<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=329106&amp;fmt=gif">

Privacy & Data Governance

Omnigo Software respects and protects the privacy of visitors to Omnigo.com, and our customers who use our services.  Omnigo Software maintains policies to ensure the privacy of our visitors and customers. This policy describes the types of information we may collect and our practices for how we collect, use, maintain, protect, and disclose such information.

By accessing or using the site or services, you agree to this policy. Your continued use of this site or services after we make changes to this policy is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Scope of this Policy

This policy outlines our commitment to protecting the privacy of individuals who visit our site and customers using our services and that have agreed to the terms. This policy applies to information that is automatically collected via the site or services or that is provided to us by visitors or customers.

Our services are intended for use by enterprises. When we process personal data on behalf of a customer, our customer is the data controller of personal information and Omnigo Software is a data processor under the General Data Protection Regulation (“GDPR”). When you visit our site or use our services, and we collect information from you, including personal data, Omnigo Software shall be the data controller for the collected data under the GDPR.

Collecting Information

Omnigo Software gathers a variety of information about our site visitors, customers, and end-users, including personally identified data, such as name, address, e-mail, phone numbers, or others by which you may be contacted online or offline; that is about you but individually does not identify you; and about your internet connection, the equipment you use to access our site or services and usage details.

We collect this information directly from you when you provide it to us; automatically as you navigate through the site; or from third parties which may track this information.

Information Provided

When you sign up to use our services or when you request certain materials, you may be required to provide personal data. During these processes we may ask you to provide your contact information and related information like your company name and website name.

Through your use of our site or services, we may also obtain personal data from records and copies of your correspondence (including email addresses), if you contact us; your responses to surveys that we might ask you to complete for research purposes; or details of transactions you carry out through our site or services.

We may obtain information if you provide information to be published or displayed on public areas of the site. This information is posted on and transmitted to others at your own risk. Please be aware that we cannot control the actions of other users of the site with whom you may choose to interact. Therefore, we cannot and do not guarantee that your interactions will not be viewed by unauthorized persons.

Information Automatically Collected

As you navigate through our site and services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and pattern. The information we collect automatically is statistical data and does not include personal information.  We may maintain it or associate it with personal information we collect in other ways. It helps us to improve our site and services and allows us to deliver a better and more personalized service, including enabling us to estimate our audience size and usage patterns, to store information about your preferences, and to recognize you when you return to our Site.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. A cookie can be classified by its lifespan and the domain to which it belongs. By lifespan, a cookie is either a session cookie that is erased when your browser is closed or a persistent cookie which remains on your hard drive for a pre-defined period of time. Cookies belonging to a domain are either first-party cookies which are set by the web server of the visited page and share the same domain, or third-party cookies stored by a different domain to the visited page (ex: JavaScript).
  • Flash Cookies. Certain features of our site may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Site. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, please visit Adobe’s Web Storage Settings panel here.
  • Log Files and Web Beacons. Pages of the site and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). Occasionally, we connect personal information to information gathered in our log files as necessary to improve our site and services. In such a case, we would treat the combined information in accordance with this policy. The EU Legislation on cookies and advisory body of data protection – WP29 exempts consent if the cookie is required for the sole purpose of carrying out the transmission of communication and is strictly necessary in order to provide the service. Cookies exempt from consent include:
    • user‑input cookies (session-id) such as first‑party cookies to keep track of the user's input when filling online forms, shopping carts, etc., for the duration of a session or persistent cookies limited to a few hours in some cases
    • authentication cookies, to identify the user once he has logged in, for the duration of a session
    • user‑centric security cookies, used to detect authentication abuses, for a limited persistent duration
    • multimedia content player cookies, used to store technical data to play back video or audio content, for the duration of a session
    • load‑balancing cookies, for the duration of session
    • user‑interface customization cookies such as language or font preferences, for the duration of a session (or slightly longer)
    • third‑party social plug‑in content‑sharing cookies, for logged‑in members of a social network.

