Legal · Privacy policy

Privacy policy

Entity
Omni Studio Inc. · omni.studio
Effective
25 May 2026
Last updated
25 May 2026
Contact
support@omni.studio

01 Introduction

Omni Studio Inc. (“Omni Studio,” “we,” “us,” or “our”) is a Delaware corporation operating the website located at omni.studio (the “Website”) and providing AI-powered business communication services (the “Services”). We are committed to protecting the privacy of individuals who interact with us.

This Privacy Policy describes how we collect, use, disclose, retain, and protect personal information in connection with:

  • Website visitors who browse omni.studio
  • Paid subscribers who have entered into a subscription agreement for the Services (“Clients”)
  • End users — individuals who call or otherwise communicate with Client businesses through our AI agent platform (“Callers” or “End Users”)

Please read this policy carefully. By accessing the Website or using the Services, you acknowledge that you have read and understand this Privacy Policy. If you have questions, contact us at support@omni.studio.

A note about End User data. When you call a business that uses Omni Studio to handle its communications, Omni Studio processes your call data on behalf of that business. The business — not Omni Studio — controls how your data is used and retained. If you have questions about how a specific business handles your data, please contact that business directly. If you need additional assistance, you may also contact us at support@omni.studio.

02 Information we collect

A. From website visitors

When you visit omni.studio, we automatically collect certain technical and behavioural information:

  • Browsing data. Pages visited, time spent on each page, referral source (how you found us), and navigation paths through the Website
  • Device and technical information. Browser type and version, operating system, screen resolution, device type (desktop, mobile, tablet), and language preferences
  • IP address. Used for analytics, geographic region estimation, security monitoring, and fraud prevention
  • Form submissions. If you complete a contact form, request a demo, or sign up to start a plan, we collect the information you provide, which may include your name, email address, phone number, business name, job title, and business size
  • Cookies and tracking technologies. We use cookies, pixels, and similar technologies to operate the Website and understand how visitors use it. See our Cookie section below for details.

B. From Clients (business subscribers)

When a business registers for or uses Omni Studio Services, we collect:

  • Business identification. Legal business name, DBA name, business address, state of formation, EIN or other tax identification number
  • Contact information. Name, email address, phone number, and job title of authorised representatives and account users
  • Payment information. Billing address and payment method details. Payment transactions are processed by Stripe, Inc. Omni Studio does not store full credit card numbers, CVV codes, or raw payment credentials on our systems.
  • Integration credentials. API keys, OAuth tokens, or login credentials for any third-party platforms that you choose to integrate with Omni Studio. These credentials are stored in encrypted form and used solely to operate your integration.
  • Business configuration data. Your business hours, service offerings, service areas, pricing information, staff schedules, escalation protocols, and other operational information you provide to configure your AI agent pod
  • Account activity. Logs of actions taken within the Omni Studio platform, including configuration changes, user management actions, and support interactions

C. From End Users (callers to Client businesses)

When individuals call a business using Omni Studio’s AI answering services, we collect the following data on behalf of and under the direction of the applicable Client:

  • Voice recordings. Audio recordings of phone calls handled by Omni Studio AI agents
  • AI-generated transcripts. Written transcriptions of call recordings produced by our speech-to-text processing pipeline
  • Caller phone number. Captured via caller ID where available
  • Call metadata. Timestamp, call duration, call outcome (e.g., appointment booked, message taken, escalated), and agent actions taken during the call
  • Appointment and booking information. Details provided by the Caller during the call, such as name, address, requested service, and preferred appointment time
  • Any other information voluntarily provided. Information the Caller shares during the call interaction

Important. End User data is collected on behalf of the Client business and is owned and controlled by that Client. Omni Studio acts as a data processor with respect to End User data and processes it only as directed by the Client and as necessary to provide the Services. End Users seeking to exercise their data rights should contact the Client business directly. Omni Studio will cooperate with Client to process such requests.

D. Cookies and tracking technologies

We use cookies and similar tracking technologies on the Website to:

  • Keep you logged in to your account (“strictly necessary” cookies)
  • Remember your preferences
  • Analyse how the Website is used (analytics cookies)
  • Deliver relevant marketing communications (marketing cookies, where consented)

You can control cookies through your browser settings. Disabling certain cookies may affect Website functionality. Where required by law, we will obtain your consent before placing non-essential cookies.

03 How we use information

We use the information we collect for the following purposes:

Service delivery and operations

  • Provide, operate, configure, and maintain the Omni Studio platform and AI agent pods
  • Process and route inbound calls to Client businesses
  • Generate and deliver call transcripts and call summaries to Clients
  • Detect potential emergency situations and trigger escalation protocols as configured
  • Book appointments and integrate scheduling data with Client CRM systems
  • Generate performance reports, usage statistics, and analytics dashboards for Clients

Account and subscription management

  • Create and manage Client accounts
  • Process subscription payments and manage billing
  • Communicate with Clients about their accounts, subscriptions, and support requests
  • Verify identity and authorise account access

Platform improvement (de-identified / aggregated only)

  • Analyse aggregated, de-identified usage patterns to improve platform performance and develop new features
  • Benchmark AI accuracy using anonymised data sets
  • We do NOT use identifiable Client customer data — including call recordings or transcripts — to train AI models without the Client’s explicit prior written consent

Legal compliance and security

  • Comply with applicable laws, regulations, legal processes, and government requests
  • Detect, investigate, and prevent fraud, abuse, unauthorised access, and other illegal activity
  • Enforce our Terms of Service and other policies
  • Establish, exercise, or defend legal claims

Marketing and communications (prospective Clients)

  • Send informational emails, case studies, and promotional content to prospective Clients who have expressed interest in Omni Studio
  • Conduct targeted advertising on third-party platforms using contact information provided through Website forms (subject to your opt-out rights)

You may opt out of marketing communications at any time by clicking the “unsubscribe” link in any marketing email or by contacting us at support@omni.studio.

We do NOT. Sell personal information to third parties for their own marketing or commercial purposes. Use End User call recordings or transcripts to train AI models without Client’s explicit written consent. Share End User data with any party other than the applicable Client and our authorised service providers acting on our behalf.

04 How we share information

We share personal information only in the following circumstances.

With Clients

End User call data (recordings, transcripts, call metadata, appointment information) is shared with the Client business on whose behalf it was collected. This is the primary purpose for which End User data is processed.

With service providers and sub-processors

We share data with trusted third-party service providers that process data on our behalf to deliver the Services. Our current sub-processors include:

Sub-processor Purpose Data shared
Google (Gemini API) AI language model processing (Starter tier) Call transcripts, conversation content
Anthropic (Claude API) AI language model processing (Growth+ tiers) Call transcripts, conversation content
Twilio, Inc. Telephony infrastructure, call routing, SMS Phone numbers, call audio, call metadata
Deepgram, Inc. Speech-to-text transcription Call audio recordings
Stripe, Inc. Payment processing Payment method details, billing information
Framer / Vercel Website hosting and delivery Website visitor data, IP addresses
Google Analytics Website analytics Browsing behaviour, device information (anonymised where possible)

We maintain data processing agreements with all sub-processors requiring them to process data only as instructed and to implement appropriate security measures. Clients may request a copy of our sub-processor list or sub-processor agreements via support@omni.studio.

For legal requirements

We may disclose personal information if we believe in good faith that disclosure is necessary to: comply with applicable law, regulation, or legal process; respond to a valid subpoena, court order, or government request; protect the rights, property, or safety of Omni Studio, our Clients, End Users, or the public; or detect and prevent fraud or security incidents.

In business transactions

If Omni Studio undergoes a merger, acquisition, reorganisation, bankruptcy, or sale of all or substantially all of our assets, personal information may be transferred as part of that transaction. We will provide notice of any such transfer and any material changes to data handling practices.

Aggregated or de-identified data

We may share aggregated or de-identified information — which cannot reasonably be used to identify any individual — for business purposes including benchmarking, marketing materials, and industry research.

05 Data retention

We retain personal information for the following periods:

Data category Retention period
Website visitor and analytics data24 months from collection
Client account and business informationDuration of business relationship + 3 years
End User call recordings90 days (default); configurable by Client
End User call transcripts90 days (default); configurable by Client
Call metadata12 months
Payment and billing records7 years (tax and legal compliance)
Support and communications records3 years

Clients may configure shorter call recording and transcript retention periods within the platform settings. Clients may also submit a deletion request for specific End User data prior to the standard retention period by contacting support@omni.studio.

After the applicable retention period, data is securely deleted or de-identified in accordance with our data disposal procedures. We may retain data longer where required by applicable law or where necessary to establish, exercise, or defend legal claims.

06 Data security

We take the security of personal information seriously and implement administrative, technical, and physical safeguards designed to protect data from unauthorised access, disclosure, alteration, or destruction. These measures include:

  • Encryption at rest. All data stored on Omni Studio systems is encrypted using AES-256 or equivalent standards
  • Encryption in transit. All data transmitted between systems uses TLS 1.2 or higher
  • Access controls. Role-based access controls limit data access to authorised personnel with a legitimate need. All Omni Studio staff accounts require multi-factor authentication.
  • Regular security assessments. We conduct periodic security reviews, vulnerability assessments, and penetration testing
  • Incident response. We maintain a documented incident response plan. In the event of a data breach affecting personal information, we will notify affected Clients and, where required by law, applicable regulators within the timeframes required by applicable law.

Important limitation. While we implement industry-standard security measures, no method of electronic transmission or data storage is 100% secure. We cannot guarantee the absolute security of your information. You use our Services at your own risk with respect to factors outside our reasonable control.

07 Your privacy rights

A. Rights available to all users

Regardless of your location, you have the following rights with respect to your personal information:

  • Access. Request a copy of the personal information we hold about you
  • Correction. Request that we correct inaccurate or incomplete personal information
  • Deletion. Request that we delete your personal information, subject to applicable legal retention requirements and our legitimate business needs
  • Marketing opt-out. Unsubscribe from marketing communications at any time via the unsubscribe link in any email or by contacting support@omni.studio

To exercise these rights, contact us at support@omni.studio. We will respond within a reasonable timeframe.

