Last updated: 3 March 2026
PRIVACY POLICY
Last updated: 3 March 2026
This Privacy Policy explains how Omnai Marketing Ltd collects, uses, stores, and protects your personal data when you use Omnai Gateway. We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
The data controller is Omnai Marketing Ltd, registered in England and Wales, with a registered address at 24 Lawrence Road, TW10 7LR. For any privacy-related queries please contact us at enquiries@omnai-marketing.co.uk.
2. What Data We Collect
We collect the following categories of data when you use Omnai Gateway:
Account Data
- Your name and email address when you register.
- Your business name and contact details.
- Your subscription plan and billing history. Payment card data is processed by Stripe and not stored by us.
Shopify Store Data
- Your Shopify store URL.
- Product data from your connected Shopify store including titles, descriptions, metafields, prices, and inventory information.
- Snapshots of original product data stored before any optimisation is applied.
- Your Shopify OAuth access token, stored securely and used only to read and write product data on your behalf.
Usage Data
- Activity logs recording actions taken within your account including optimisations applied, products updated, and settings changed.
- Technical data including IP address, browser type, and device information collected automatically when you use the Service.
3. How We Use Your Data
We use your data for the following purposes:
- To provide and operate the Omnai Gateway Service including connecting to your Shopify store, generating AI-optimised content, and syncing changes.
- To process payments and manage your subscription via Stripe.
- To send you transactional emails including payment confirmations, renewal reminders, and account notifications.
- To provide customer support and respond to your enquiries.
- To improve the Service through usage analysis and feedback.
- To comply with our legal obligations.
4. Legal Basis for Processing
We process your personal data on the following legal bases under UK GDPR:
- Contract: Processing necessary to provide the Service you have subscribed to.
- Legitimate interests: Improving the Service, preventing fraud, and maintaining security.
- Legal obligation: Compliance with applicable laws and regulations.
- Consent: Where you have explicitly agreed to receive marketing communications.
5. AI Processing of Product Data
Your product data is processed by Anthropic’s Claude AI model to generate optimised content. This processing occurs via Anthropic’s API. Your product data is used only to generate optimisations for your store and is not used to train AI models. We use Anthropic’s commercial API which operates under data processing terms consistent with GDPR requirements. You can review Anthropic’s privacy policy at anthropic.com/privacy.
6. Data Sharing
We do not sell your personal data. We share your data only with the following third parties where necessary to provide the Service:
- Shopify: To connect to and sync with your store via their API.
- Stripe: To process subscription payments securely.
- Anthropic: To process product data through their AI API for content optimisation.
- Hosting providers: Our infrastructure is hosted on secure cloud platforms. All providers are bound by data processing agreements.
7. Data Retention
We retain your data for the following periods:
- Account data: Retained for the duration of your subscription and for 2 years after account closure.
- Product snapshots and optimisation history: Retained for the duration of your subscription and deleted within 90 days of account closure.
- Billing records: Retained for 7 years in accordance with UK financial regulations.
- Activity logs: Retained for 12 months.
8. Your Rights
Under UK GDPR you have the following rights regarding your personal data:
- Right of access: Request a copy of the personal data we hold about you.
- Right to rectification: Ask us to correct inaccurate or incomplete data.
- Right to erasure: Ask us to delete your personal data subject to our legal retention obligations.
- Right to restrict processing: Ask us to limit how we use your data.
- Right to data portability: Request your data in a structured, machine-readable format.
- Right to object: Object to processing based on legitimate interests.
To exercise any of these rights please contact us at enquiries@omnai-marketing.co.uk. We will respond within 30 days. If you are unsatisfied with our response you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.
9. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. These measures include encrypted data storage, secure API authentication, and access controls limiting who within our organisation can access your data. However, no system is completely secure and we cannot guarantee absolute security.
10. Cookies
Omnai Gateway uses essential cookies necessary for the Service to function, including session authentication cookies. We do not use advertising or tracking cookies. By using the Service you consent to our use of essential cookies.
11. International Transfers
Some of our third-party service providers, including Anthropic and Stripe, are based outside the UK. Where your data is transferred outside the UK we ensure appropriate safeguards are in place in accordance with UK GDPR requirements, including standard contractual clauses where applicable.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a notice in your account dashboard. The date at the top of this policy indicates when it was last updated.
13. Contact Us
For any questions about this Privacy Policy or how we handle your data, please contact us at enquiries@omnai-marketing.co.uk or by post at Omnai Marketing Ltd, 24 Lawrence Road, TW10 7LR.