We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us.

Using Information

Omnigo identifies the purposes for which the information is being collected before or at the time of collection. The collection of your Personal Data will be limited to that which is needed for the purposes identified by Omnigo. Unless you consent or we are required by law, we will only use the personal data for the purposes for which it was collected. If Omnigo Software will be processing your personal data for another purpose later on, Omnigo Software will seek your further legal permission or consent; except where the other purpose is compatible with the original purpose. We will keep your personal data only as long as required to serve those purposes. We will also retain and use your personal data for as long as necessary to comply with our legal obligations or to resolve disputes.

We may use aggregated information about our users and information that does not identify any individual, without restriction.

We use information about you, including personal data, for a variety of purposes, including:

  • To enable you to use our site or services
  • To provide you with information, products, or services that you request from us
  • To respond to your comments, questions, and requests
  • To provide customer service and support
  • To send you administrative messages about the site or services
  • To provide you with notices about your account, including expiration and renewal notices
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection
  • To notify you about changes to our Site or Services or any products or services we offer or provide through it
  • To allow you to participate in interactive features on the site or services
  • To monitor and analyze trends, usage, and activities in connection with the site and services
  • To investigate and prevent fraudulent transactions, unauthorized access to the site and the services, violations of the Terms, and other illegal activities;
  • To share testimonials or reviews that you may have posted to the site, services, or Omnigo Software social media pages
  • To compile benchmarking, research and development data, including, but not limited to your operational, financial and statistical data in order to provide de-identified comparative benchmarking services, decision support services and predictive management services to Omnigo Software customers and prospective customers and for use in Omnigo Software’s research and development of the Software. 
  • In any other way we may describe when you provide the information
  • For any other purpose with your consent

We may also use your information to contact you about goods and services that may be of interest to you. If you do not want us to use your information in this way, please follow the unsubscribe instructions included in our marketing communications.

Sharing Information  

We may disclose personal data that we collect or you provide:

  • To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them, including payment processors, storage contractors, and analytics contractors
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Omnigo Software’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Omnigo Software about our site or services users is among the assets transferred. Any successor in interest to this policy will be bound to the policy at the time of transfer
  • To our subsidiaries and affiliates

We may also disclose your personal information:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request
  • To enforce or apply our Terms and other agreements, including for billing and collection purposes
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Omnigo Software, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Customer Data

“Customer Data” means any and all data, information or material provided or submitted by Customers to Omnigo Software by any means, including Personal Data of Customer employees, contractors, and End-Users. We only process Customer Data as per our Customer's instructions. For purposes of the GDPR, we are the processor and not the controller of the Customer Data. Our European Economic Area (“EEA”) are the controllers of that data and are responsible for compliance with the applicable data protection law.

As the controller, it is our Customers’ responsibility to inform End-Users about the processing, and, where required, obtain necessary consent or authorization for any Personal Data that is collected as part of the Customer Data. As the processors of Personal Data on behalf of our customers, we follow customer’s instructions with respect to the Customer Data to the extent consistent with the functionality of our Services. In doing so, we implement technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, Personal Data.

Data Security

We have implemented appropriate technical and organizational measures designed to secure Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. The measures we use are designed to provide a level of security appropriate to the risk of processing Personal Data. All information you provide to us is stored on our secure servers behind firewalls.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Site or Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Site and Services like company profile pages or message boards. The information you share in public areas may be viewed by any user of the Site.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your Personal Data transmitted to the Site or Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site or Services.

Specific Data Regulations

GDPR

The GDPR is legislation to protect individuals within the European Union (EU), enforceable May 25, 2018. It is binding and applicable to all EU member countries, which means it does not require national governments to pass any additional legislation.

The GDPR applies to personal data when the data controller (an organization that collects data from EU residents) or data processor (an organization that processes data on behalf of the data controller) or the data subject is based in the EU area. It also applies to organizations based outside of the EU in case they collect or process personal data of EU residents.

