This Privacy Policy applies to the processing of personal data by OMNICOMM GROUP and its entities, be it subsidiaries and (or) affiliates (as specified below in the art. 1.2 hereof), in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the relevant provisions of Cyprus law on data protection. OMNICOMM GROUP and its entities values and respects the privacy of our customers, partners or any business affiliates be it legal entities or people and is committed to protecting upmost level of privacy of personal data.

The Policy outlines how personal data is collected, used, and safeguarded by OMNICOMM GROUP and its entities. By engaging with the services and use of OMNICOMM GROUP website and, if otherwise is not regulated, websites of its entities, users or any persons or entities which are disclosing their personal information or personal data, agree to the collection and processing of personal information or personal data as outlined herein.

For purposes of the Policy, the term “personal information” or “personal data” shall mean any information or opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. In general terms, this includes information or an opinion that personally identifies you either directly (e.g. your name) or indirectly.

1. DATA CONTROLLER

1.1. The data controller for the purposes of this Policy is the entities within OMNICOMM GROUP responsible for the collection and use of personal data.

1.2. Depending on the user’s interaction with the services, including the following entities, but not limited to who may process personal data (jointly referred to as the “OMNICOMM GROUP”):

• OMNICOMM VIETNAM LIMITED LIABILITY COMPANY (Reg. number: 0317551479)
• OMNICOMM SOLUTIONS VIETNAM LIMITED LIABILITY COMPANY (Reg. number: 0318756207)
• OMNICOMM FUEL MONITORING TECHNOLOGIES INDIA PRIVATE LIMITED (Reg. number: 103520)
• ARTIFLEET GLOBAL ELECTRONIC APPLIANCES TRADING L.L.C (Reg. number: 1628546)
• OÜ OMNICOMM (Reg. number: 11333466)
• OMNICOMM BRASIL DESENVOLVIMENTO DE SOFTWARES E HARDWARES LTDA (Reg. number: 29.989.345/0001-00)
• ACCESSWAVE INNOVATIONS LTD (Reg. number: С458335)

1.3. The entity responsible for processing the personal data shall always be the entity belonging to the OMNICOMM GROUP. The exact company processing the data shall be specified depending on the certain case. Should there be no company specified, then the company responsible for data processing is ACCESSWAVE INNOVATIONS LTD registered in Cyprus under the No. С458335.

1.4. Each of these entities is responsible for ensuring that personal data is processed in accordance with applicable data protection laws.

2. TYPES OF PERSONAL DATA COLLECTED

2.1. OMNICOMM GROUP may collect including, but not limited to, the following types of personal data:

• Identification Data: First name, last name, email address, phone number, country, postal code, and company information.
• Technical Data: IP address, browser type, device information, and usage data.
• Transactional Data: Details of any transactions, purchases, or inquiries made with OMNICOMM GROUP.
• Marketing and Communications Data: User preferences for receiving marketing communications, promotional offers, and other communications related to products, services, and events.

2.2. OMNICOMM GROUP and all and any of its entities may also collect any additional data as necessary for the purposes described in this Policy with or without additional consent if applicable.

3. PURPOSE OF DATA PROCESSING AND PROCEDURES FOR COLLECTING

3.1. Personal data will be processed for the following purposes:

• Provision of Services: To maintain, improve, and offer products and services provided by OMNICOMM GROUP.
• Customer Support: To respond to inquiries, offer customer support services, and resolve issues.
• Marketing Communications: To send marketing and promotional materials, product updates, event invitations, and other communications based on user preferences.
• Product Improvement and Research: To collect feedback through surveys or other means to improve products, services, and technical support.
• Compliance with Legal Obligations: To ensure compliance with applicable laws and regulatory requirements.

The above list is non-exhaustive and may be further supplemented at discretion of OMNICOMM GROUP and its entities.

3.2. OMNICOMM GROUP and its entities may, where applicable, directly collect your personal information from you when you, including, but not limited to when you:

• interact with OMNICOMM GROUP and its entities representatives over the phone;
• interact with OMNICOMM GROUP and its entities representatives in person;
• interact with OMNICOMM GROUP and its entities representatives online;
• participate in surveys or questionnaires;
• attend a OMNICOMM GROUP and its entities representatives events;
• subscribe to OMNICOMM GROUP and its entities representatives mailing list;
• apply for a position with us as an employee, contractor or volunteer;
• other interactions.

