OmniLawBack to Home

Privacy Policy

Last updated: February 17, 2026

1. Introduction

OmniLaw ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our AI-powered legal research platform and website (collectively, the "Service").

We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable national data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

OmniLaw

Email: support@omnilaw.ai

3. Personal Data We Collect

We may collect the following categories of personal data:

  • Account Information: Name, email address, password (hashed), organization name, and professional role when you create an account.
  • Usage Data: Search queries, features used, session duration, pages visited, and interaction patterns within the platform.
  • Technical Data: IP address, browser type and version, operating system, device information, and referring URLs.
  • Payment Data: Billing address and payment method details. Payment processing is handled by third-party processors; we do not store full payment card numbers.
  • Communications: Content of emails or messages you send to our support team, and newsletter subscription preferences.

4. Legal Basis for Processing

We process your personal data on the following legal bases under the GDPR:

  • Contract Performance (Art. 6(1)(b)): To provide and maintain our Service, process your subscription, and deliver the legal research functionality you have requested.
  • Legitimate Interests (Art. 6(1)(f)): To improve our Service, ensure security, prevent fraud, and provide customer support.
  • Consent (Art. 6(1)(a)): For marketing communications and non-essential cookies. You may withdraw consent at any time.
  • Legal Obligation (Art. 6(1)(c)): To comply with applicable laws, regulations, and legal processes.

5. How We Use Your Data

We use your personal data to:

  • Provide, operate, and maintain the OmniLaw platform
  • Process and manage your account and subscription
  • Improve our AI-powered search and analysis capabilities
  • Send service-related notifications and updates
  • Respond to your inquiries and provide customer support
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your data with:

  • Service Providers: Cloud hosting (Google Cloud Platform), payment processors, analytics providers, and email service providers who process data on our behalf under appropriate data processing agreements.
  • Legal Requirements: When required by law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice to you.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When such transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission or other legally recognized transfer mechanisms.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Account data is retained for the duration of your account plus 30 days after deletion. Usage logs are retained for up to 12 months. Payment records are retained as required by applicable tax and accounting laws.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Access — Request a copy of the personal data we hold about you
  • Rectification — Request correction of inaccurate or incomplete data
  • Erasure — Request deletion of your personal data ("right to be forgotten")
  • Restriction — Request restriction of processing of your data
  • Data Portability — Request your data in a structured, machine-readable format
  • Objection — Object to processing based on legitimate interests
  • Withdraw Consent — Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at support@omnilaw.ai. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

10. Cookies and Tracking

We use cookies and similar tracking technologies to operate and improve our Service. These include:

  • Strictly Necessary Cookies: Required for the Service to function (authentication, session management). These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics). These are only set with your consent.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.

11. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit (TLS) and at rest, access controls, regular security assessments, and secure cloud infrastructure on Google Cloud Platform.

12. Children's Privacy

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, contact us at:

OmniLaw

Email: support@omnilaw.ai