Privacy Policy

Omeganodes Ltd (“Omeganodes”, “we”) operates the Omeganodes Platform-as-a-Service. We are the data controller for the personal data described here. This policy explains what we collect, why, and the rights you have.

• Account data — name, email address and password (stored only as a salted hash).
• Usage data — projects, deployments, logs and security events such as sign-ins, needed to run and protect the Service.
• Billing data — plan, invoices and the payment method used. Card and mobile-money details are handled by our payment processors; we do not store full card numbers.
• Technical data — IP address and device/browser information, used for security, fraud prevention and abuse detection.

We use personal data to provide and secure the Service, process payments, prevent fraud and abuse, send essential service and (where you opt in) product notifications, and meet legal obligations.

Where the EU/UK GDPR applies, we rely on: performance of our contract with you (to provide the Service), our legitimate interests (security, fraud prevention and improving the Service), your consent (optional communications), and compliance with legal obligations. Where Uganda’s Data Protection and Privacy Act, 2019 applies, we process data in line with its principles of lawful, fair and accountable processing.

We host data on infrastructure located in or near the regions we serve in East Africa, and within the EU. Personal data is encrypted in transit (TLS) and sensitive data is encrypted at rest (AES-256-GCM). We apply least-privilege access controls and isolate customer workloads in separate containers.

We do not sell your personal data. We share it only with service providers that process it on our behalf under contract — for example payment providers (card and mobile money) and our transactional email provider — and where required by law.

Where personal data is transferred across borders, we use appropriate safeguards (such as standard contractual clauses or an equivalent lawful transfer mechanism) to protect it.

We keep personal data for as long as your account is active and as needed to provide the Service. When you delete your account we delete or anonymise your personal data, except where we must retain certain records (for example, invoices) to meet legal obligations.

Subject to applicable law, you may request to:

• access a copy of your personal data (you can export your data from account settings);
• correct inaccurate data or complete incomplete data;
• delete your data (“right to erasure”);
• object to or restrict certain processing, and withdraw consent at any time;
• lodge a complaint with your data-protection authority.

We use strictly necessary cookies to keep you signed in and to secure the Service. We do not use advertising cookies.

The Service is not directed to children under 18, and we do not knowingly collect their personal data.

We may update this policy and will note the date above. For privacy questions or to exercise your rights, contact our data protection team at privacy@omeganodes.com.