ES / EN Start a project
OmniTech / Legal / Privacy

Privacy Policy

Last updated: May 7, 2026

1. Data controller

OmniTech Software S.A.S. ("OmniTech"), a Colombian company registered under tax ID (NIT) 901.821.996-1, with registered offices at Carrera 70 # 7B-24, Apto. 201, Bogotá D.C., Colombia, is the controller of the personal data collected through omnitech.com.co (the "Site").

Privacy contact: contacto@omnitech.com.co.

3. Personal data we collect

OmniTech collects the following categories of personal data:

3.1. Data provided directly by the data subject through the Site's contact form: name, email address, company or organization name (if applicable), job title (optional), description of the project or inquiry, and any other information the User chooses to include in the message.

3.2. Browsing data collected automatically via web analytics (Firebase Analytics, Firebase Crashlytics (Google LLC)): IP address (truncated or anonymized when the tool allows), browser type and version, operating system, device, language, approximate country, pages visited, time on page, referral source, interaction events, and an anonymous session identifier. OmniTech does not use these data to individually identify Users.

OmniTech does not deliberately collect sensitive data (racial or ethnic origin, sexual orientation, political or religious beliefs, health, biometric data, etc.) through the Site. If a User voluntarily provides such data in the contact form's free-text field, they expressly authorize its processing for the purpose of responding to their inquiry.

4. Purposes of processing

Personal data is processed exclusively for the following purposes:

  • Handling commercial inquiries: responding to messages, preparing proposals, scheduling meetings, and maintaining communication prior to a possible engagement.
  • Pre-contractual and, where applicable, contractual relationship management: registering the data subject as a prospect or client and following up through the commercial cycle.
  • Site improvement: analyzing visitor behavior in aggregate to optimize content, performance, and user experience.
  • Compliance with legal obligations: responding to authority requests, retaining information when required by law, and exercising or defending legal rights.
  • Site security: detecting and preventing abuse, fraud, and attacks.

OmniTech does not engage in unsolicited mass marketing, does not sell personal data to third parties, and does not make automated decisions with legal effects on data subjects.

5. Lawful basis for processing

Purpose Lawful basis (Colombia / GDPR)
Contact form Data subject authorization (Law 1581 Art. 9) / consent and pre-contractual measures (GDPR Art. 6.1.a and 6.1.b)
Web analytics Authorization via cookie banner (Colombia) / consent or legitimate interest depending on jurisdiction (GDPR Art. 6.1.a or 6.1.f)
Legal compliance Legal obligation (Law 1581 Art. 10 / GDPR Art. 6.1.c)
Site security OmniTech's legitimate interest in preserving Site integrity (GDPR Art. 6.1.f)

6. Retention period

Contact form data is retained as long as a reasonable expectation of commercial relationship exists, up to a maximum of twenty-four (24) months from the last contact, unless the data subject becomes a client, in which case the retention periods of the contract and of Colombian commercial and tax law apply (up to ten years after the relationship ends).

Analytics data is retained for the default period set in the analytics tool, and in any case for a maximum of twenty-six (26) months.

After the retention period, data is irreversibly deleted or anonymized.

7. Processors and international transfers

To operate the Site, OmniTech relies on technology providers that act as data processors:

  • Site hosting and infrastructure: Firebase Hosting (Google LLC).
  • Web analytics: Firebase Analytics, Firebase Crashlytics (Google LLC).

These providers may be located outside Colombia, including the United States and the European Union. In all cases, OmniTech ensures international transfers are made under valid legal mechanisms: adequate protection levels recognized by the Colombian SIC, express authorization from the data subject, or Standard Contractual Clauses where applicable.

OmniTech does not share or sell personal data to third parties for marketing purposes.

8. Data subject rights

Data subjects have the following rights under Law 1581/2012 and, where applicable, GDPR and CCPA:

  • Know, access, and obtain a copy of the data we hold about them.
  • Rectify inaccurate, incomplete, or outdated data.
  • Request deletion when legal grounds apply (including the GDPR "right to be forgotten").
  • Withdraw authorization and/or object to processing.
  • Data portability in a structured format (GDPR/CCPA).
  • Restrict processing in cases provided for by GDPR.
  • Non-discrimination for exercising their rights (CCPA).
  • File complaints with the Colombian Superintendence of Industry and Commerce, the supervisory authority of their EU/UK Member State, or the California Privacy Protection Agency, as applicable.
  • Request the registration certificate of the data subject in the National Database Registry, where applicable.

9. How to exercise rights

To exercise any of the rights above, data subjects may send a request to contacto@omnitech.com.co indicating:

  • Full name and contact details.
  • The right being exercised and a description of the request.
  • ID document or reasonable means of identity verification.

OmniTech will respond within ten (10) business days for inquiries and fifteen (15) business days for complaints under Law 1581. For data subjects covered by GDPR, the response timeframe is one (1) month, extendable by two additional months in complex cases.

10. Cookies and similar technologies

The Site uses cookies and equivalent technologies (local storage, session identifiers) for two purposes:

  • Strictly necessary cookies: essential for Site operation (language preferences, light/dark mode, session). They do not require consent.
  • Analytics cookies: used by Firebase Analytics, Firebase Crashlytics (Google LLC) to measure traffic and behavior. They activate only when the User grants consent via the Site's cookie banner.

Users can manage their consent at any time through the preference center accessible from the Site's footer and can configure their browser to block or delete cookies. Blocking strictly necessary cookies may affect Site functionality.

11. Information security

OmniTech applies reasonable technical, administrative, and physical measures to protect personal data against unauthorized access, loss, alteration, or disclosure: encryption in transit (TLS), role-based access control, activity logging, backups, and periodic security reviews. No measure is foolproof; OmniTech will notify data subjects and competent authorities as required by law in the event of a security incident affecting their data.

12. Minors

The Site is not directed to minors. OmniTech does not knowingly collect personal data from individuals under 14 (Colombia) or under 16 (GDPR criterion). If a parent or guardian identifies that a minor has submitted data through the Site, deletion can be requested by writing to contacto@omnitech.com.co.

13. Changes to this Policy

This Policy may be updated to reflect regulatory, technical, or operational changes. The version in force is the one published on the Site, identified by its update date. For substantial changes affecting purposes or rights, OmniTech will inform data subjects through reasonable channels and, where applicable, request a new authorization.

14. Contact

Any concern, request, or complaint regarding this Policy may be directed to:

OmniTech Software S.A.S.

Carrera 70 # 7B-24, Apto. 201, Bogotá D.C., Colombia

Privacy email: contacto@omnitech.com.co

Additionally, data subjects may file complaints with the Superintendence of Industry and Commerce (SIC) — www.sic.gov.co — as the Colombian supervisory authority.

RELATED
See Terms of Service Contact privacy office
Last updated: May 7, 2026