Privacy Policy

Omnivinci Technologies Private Limited is the data controller responsible for your personal information.

Information you provide directly:

• Account registration data: name, email address, phone number, business name
• Vehicle information: make, model, year, pricing, photographs you upload
• Payment information: billing details processed through Razorpay (we do not store full card details)
• Communications: support requests, feedback, or correspondence sent to us

Information collected automatically:

• Usage data: pages visited, features used, generation history, timestamp logs
• Device & technical data: IP address, browser type, operating system, device identifiers
• Cookies and similar tracking technologies (see Section 7)

Information from third parties:

• Google Sign-In: if you use Google OAuth, we receive your name, email, and profile picture from Google

We use your personal information for the following purposes:

• Service delivery: creating and managing your account, processing content generation requests
• Billing & payments: processing subscription fees, managing credits, issuing invoices and GST receipts
• Communications: sending transactional emails (generation complete, billing alerts), product updates, and support responses
• Service improvement: analysing usage patterns to improve features, fix bugs, and enhance AI model quality
• Legal compliance: meeting obligations under Indian law, including GST reporting, audit requirements, and responding to lawful government requests
• Security: detecting, preventing, and investigating fraud, abuse, or security breaches

When you upload vehicle photographs and request content generation:

• Your images are securely transmitted to our AI generation provider (Fal.ai / ByteDance Seedance API) over encrypted connections.
• Images are processed solely to fulfil your generation request and are not used to train third-party AI models.
• Generated output is stored in your account for 90 days, after which it may be automatically deleted unless you download it.
• Uploaded original photos are stored in encrypted Supabase cloud storage hosted on AWS (Mumbai region).

We do not sell your personal information. We may share data with:

• Service providers: Supabase (database & authentication), Fal.ai (AI generation), Razorpay (payments), Vercel (hosting) — each contractually bound to protect your data
• Legal authorities: when required by Indian law, court order, or government directive
• Business transfers: in the event of a merger or acquisition, with appropriate notice to you

• Active account data is retained for the duration of your subscription plus 2 years.
• Billing records are retained for 7 years as required under Indian accounting laws.
• Generated content files are retained for 90 days after creation.
• You may request deletion of your account and associated data by contacting us at keyur@omnivinci.com. Note that transactional and legal records may be retained as required by law.

We use the following types of cookies:

• Essential cookies: required for authentication and session management (cannot be disabled)
• Analytics cookies: help us understand how users interact with the platform (you may opt out)
• Preference cookies: store your UI preferences

You can manage cookie preferences through your browser settings. Disabling essential cookies will prevent you from using the platform.

We implement industry-standard security measures including:

• TLS/HTTPS encryption for all data in transit
• AES-256 encryption for sensitive data at rest
• Row-level security on our database (Supabase RLS)
• Regular security audits and penetration testing
• Mandatory two-factor authentication for admin accounts

No method of transmission or storage is 100% secure. In the event of a data breach affecting your rights, we will notify you within 72 hours as required by applicable law.

Under applicable Indian data protection regulations, you have the right to:

• Access: request a copy of the personal data we hold about you
• Correction: request correction of inaccurate or incomplete data
• Deletion: request deletion of your personal data (subject to legal retention obligations)
• Portability: receive your data in a machine-readable format
• Objection: object to processing of your data for marketing purposes

To exercise these rights, contact us at keyur@omnivinci.com. We will respond within 30 days.

Omnivinci Drive is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal data, we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or prominent notice within the platform at least 14 days before changes take effect. Continued use of the platform after such changes constitutes acceptance of the revised policy.

In accordance with the Information Technology Act, 2000, the name and contact details of our Grievance Officer are: