Privacy Policy

OmniAI is operated by Western Entertainers LLP ("WeVisa", "we", "our", "us"), a Limited Liability Partnership registered in India, with offices at LG-18, Ashirwad Complex, Sector 53, Noida 201307, Uttar Pradesh, and UG-23, Somdutt Chamber 2, Bhikaji Cama Place, New Delhi 110066.

We provide a B2B SaaS platform — OmniAI — for Indian travel agencies, visa consultants, and immigration professionals. This Privacy Policy explains how we handle the personal data of visitors to our website and users of our platform.

We collect personal data in the following ways:

Account registration: Name, email address, phone number, business name, and GST number when you create an agency account.

Contact forms: Name, email, phone, agency name, and message content submitted via our contact form.

Platform usage: Log data (IP address, browser type, pages visited, timestamps), session identifiers, and usage analytics.

Payment data: Billing address and payment method details processed by Razorpay. We do not store raw card numbers — these are handled by Razorpay's PCI-DSS certified infrastructure.

Client data uploaded by agencies: When agencies use OmniAI to manage their own clients, that client data (names, contact details, document information) is processed by us on behalf of the agency as a data processor. The agency remains the data controller for their clients' data.

We use your personal data to:

• •Provide and operate the OmniAI platform and related services
• •Process payments and send GST invoices
• •Respond to contact form submissions and support requests
• •Send product updates, billing notifications, and account-related emails
• •Improve platform performance and fix bugs (using aggregated analytics)
• •Comply with legal obligations under Indian law
• •Prevent fraud, abuse, and security incidents

We do not use your data to train AI models. We do not sell your personal data to third parties.

Under India's Digital Personal Data Protection (DPDP) Act 2023, we process your personal data based on:

Consent: For marketing communications and optional data collection at registration. You may withdraw consent at any time.

Contract performance: To fulfil the SaaS subscription and deliver the services you have paid for.

Legitimate interests: For fraud prevention, platform security, and aggregate analytics. We balance our interests against your rights.

Legal obligation: Where Indian law or court orders require us to process or disclose data.

We share personal data only with:

Infrastructure providers: Vercel (hosting), Supabase/PostgreSQL (database), AWS (file storage). These providers operate under data processing agreements and appropriate security standards.

Payment processor: Razorpay, for processing subscription payments. Governed by Razorpay's privacy policy.

WhatsApp Business API: Meta Platforms Ireland, for AI messaging features. Governed by Meta's data processing addendum.

Email delivery: SMTP provider configured by the agency. Agency email credentials are stored encrypted.

Law enforcement / regulators: When required by valid legal process under Indian law.

We do not share data with advertising networks or data brokers.

We retain personal data for as long as your account is active or as needed to provide our services. Specifically:

• •**Account data:** Retained for the duration of your subscription plus 90 days after cancellation.
• •**Billing and invoice records:** Retained for 7 years as required under Indian accounting and GST law.
• •**Contact form submissions:** Retained for 12 months.
• •**Log files:** Retained for 90 days.
• •**Deleted data:** Upon account termination, your data is deleted or anonymised within 90 days, except where retention is legally required.

Under the DPDP Act 2023, you have the right to:

• •**Access** the personal data we hold about you
• •**Correct** inaccurate or incomplete personal data
• •**Erase** your personal data (subject to legal retention obligations)
• •**Withdraw consent** at any time, without affecting prior processing
• •**Nominate** a person to exercise your rights in case of death or incapacity
• •**Grievance redressal** — lodge a complaint with our Data Protection Officer

To exercise any of these rights, email us at visa.wevisa@gmail.com with the subject line "DPDP Rights Request". We will respond within 30 days.

We use cookies and similar tracking technologies. See our Cookie Policy for full details. In summary:

• •**Essential cookies:** Required for authentication and session management. Cannot be disabled.
• •**Analytics cookies:** Used to understand how visitors use our website. You may opt out.
• •**Preference cookies:** Store your settings (e.g., language, currency). Optional.

We do not use advertising or cross-site tracking cookies.

OmniAI is operated in India and our primary data storage is within India. Some of our infrastructure providers (e.g., Vercel for edge functions, Meta for WhatsApp API) may process data outside India. Where this occurs, we ensure appropriate contractual safeguards are in place consistent with DPDP Act requirements.

OmniAI is a B2B platform intended for business users only. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor's data has been submitted to us, please contact us immediately at visa.wevisa@gmail.com and we will delete it promptly.

We implement industry-standard technical and organisational measures to protect your personal data, including:

• •TLS 1.2+ encryption for all data in transit
• •AES-256 encryption for data at rest
• •Role-based access controls for platform data
• •Regular security reviews and penetration testing
• •Multi-factor authentication for admin accounts

No system is 100% secure. If you discover a security vulnerability, please disclose it responsibly to visa.wevisa@gmail.com.

We may update this Privacy Policy from time to time. When we make material changes, we will notify registered users by email and update the "Last Updated" date below. Continued use of OmniAI after changes constitutes acceptance of the updated policy.

For any privacy-related questions, complaints, or rights requests:

WeVisa / OmniAI — Data Protection Contact Email: visa.wevisa@gmail.com Phone: +91 98215 40050 Address: LG-18, Ashirwad Complex, Sector 53, Noida 201307, Uttar Pradesh, India

We aim to acknowledge all requests within 72 hours and resolve them within 30 days.