4. LEGAL BASIS FOR PROCESSING

4.1. Personal data will be processed based on the following legal grounds:

• Consent: When the user has given explicit or implied consent for the processing of their personal data for specified purposes, including but not limited to cases when the user provides consent by clicking on the “I agree button” on the website, in the data collection forms or otherwise
• Contractual Necessity: When processing is necessary for the performance of a contract with the user or to take steps at the user’s request before entering into a contract.
• Legitimate Interests: When processing is necessary for the legitimate interests pursued by OMNICOMM GROUP or a third party, provided that such interests are not overridden by the user’s rights and freedoms.
• Legal Obligation: When processing is required to comply with a legal obligation to which OMNICOMM GROUP is subject.

4.2. Users are entitled to withdraw consent at any time where consent is the legal basis for processing.

5. DATA SHARING AND TRANSFERS

5.1. Personal data may be shared, for the purposes outlined in this Policy, with the OMNICOMM GROUP as specified in the art. 1.2 above.

5.2. Personal data may also be shared with third-party service providers for purposes such as data hosting, payment processing, customer support, and other services. These third parties are required to protect the data and use it only as necessary to provide the contracted services and liable for any unrightful act in relations to personal data rights violation.

5.3. Where personal data is transferred internationally, including to countries outside the European Economic Area (EEA), OMNICOMM GROUP and its entities will implement appropriate safeguards such as standard contractual clauses or other legally accepted mechanisms to ensure that personal data is adequately protected.

6. DATA RETENTION

6.1. Personal data will be retained for as long as necessary to fulfill the purposes outlined in this Policy or as required by law.

6.2. Once personal data is no longer necessary for the purposes for which it was collected, it will be securely deleted or anonymized in accordance with OMNICOMM GROUP’s and its entities policies.

6.3. General time span of personal data retention performed by OMNICOMM GROUP and its entities shall be not limited if otherwise is not stipulated.

7. RIGHTS OF THE DATA SUBJECT

7.1. Users have the following rights regarding their personal data:

• Right to Access: The right to obtain confirmation that personal data is being processed and access to such data.
• Right to Rectification: The right to request correction of inaccurate or incomplete personal data.
• Right to Erasure: The right to request the deletion of personal data, subject to certain conditions.
• Right to Restriction of Processing: The right to request the restriction of processing personal data under specific circumstances.
• Right to Data Portability: The right to receive personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
• Right to Object: The right to object to the processing of personal data for certain purposes, including direct marketing.
• Right to Withdraw Consent: The right to withdraw consent at any time, where consent is the legal basis for processing.

7.2. To exercise these rights, users must contact OMNICOMM GROUP via the contact details provided below. Requests will be handled within the timeframes specified by applicable law.

8. SECURITY OF PERSONAL DATA

8.1. OMNICOMM GROUP employs appropriate technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or destruction.

8.2. While OMNICOMM GROUP strives to protect personal data, no method of transmission over the internet or electronic storage can be guaranteed to be 100% secure. Therefore, absolute security cannot be assured.

9. CHANGES TO THE PRIVACY POLICY

9.1. OMNICOMM GROUP reserves the right to modify this Privacy Policy at any time.

9.2. Any changes to the Policy will be posted on the official website of OMNICOMM GROUP.

10. CONTACT INFORMATION

10.1. For any questions, concerns, or requests regarding this Privacy Policy, or to exercise data protection rights, users may contact OMNICOMM GROUP and it’s entities by addressing a letter to the following e-mail: [email protected]

10.2. The Policy comes into force from the date of approval and is a document of direct effect for all entities of the OMNICOMM GROUP and is mandatory for the structural divisions and employees of the companies of the OMNICOMM GROUP, users and persons or entities who are disclosing their personal information or personal data to OMNICOMM GROUP and its entities.

10.3. Control over the implementation of the Policy is carried out by individuals appointed by OMNICOMM GROUP who will be persons in charge and in direct responsibility.