B. California residents — CCPA / CPRA rights

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):

  • Right to know. You have the right to request that we disclose: the categories of personal information we have collected about you; the categories of sources from which it was collected; the business or commercial purposes for collection; the categories of third parties with whom we share it; and the specific pieces of personal information collected about you.
  • Right to delete. You have the right to request deletion of personal information we have collected from you, subject to certain exceptions (such as data needed to complete a transaction, comply with a legal obligation, or detect security incidents).
  • Right to correct. You have the right to request correction of inaccurate personal information we maintain about you.
  • Right to opt-out of sale or sharing. We do not sell personal information as defined under the CCPA, and we do not share personal information for cross-context behavioural advertising without your consent. We include this notice for full transparency.
  • Right to limit use of sensitive personal information. To the extent we collect sensitive personal information as defined by the CPRA — which may include voice recordings for clients in healthcare-adjacent verticals — you have the right to direct us to limit use of such information to purposes necessary to provide the requested services.
  • Right to non-discrimination. We will not discriminate against you for exercising your CCPA/CPRA rights. We will not deny you goods or services, charge different prices, or provide a different level of service because you exercised your privacy rights.

How to submit a CCPA request

  • Email: support@omni.studio (subject line: “California Privacy Request”)
  • Phone: (866) 966-5144
  • Verification: We will verify your identity before processing your request. Verification may require you to provide information matching what we have on file.
  • Response time: We will respond within 45 days. If we need additional time (up to 90 days total), we will notify you within the initial 45-day period with an explanation.

Authorised agents

California residents may designate an authorised agent to submit requests on their behalf. Authorised agents must provide written authorisation signed by the consumer, and we may require the consumer to verify their identity directly with us.

Shine the Light

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do not sell personal information for direct marketing purposes and therefore do not make such disclosures.

C. Rights of End Users (callers)

If you called a business that uses Omni Studio and you wish to exercise rights over your call data:

  1. Contact the business directly. The business (Client) controls your call data and is your primary point of contact for data rights requests.
  2. Contact Omni Studio. If the Client is unable to assist, or if you have concerns about how Omni Studio processed your data, you may contact us at support@omni.studio. We will work with the applicable Client to process your request to the extent technically feasible and legally permitted.

Please note that our ability to identify End User data is dependent on information you provide (such as your phone number or the date of a call) and the data we retain on behalf of the applicable Client.

08 Children’s privacy

Omni Studio Services are designed for business use and are not directed at individuals under the age of 18. We do not knowingly collect personal information from children under 18.

If we become aware that we have inadvertently collected personal information from a child under 18, we will promptly delete that information. If you believe we have collected information from a child under 18, please contact us at support@omni.studio.

09 International data transfers

Omni Studio is based in the United States and processes and stores all data on infrastructure located within the United States. If you access the Website or use our Services from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction.

For future EU/EEA expansion. Omni Studio is preparing for potential expansion into European markets. When and if we begin offering Services to clients in the European Union or European Economic Area, we will implement appropriate safeguards for international transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission. We will update this Privacy Policy accordingly before accepting EU/EEA clients.

By using our Services from any jurisdiction, you acknowledge and consent to the transfer of your data to the United States and its processing under US law.

10 Third-party links and services

The Website may contain links to third-party websites, products, or services that are not operated by Omni Studio. These links are provided for your convenience and informational purposes only. Omni Studio is not responsible for the privacy practices, content, or data handling of any third-party sites.

When you follow a link to a third-party website, you leave our Website and are subject to the privacy policy and terms of service of that third party. We encourage you to review the privacy policies of any third-party sites you visit.

11 Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or the Services we offer. We will revise the “Last Updated” date at the top of this policy when we make changes.

For active paid subscribers. We will notify you of material changes to this Privacy Policy via email at least 30 days before they take effect. Material changes include changes to: data categories collected, how we share data with third parties, your privacy rights, or our data retention practices.

For website visitors. Changes are effective upon posting to the Website unless we state otherwise.

Your continued use of the Website or Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the updated policy, please stop using the Services.

12 Contact us

We welcome questions, comments, and requests regarding this Privacy Policy. To contact us:

  • General inquiries. Omni.studio (Omni Studio Inc.) · support@omni.studio
  • Privacy requests. support@omni.studio
  • General legal inquiries. support@omni.studio
  • Mail. Omni.studio (Omni Studio Inc.) · 135 Madison Ave, 5th Floor, New York, NY 10016
  • CCPA-specific requests. Email support@omni.studio (subject: “California Privacy Request”) · Phone (866) 966-5144

We will acknowledge receipt of your inquiry promptly and respond within the timeframes required by applicable law.

13 Effective date

This Privacy Policy is effective as of 25 May 2026 and was last updated on 25 May 2026.

This Privacy Policy was prepared for omni.studio (Omni Studio Inc.), a Delaware corporation with principal offices at 135 Madison Ave, 5th Floor, New York, NY 10016. It is intended to comply with applicable US federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and is structured to support future compliance with the European Union General Data Protection Regulation (GDPR) upon expansion into EU markets.