The GDPR defines personal data as any data related to an identified or identifiable natural person (data subject).  When a service supplied by Omnigo Software acts as a Data Processor on a customer’s behalf, our customers - as Data Controllers - are responsible for ensuring that their use of our products is in compliance with the GPDR.

Omnigo Software is a Data Processor. The products process the personal data collected in these products on behalf of its customers, and those customers are either Data Processors as well or the Data Controllers of said data. As a Data Processor, Omnigo Software processes said data only on the instructions from its customers.

To achieve compliance, Omnigo Software:

  • Has a data protection steering group review all system and process changes related to data protection and handle questions and requests from customers and other stakeholders.
  • Assesses customer implementations to understand the data elements collected within the Omnigo Software platforms.
  • Develops technical and organizational processes to maintain data subject’s rights.
  • Documents the life-cycle of personal data collected by the Omnigo Software platforms.
  • Creates internal guidelines and trains staff to be aware of the requirements of the GDPR.
  • Covers data tracking and protection issues in our subscription agreements.

CJIS

The Criminal Justice Information Services Division (CJIS) is a division of the United States Federal Bureau of Investigation (FBI). CJIS databases contain all necessary information for detaining criminals, performing background checks, and tracking criminal activity.

Criminal Justice Information (CJI) is data necessary for law enforcement and civil agencies to perform their missions including biometric, identity history, biographic, property and case/incident history data. This includes any data obtained from both state and national CJIS data systems.

The CJIS Security Policy provides guidance for the creation, viewing, modification, transmission, dissemination, storage, and destruction of CJI. Omnigo Software is a contracting private entity that operates in support of criminal justice services and information. All current and prospective Law Enforcement customers require Omnigo Software be CJIS-compliant to support our products.

Omnigo Software offices and servers are physically secured. Non-CJIS certified personnel with access to physically secure locations or controlled areas are always escorted by authorized personnel.

HIPPA

The Health Insurance Portability and Accountability Act (HIPPA) mandates industry-wide standards for health care information and requires the protection and confidential handling of protected health information.

The HIPAA Privacy regulations require health care providers and organizations, as well as their business associates, to develop and follow procedures that ensure the confidentiality and security of protected health information (PHI) when it is transferred, received, handled, or shared.  Only the minimum health information necessary to conduct business is to be used or shared.  Records maintained in our products may fall into this category.

HIPPA Includes exclusions for Law Enforcement Officials, which may be viewed in the official document.  There are no exclusions for Hospital Security Department/Public Safety Departments that are not Law Enforcement Agencies.

The HIPAA Privacy Rule applies only to covered entities: health plans, health care clearinghouses, and certain health care providers. The Privacy Rule allows covered providers and health plans to disclose protected health information to “business associates,” which is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity. There are specific items that must be included in the contract with business associates, please see the official document for more detail.

Omnigo Software is a “business associate” of our healthcare customers. 

FERPA

The Family Educational Rights and Privacy Act (FERPA) protects personally identifiable information in students’ education records from unauthorized disclosure.

The FERPA Privacy regulations apply to all educational agencies and institutions that receive funds under any program administered by the Family Policy Compliance Office in the United States Department of Education. Public and Private Educational Agencies and Institutions (i.e.:  schools and school districts) often rely on service providers to handle services they cannot efficiently provide themselves, such as applications that house student information.  Omnigo Software is a service provider to these agencies and institutions.

When schools and districts outsource institutional services or functions, FERPA permits the disclosure of PII from education records to contractors, consultants, volunteers, or other third parties.  Omnigo Software maintains data security and ensures our customers are able to access and control their data.

 

Request a Demo

Find out how Omnigo can help solve your unique security challenges with innovative solutions that enable you to prevent, detect, and respond to potential threats more effectively.

Request Now