Privacy Policy
Last updated: January 14, 2026
Effective immediately
Your Privacy Matters: This Privacy Policy explains how Omnilib ("we", "us", "our") collects, uses, shares, and protects your personal information when you use our Service. We are committed to protecting your privacy and being transparent about our data practices.
1. Information We Collect
1.1 Information You Provide Directly
We collect information you provide when you:
- Create an account: Name, email address, password (hashed)
- Use OAuth login: Profile information from Google or Microsoft (name, email, profile picture)
- Subscribe to paid plans: Billing information processed by Stripe (we do not store full credit card numbers)
- Create content: Text, prompts, and inputs you provide for ebook generation
- Use Life Story feature: Personal stories, memories, and biographical information you share
- Contact support: Communications and feedback you send us
- Upload files: Custom fonts, documents, or other files you upload
1.2 Information Collected Automatically
When you use our Service, we automatically collect:
- Device information: Browser type, operating system, device identifiers
- Usage data: Pages visited, features used, actions taken, time spent
- Log data: IP address, access times, error logs
- Cookies and similar technologies: See our Cookie Policy for details
1.3 Information from Third Parties
We may receive information from:
- OAuth providers: Google, Microsoft (profile information you authorize)
- Payment processors: Stripe (payment confirmation, subscription status)
- Cloud storage: Microsoft OneDrive, Google Drive (file metadata when you connect)
2. How We Use Your Information
We use your information for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Provide and maintain the Service | Contract performance |
| Process payments and subscriptions | Contract performance |
| Generate AI content based on your inputs | Contract performance |
| Send transactional emails (receipts, confirmations) | Contract performance |
| Provide customer support | Contract performance / Legitimate interest |
| Improve and optimize the Service | Legitimate interest |
| Detect and prevent fraud or abuse | Legitimate interest |
| Send marketing communications (with consent) | Consent |
| Comply with legal obligations | Legal obligation |
| Train and improve AI systems | Legitimate interest (anonymized data) |
3. AI and Your Content
Important Information About AI Processing:
3.1 How We Process Your Content
- Your input content is sent to third-party AI providers (such as OpenAI) for processing
- AI providers may temporarily process your content but are bound by data processing agreements
- We do not sell your personal content to third parties
- Generated content is stored in your account for your access
3.2 AI Training
Regarding the use of your content for AI training:
- We may use aggregated, anonymized data to improve our services
- Third-party AI providers have their own data usage policies
- You can request that your data not be used for training by contacting us
3.3 Life Story Data
Personal stories and biographical information shared through Life Story feature:
- Is treated with the highest level of confidentiality
- Is processed only to generate your personal memoir
- Is stored securely and encrypted
- Can be deleted upon your request
4. How We Share Your Information
We share your information only in the following circumstances:
4.1 Service Providers
We share data with trusted third-party service providers who assist us in operating the Service:
- AI Providers: For content generation
- Stripe: For payment processing
- Cloud hosting providers: For data storage and infrastructure
- Email services: For transactional and marketing emails
- Analytics providers: For understanding Service usage
These providers are bound by data processing agreements and may only use your data to provide services to us.
4.2 Legal Requirements
We may disclose your information if required by law or in response to:
- Court orders, subpoenas, or legal process
- Government or regulatory requests
- Protecting our rights, property, or safety
- Preventing fraud or illegal activity
4.3 Business Transfers
If Omnilib is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.
4.4 With Your Consent
We may share your information with third parties when you explicitly consent to such sharing.
5. Data Retention
We retain your information for the following periods:
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion + 30 days |
| Generated ebooks and content | Until you delete them or account deletion |
| Payment records | 7 years (legal/tax requirements) |
| Usage logs | 90 days |
| Support communications | 2 years |
| Life Story interviews | Until you delete or account deletion |
After account deletion, we may retain anonymized data for analytics purposes.
6. Data Security
We implement appropriate technical and organizational measures to protect your information:
- Encryption: Data encrypted in transit (TLS/SSL) and at rest
- Password hashing: Passwords are hashed using industry-standard algorithms
- Access controls: Limited access to personal data on a need-to-know basis
- Security monitoring: Regular security assessments and monitoring
- Secure infrastructure: Hosted on secure cloud platforms
However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
7. Your Rights and Choices
7.1 Rights Under GDPR (European Users)
If you are in the European Economic Area (EEA) or UK, you have the following rights:
- Right of Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate personal data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
- Right to Lodge a Complaint: File a complaint with your local data protection authority
7.2 Rights Under CCPA (California Users)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request disclosure of personal information collected, used, and shared
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
- Right to Non-Discrimination: Not be discriminated against for exercising your rights
We do not sell personal information. In the past 12 months, we have not sold any personal information as defined by the CCPA.
7.3 How to Exercise Your Rights
To exercise any of these rights, please:
- Email us at: privacy@omnilib.app
- Use account settings to download or delete your data
- Use the unsubscribe link in marketing emails
We will respond to your request within 30 days (or as required by applicable law).
7.4 Account Choices
- Marketing emails: Unsubscribe via link in emails or account settings
- Cookies: Manage via browser settings or our cookie banner
- Account deletion: Request via settings or contacting support
- Data export: Download your ebooks and data from your dashboard
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.
When we transfer data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Data processing agreements with all service providers
- Compliance with applicable data transfer frameworks
9. Children's Privacy
The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@omnilib.app. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information.
10. Third-Party Links and Services
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any personal information.
11. Do Not Track Signals
Some browsers have a "Do Not Track" feature. We currently do not respond to Do Not Track signals. However, you can manage tracking through your browser settings and our cookie preferences.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes:
- We will update the "Last updated" date
- We will notify you via email or prominent notice on the Service
- We may ask for your consent if required by law
We encourage you to review this Privacy Policy periodically.
13. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
- Email: privacy@omnilib.app
- Support: support@omnilib.app
- Website: https://omnilib.app
Data Protection Officer
For GDPR-related inquiries, you may contact our Data Protection Officer at: dpo@omnilib.app
By using the Omnilib Service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and sharing of your information as described herein.