Overview

OmniIndex Inc and its associated companies along with their partners do not store any data that comes through PostgresBC. This data resides only in memory during the processing of an item of content and at no time does it pass out of the control of the customer. No temporary data is stored.

No personally identifiable information (PII) is stored by OmniIndex. 

The OmniIndex PostgresBC data platform has no mechanism to view, manipulate or harvest data that is stored within itself. 

PostgresBC does not store or use cookies.

Data Security

OmniIndex PostgresBC utilizes homomorphic encryption to ensure data is encrypted at all times, even while computations are performed on it. Only the customer has the encryption key with neither OmniIndex nor any third-party able to decrypt the data without the customer handing them the encryption key.

Data is stored in an immutable blockchain and there is zero-trust access to ensure data is protected at all times and that it cannot be manipulated or duplicated.

Information We Collect 

OmniIndex does not collect or store data that OmniIndex or any third-party is able to access. 

PostgresBC’s AI engine does not collect, store, or share any user data with third parties for any purpose. This includes for personalized or generalized AI and/or ML model training.

Information You Give Us

OmniIndex does not store user details, credentials or other user passed information. 

Device Information 

We do not collect or store any specific device information.

Third Party Authorizations And Data Use

During the purchasing process, Google verifies the purchaser’s email address and passes to OmniIndex a validity token that is used to verify the customer system/s. This data is not stored and is only passed to and from the Google Marketplace.
 
When validated, OmniIndex creates a new set of Virtual Machines for the user and also sets up a network for their new VMs.

Once these are setup, the new customer is passed to a webpage that enables them to create a username and password for their new systems. Any data that the customer stores within the OmniIndex Zero-Trust data platform can be encrypted with an encryption key that is owned by the customer. All data is protected by AES 256 encryption keys that are unique to the customer.

All data is also propagated across to the user’s second and third systems, with each system having an external storage device which protects the data from a VM catastrophic event.

The External storage device is also protected using Google encryption keys.


Google Workspace APIs are not used to develop, improve, or train generalized AI and/or ML models.

PostgresBC may sometimes ask that you grant permission to access private areas of your external accounts. For example your Google account. This enables the application to integrate with other tools so your fully private and fully encrypted data can be used in external services like Google Looker.

Data Retention And Deletion Policy

OmniIndex does not store data that OmniIndex or any third-party is able to access. As such, we do not retain any user data. 

Users are able to delete their PostgresBC accounts. Once deleted, it is impossible for a user to access their previously stored data. It is also impossible for OmniIndex, or anyone else, to ever access a deleted account’s data.

Account deletion cannot be undone. 

Data Breach Response

Should OmniIndex become aware of a data breach it will inform the affected customers within 3 hours of finding out about the breach. If the breach is still ongoing then the OmniIndex support team will contact the affected customers within 30 minutes of finding out about the breach. All affected VMs will be taken offline and only allow access by the customer’s specific contact person using a password protected SSH key that the customer has provided having already closed off all other routes to the VM. The VM SSH server will only be able to be accessed via this key and a pre-set IP address from the customer’s network. It will be the customer’s responsibility to check what data has been compromised.
 
Once the breach has been stopped and full remedial actions have been taken, the OmniIndex management will work with the customer to see how the breach occurred and to work on a plan to make sure that it cannot happen again.
 
Please note that while this is a SaaS model, no member of the OmniIndex team or their partners & contractors are able to access the customer’s Virtual Machines or the data that is held within or the zero-trust data store. All passwords, usernames and access points are managed directly by the customer. As such when we see a suspected breach we will try to contact the customer as quickly as possible to help them protect their internal systems.
 
In the unlikely event that a data breach has occurred, it is worth noting that each item of data can be encrypted with a unique encryption key that is salted with a hardware specific salt. This does mean that it is incredibly unlikely that any encrypted data will be of a usable state.

Policy Updates

We may update our privacy policy occasionally to reflect changes in our practices or applicable laws. If we make significant changes, we will notify you by email or through a prominent notice on our website. We encourage you to review our privacy policy periodically for the latest information.

However, we will never collect or store user data. 

More Information

If you have any questions, please email info@omniindex.io