Privacy Policy - OmegaCloud

Effective Date: March 3, 2026

This Privacy Policy describes how OmegaCloud Cloud Service & Datacenters Providers, UAE license 1487010 issued on March 27, 2025 ("OmegaCloud", "we," "us," or "our") collects, uses, and handles your information when you use our website (omegacloud.ai) and related services (the "Service").

Information We Collect

Account Information

• Email address
• User name
• Google account id (when registering with Google account)
• Github account id (when registering with Github account)

Payment Information

Payments are processed by our third-party payment processor, Stripe. We do not directly store your full credit card details. We receive confirmation of payments and transaction details necessary for billing. Stripe's use of your information is governed by their privacy policy.

Usage Data

Information about the resources you consume (compute instances, storage usage, network traffic), commands executed via the CLI (omega run), application logs, and performance metrics. This is used solely for operating the Service, billing, monitoring, and technical support.

Technical & Analytics Data

Standard web log data (IP address, browser type) when you visit omegacloud.ai. We may also use third-party analytics and monitoring services (like Mixpanel, Sentry, or similar) to collect anonymized or pseudonymized data about service usage to understand patterns, monitor performance, and improve the Service.

How We Use Your Information

• To provide, operate, secure, and maintain the Service.
• To process payments via Stripe and manage your account balance.
• To communicate with you regarding your account, technical issues, security updates, or service changes (potentially using third-party email services).
• To monitor resource usage for billing and platform stability.
• To analyze usage patterns (often in aggregated/anonymized form) to improve the Service.
• To share necessary information with our third-party service providers solely for the purpose of operating the Service.
• To comply with legal obligations.

Third-Party Service Providers

We utilize various third-party service providers to operate OmegaCloud. This includes:

Infrastructure Providers

We host the Service and your deployed applications on infrastructure provided by leading cloud service providers (such as AWS, Google Cloud, Microsoft Azure, or others). Your code and data reside within these environments.

Payment Processing

We use leading payment service Stripe to process all payments.

Other Services

We may use other third parties for functions like email notifications, analytics, error monitoring, and customer support.

We select providers carefully, but their services are governed by their own terms and privacy policies. We may change our providers at our discretion.

User Code and Data

We need access to your deployed code and application data residing on our infrastructure providers strictly for technical purposes: running your application, monitoring, providing logs, ensuring security, and troubleshooting.

We do not:

• Claim ownership of your code or application data
• Use your code or data for training AI models
• Share it inappropriately (except as required for service operation or by law)
• Sell your code or data
• Use your application as our own

You retain all ownership rights to your code and application data.

Google API and OAuth Data Access

Authentication and Authorization

OmegaCloud uses Google OAuth 2.0 to allow users to sign in and to grant our platform permission to access certain Google services on their behalf, strictly as needed to operate the automations and applications users build on our platform.

Google API Scopes We May Request

When a user connects their Google account, we may request access to the following Google API scopes, depending on the features and automations they choose to configure:

• Gmail (e.g., https://www.googleapis.com/auth/gmail) — to read, send, modify, label, or manage emails as part of user-created automations.
• Google Drive (e.g., https://www.googleapis.com/auth/drive) — to read from, write to, create, or modify files in the user's Drive as part of user-built apps and automations.
• Google Docs (e.g., https://www.googleapis.com/auth/documents) — to read or write documents as directed by user-configured automations.
• Google Sheets (e.g., https://www.googleapis.com/auth/spreadsheets) — to read from or write to spreadsheets as directed by user-configured automations.

We request only the scopes strictly necessary for the specific integrations and automations each user configures. Users can review and revoke granted permissions at any time via their Google Account settings.

How We Use Google User Data

We use data obtained via Google APIs exclusively to provide and improve the core functionality of our application builder platform, which allows users to:

• Create, run, and manage custom automations connected to their own Google services.
• Interact with their Gmail, Drive, Docs, Sheets, and related services as part of those automations.

Examples of operations performed on behalf of users include: processing incoming emails, updating spreadsheets based on triggers, creating Docs from templates, and organizing files in Drive — all based on automations designed and enabled by the user themselves.

We do not use Google user data for advertising, marketing, profiling for unrelated services, selling data, or training machine-learning models.

Storage and Retention of Google User Data

We store only the minimum data required to run a user's automations:

• OAuth tokens (access and refresh tokens) to authenticate API calls on the user's behalf.
• Automation configuration (e.g., which scopes, triggers, and actions the user has set up).

OmegaCloud itself does not persistently store email contents, file contents, or other Google personal data for its own purposes. However, if a user builds an application or automation that explicitly saves such data (for example, archiving emails or writing Drive file contents to a database), that data may reside on OmegaCloud's infrastructure as part of executing the user's own application logic. In such cases, OmegaCloud acts solely as a runtime provider: we do not access, read, analyze, or use that data for any purpose beyond running the user's application. The user retains full responsibility for and ownership of any Google data their application stores.

When a user revokes Google access (via Google Account settings or within OmegaCloud), or deletes their automations or account, we promptly delete associated OAuth tokens and any temporarily cached Google data.

Sharing and Disclosure of Google User Data

We do not share Google user data with third parties except:

• As required to execute the user's own automations — data stays within the workflow the user configured; no external sharing occurs unless the automation itself sends data to a destination the user explicitly set up.
• With our infrastructure subprocessors (e.g., cloud hosting providers) under strict confidentiality agreements, solely to operate the Service.
• As required by law or to comply with a valid legal process.

We never sell Google user data.

Limited Use Compliance

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We use Google user data only to provide or improve user-facing features that are prominent in our platform and explicitly requested by the user.
• We do not transfer Google user data to others except as necessary to provide the service, or as required by law.
• We do not use Google user data for serving advertisements, including retargeted, personalized, or interest-based advertising.
• We do not allow humans to read Google user data unless we have your explicit affirmative agreement, it is necessary for security or legal compliance, or the use is aggregated and anonymized.

Data Security

We implement reasonable technical and organizational measures and rely on the security practices of our chosen infrastructure providers to protect your information. However, no system is 100% secure. You are responsible for securing your authentication token and application security.

Data Retention

We retain account information while your account is active and as needed afterward for billing, legal compliance, or dispute resolution.

Usage data and logs are retained according to internal policies for technical and billing needs.

Deployed code and data are deleted upon service termination or account closure, subject to provider policies and backup cycles.

Your Rights

You may request access to or correction of your personal information by contacting us. Account deletion requests will be processed, subject to retention needs mentioned above.

Changes to This Policy

We may update this Privacy Policy. We will notify you of significant changes by posting the new policy on our website or via email. Your continued use of the Service after changes constitutes acceptance.

Contact Us

If you have questions, please contact us at hello@omegacloud.ai.