Legal

Omni World LLC — Privacy Policy

How Omni collects, uses, and protects information across our websites, dashboards, apps, and connected Instagram integrations.

This Policy explains how Omni collects, uses, and shares information when you visit our sites, create an account, use our apps and dashboards, or connect your Instagram accounts via Meta's official APIs.

Effective
November 3, 2025
Company
Omni World LLC ("Omni," "we," "us," "our")
Address
1111B S Governors Ave, STE 40258, Dover, DE 19904
Support
support@omniworld.app

1) Scope & Roles

This Policy covers how Omni handles information when you visit our sites, create an account, use our apps and dashboards, or connect Instagram accounts via Meta's official APIs (collectively, the "Services").

Omni's role shifts depending on the data involved. For website, account, billing, support, and product telemetry data we act as the controller. For customer-connected Instagram data processed on your behalf (for example, message metadata and engagement logs) we act as your processor/service provider under applicable US state privacy laws and as a processor under GDPR where relevant.

  • Role (Controller). For our website, account/billing, support, and product telemetry, Omni acts as a controller.
  • Role (Processor/Service Provider). For customer-connected Instagram data (including message metadata and engagement logs processed on your behalf), Omni acts as your processor/service provider.

Audience & Territory. The Services are for users 18+ located in the United States. We do not offer services to minors.

2) Information We Collect

2.1 Information you provide directly

  • Account. Name and email collected at signup.
  • Billing. Address, phone, and payment details handled by Stripe; Omni does not store full payment card data on our servers.

2.2 From connected platforms (Instagram via Meta APIs)

  • We ingest. Handles/IDs, profile metadata, followers/following, timestamps, media URLs, and engagement events such as story likes.
  • Message content. Processed only as needed to provide features; we do not store DM content by default.
  • Message metadata. Stored (for example, sender/recipient IDs and timestamps).

2.3 Product content you upload

Raw footage and final clips are stored in cloud storage. After 90 days, they move to cold ("glacier-like") storage; after 180 days inactive media (not viewed, modified, or requested) is permanently removed.

2.4 Logs & telemetry

Today we collect limited product telemetry. Planned telemetry includes IP, device, browser, and app events for security and abuse prevention.

2.5 Payments & support

  • Payments. Processed by Stripe; Omni receives receipts and limited billing metadata.
  • Support. Includes emails, tickets, and in-product support messages.

3) How We Use Information

  • Provide and operate the Services (Instagram automations, content editing, analytics).
  • Secure the Services, prevent abuse, and enforce policies.
  • Communicate about features, updates, and promotions (with unsubscribe controls).
  • Improve and research using de-identified or aggregated data.
  • Model improvement (opt-out). By default, we may use inputs and outputs to improve models; you can opt out anytime by emailing support@omniworld.app. The opt-out applies prospectively.
  • Comply with law, accounting, and tax obligations.

4) Cookies, Pixels, and Tracking

  • We do not currently use advertising or analytics cookies/pixels on our marketing site.
  • If we add marketing or analytics cookies later, we will update this Policy and provide appropriate controls (including California opt-out when applicable).
  • We honor Global Privacy Control (GPC) signals for any future sharing or targeted-ads settings.

5) Sharing & Subprocessors

We share information with service providers/subprocessors (hosting, infrastructure, email, analytics, payment, and Meta/Instagram APIs) under contract and only for the purposes described in this Policy. We may also share information for legal and safety reasons or as part of a business transfer (such as a merger or acquisition).

Current providers include:

  • Infrastructure/Storage. AWS and/or Google Cloud Platform.
  • Payments. Stripe.
  • Email. Resend.
  • Analytics (planned). PostHog.
  • Platform integrations. Meta/Instagram APIs.

We maintain and may update this list. Contact us for the latest version.

6) Your Choices

6.1 Communications

Unsubscribe from marketing emails using the link in the email or by contacting support@omniworld.app. We may still send transactional or service messages.

6.2 Model improvement opt-out

Email support@omniworld.app to opt out of the use of your inputs and outputs for model improvement. The opt-out applies prospectively.

7) Data Retention

We retain data only as long as necessary for the purposes described in this Policy or as required by law. Key windows include:

  • Account & billing records. 7 years (for tax and compliance).
  • DM content. Not stored by default.
  • DM metadata. 90 days (deletable upon request).
  • Engagement logs (for example, story likes). 180 days (deletable upon request).
  • Raw footage & final clips. Active storage; after 90 days moved to cold storage; after 180 days inactive media is permanently removed.
  • Support tickets. 12 months (longer if legally necessary).
  • Analytics/telemetry (when enabled). 24 months.
  • Backups. 90-day rolling window.

When you close your account, workspace data is retained for 30 days for export upon request, then deleted. Legal or safety copies may be retained as required.

8) Security

We use technical and organizational measures including TLS in transit, encryption at rest, least-privilege access, audit logging, regular backups, and vulnerability management. No method is 100% secure; please use strong, unique passwords and enable available account protections.

9) US State Privacy Rights

Residents of applicable states (including CA, VA, CO, CT, UT and similar laws) may have rights to access, correct, delete, export, and appeal decisions regarding personal information, and to opt out of targeted advertising and certain profiling.

  • Sale/Share statement. We do not sell or share personal information for cross-context behavioral advertising and never will.
  • Sensitive data. We do not intentionally collect sensitive categories (such as precise geolocation or biometrics) and do not use them for inferring characteristics.
  • Non-discrimination. We do not discriminate against you for exercising your rights.

Submit requests by emailing support@omniworld.app or via in-app privacy settings (when available). We may request information to verify your identity or authority, including for authorized agents. We aim to respond within 30 days, and may take up to 45 days with one 45-day extension when reasonably necessary (we will notify you). If we deny your request, you can appeal by emailing support@omniworld.app.

10) GDPR/International (fallback)

We operate in the United States. If you are in the EEA or UK and interact with us, Omni may act as a controller for website, account, billing, and support data, and as a processor for connected-account data processed on your behalf.

Legal bases include contract performance, legitimate interests (such as security and product improvement), consent where required, and legal obligations. You may have rights to access, rectify, erase, restrict, port, or object. Cross-border transfers (if any) rely on appropriate safeguards such as Standard Contractual Clauses. We do not offer services to children.

11) Children

The Services are for adults 18+. We do not knowingly collect information from minors.

12) Changes to This Policy

We may update this Policy. For material changes we will provide 30 days' advance notice by email and in-app. Continued use after the effective date means you accept the updates.

13) Contact

Questions or requests about privacy?

What we don't do

  • We do not store Instagram DM content by default.
  • We do not sell or share your data for targeted ads.
  • We do not serve minors.