Omniforge

Privacy Policy

Last updated: March 30, 2026

This Privacy Policy describes how Omniforge ("we," "us," or "our") collects, uses, and protects your personal information when you use the Omniforge platform ("Service"). By using the Service, you consent to the practices described in this policy. Please also review our Terms of Service.

1. Information We Collect

Information You Provide

  • Account information — name, email address, and password when you register using a registration code
  • Profile information — job title, department, phone number, and profile photo
  • Content you create — messages, tasks, board cards, timesheets, work orders, feedback, voice memos, file attachments, and other data you enter into the Service
  • Communication data — chat messages and notifications sent through the Service

Information Collected Automatically

  • Usage data — pages visited, features used, actions taken, and timestamps
  • Device information — browser type, operating system, device type, and screen resolution
  • Location data — approximate location derived from IP address; precise location only when you use features that require it (such as the time clock with geolocation)
  • Log data — IP address, access times, and error logs

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Authenticate your identity and manage access to your organization's tenant
  • Process timesheets, work orders, invoices, and other business operations
  • Enable real-time chat and notifications
  • Generate reports and analytics for your organization
  • Send service-related notifications (such as timesheet approvals or dispatch updates)
  • Improve the Service and develop new features
  • Detect, prevent, and address technical issues or security threats
  • Comply with legal obligations

3. Cookies & Session Data

The Service uses encrypted session cookies to authenticate your identity and maintain your login state. These cookies are essential for the Service to function and cannot be disabled. We use:

  • Session cookies — encrypted cookies that store your authentication state; these expire when you log out or after a period of inactivity
  • Theme preference — a local storage value that remembers your light/dark mode preference

We do not use third-party advertising cookies or tracking pixels.

4. Data Sharing & Third Parties

We do not sell your personal information. We may share your information in the following circumstances:

  • Within your organization — your data is accessible to other members of your tenant in accordance with the role-based access controls configured by your administrator
  • Service providers — we may use third-party services for hosting, email delivery, and infrastructure that process data on our behalf under strict confidentiality agreements
  • Legal requirements — we may disclose your information if required by law, regulation, legal process, or governmental request
  • Business transfers — in the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encrypted session cookies for authentication
  • HTTPS encryption for all data in transit
  • Role-based access controls within each tenant
  • Password hashing and secure credential storage
  • File upload validation with magic byte verification

While we take reasonable steps to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. When your account is deactivated or your organization's tenancy is terminated, we will retain your data for a reasonable period to allow for data export, after which it will be securely deleted. We may retain certain information as required by law or for legitimate business purposes (such as resolving disputes or enforcing agreements).

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

General Rights

  • Access — request a copy of the personal information we hold about you
  • Correction — request that we correct inaccurate or incomplete information
  • Deletion — request that we delete your personal information, subject to legal retention requirements
  • Portability — request your data in a structured, commonly used, and machine-readable format

European Economic Area (GDPR)

If you are located in the EEA, our legal bases for processing your information include: performance of our contract with you (providing the Service), your consent, compliance with legal obligations, and our legitimate interests in operating and improving the Service. You also have the right to object to processing and to restrict processing in certain circumstances.

California (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, contact your organization's administrator or reach out to us through the support channels available within the Service.

8. Children's Privacy

The Service is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly.

9. International Data Transfers

Your information may be stored and processed in any country where we operate or where our service providers maintain facilities. By using the Service, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules. We take steps to ensure your information receives an adequate level of protection wherever it is processed.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and may provide additional notice through the Service. Your continued use of the Service after the changes take effect constitutes your acceptance of the revised policy.

11. Contact Information

If you have any questions about this Privacy Policy or how we handle your personal information, please contact your organization's administrator or reach out to us through the support channels available within the Service.