Privacy Policy

OmniPATH.AI (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect personal data when you use our website and AI-powered accounts payable software (the “Services”), in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are
OmniPATH.AI is the controller of your personal data when you interact with our website or services.

Data Controller Contact:
OmniPATH.AI
Email: info@omnipath.ai
Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

2. What Personal Data We Collect
We may collect and process the following types of personal data:
a) Data You Provide
- Name, email address, job title, business name.
- Account login credentials.
- Payment or invoicing information (e.g. billing address, VAT number).
- Communications sent to us (e.g. enquiries, support requests).

b) Automatically Collected Data
- Technical data: IP address, browser type, operating system, device information.
- Usage data: website interactions, access times, referring URLs.
- Cookie data: tracking technologies for analytics and functionality (see Section 7).

c) Third-Party Sources
- Data from integrated platforms (e.g. accounting software), with your permission.
- Referrals or lead generation partners.

3. Lawful Basis for Processing
Under the UK GDPR, we must have a valid lawful basis for processing your personal data. We rely on the following bases:
- Contractual necessity – to provide the Services you’ve requested.

- Legitimate interests – such as service improvement, security, and marketing (balanced against your rights).

- Legal obligation – where required for compliance with laws or regulations.

- Consent – where legally required, such as for email marketing or non-essential cookies.

You may withdraw your consent at any time by contacting us.

4. How We Use Your Data
We use personal data to:
- Provide, maintain, and improve our Services.

- Set up and manage your user account.

- Communicate with you (support, service updates, marketing where permitted).

- Monitor website usage and perform analytics.

- Detect and prevent fraud or misuse.

- Fulfil legal obligations.

5. Sharing Your Data
We only share data where necessary and in line with the UK GDPR:
- Third-party service providers – e.g. hosting, analytics, payment processors.

- Business integrations – such as accounting or ERP systems you authorise.

- Professional advisers – legal, financial or compliance-related support.

- Regulators or law enforcement – where required by law or to protect legal rights.

- Business transfers – if part of a sale, merger or acquisition.

We require all third parties to respect your data and comply with applicable data protection laws.

6. International Transfers
If personal data is transferred outside the UK (e.g. to US-based cloud services), we ensure appropriate safeguards are in place, including:
- Adequacy regulations by the UK Government.

- Standard Contractual Clauses (SCCs) approved by the UK ICO.

7. Cookies and Tracking
We use cookies and similar technologies in accordance with the Privacy and Electronic Communications Regulations (PECR).
- Essential cookies – required for site functionality.

- Analytics cookies – to improve performance (only with your consent).

- Marketing cookies – only where explicit consent is given.

You can manage your cookie preferences via our cookie banner or your browser settings.

8. Your Data Rights
Under UK data protection law, you have the following rights:
- Access – receive a copy of your personal data.

- Rectification – correct inaccurate or incomplete data.

- Erasure – request deletion of your data (the "right to be forgotten").

- Restriction – pause processing in certain circumstances.

- Data portability – transfer your data to another provider.

- Objection – to certain types of processing, including direct marketing.

- Withdraw consent – where processing is based on consent.

To exercise your rights, contact us at [Insert Contact Email]. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO): https://ico.org.uk

9. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including encryption, secure access controls, and regular reviews. While no system is entirely secure, we take data protection seriously and regularly review our practices.

10. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes it was collected for, including legal, accounting, or regulatory requirements. After this period, we securely delete or anonymise data.

11. Third-Party Websites
Our website may contain links to external sites. We are not responsible for their content or privacy practices. Please review their policies before submitting any personal data.

12. Changes to This Policy
We may update this Privacy Policy to reflect legal or operational changes. The latest version will always be posted on our website with the updated date. We recommend reviewing it periodically.

13. Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact:

OmniPATH.AI
Email: info@omnipath.ai
Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