, amend, or update this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other operational, legal, or regulatory reasons. When we make material changes to this Privacy Policy, we will provide notice through one or more of the following methods:

• Posting a notice on our Website;

• Sending an email notification to the email address associated with your account;

• Displaying a prominent notice within our Services.

Material changes will become effective thirty (30) days after notice is provided, unless otherwise required by law. Non-material changes will become effective immediately upon posting the updated Privacy Policy. Your continued use of our Services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.

We maintain a version history of this Privacy Policy, which is available upon request. The "Effective Date" at the top of this Privacy Policy indicates when this version was last updated.

12. CONTACT INFORMATION

For any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us:

OMNI MIND TECHNOLOGIES L.L.C-FZ

Registered Address:

Meydan Grandstand, 6th floor, Meydan Road, Nad Al Sheba, Dubai, United Arab Emirates

Privacy Inquiries:

Email: info@omnimindtechnologies.com

Website: OmniMindTechnologies.com

13. GOVERNING LAW AND JURISDICTION

This Privacy Policy shall be governed by and construed in accordance with the laws of the United Arab Emirates and the regulations of the Meydan Free Zone, without regard to conflict of law principles. Subject to your rights to lodge a complaint with a supervisory data protection authority, any disputes arising out of or relating to this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Dubai, United Arab Emirates.

Where applicable, this Privacy Policy also complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in jurisdictions where we operate or where our users are located.