Privacy Policy

1. Introduction

YoursVibe LLC (operating as Ominvo) ("Ominvo", "we", "us") operates ominvo.com. This policy explains how we collect, use, store, and protect your data. By using Ominvo, you agree to this policy.

2. Information We Collect

• —Account data: name, business name, email address, password (hashed by Supabase)
• —Business data: Google Business Profile information, customer reviews fetched via Google Business Profile API
• —Payment data: billing info processed by Stripe — we never store card numbers
• —Usage data: features used, pages visited, timestamps, AI replies generated
• —Technical data: IP address, browser type, device type, cookies, session tokens
• —Communications: emails sent via Resend for alerts and notifications

3. How We Use Your Data

• —To provide, operate, and improve the Ominvo service
• —To fetch and display your Google reviews
• —To generate AI-drafted review replies using Anthropic Claude API
• —To send review alert emails via Resend
• —To process subscription payments via Stripe
• —To authenticate your account via Supabase
• —To detect and prevent fraud or abuse
• —To comply with legal obligations

4. Third-Party Services

We share data with these processors to operate the service:

• —Supabase (database and authentication, USA) — stores user accounts and review data
• —Stripe (payment processing, USA) — handles all billing and subscription management
• —Anthropic (AI API, USA) — generates AI review reply drafts; review text is sent to Anthropic to generate responses
• —Resend (email delivery, USA) — sends review alert and transactional emails
• —Google (OAuth and Business Profile API) — authenticates users and fetches review data

We do not sell your personal data to any third party.

5. Data Retention

• —Account and billing data: retained while your account is active and for 7 years after closure for legal/tax purposes
• —Review and AI response data: retained while your account is active; deleted within 90 days of account deletion
• —Usage logs: retained for 24 months
• —You may request deletion by emailing support@ominvo.com; we will respond within 30 days

6. Cookies and Tracking

We use essential cookies for session authentication (Supabase auth tokens). We do not use advertising or tracking cookies. We do not use Google Analytics or any third-party analytics.

7. Data Security

We use industry-standard security measures including encrypted connections (HTTPS/TLS), Supabase row-level security, and restricted API access. No system is 100% secure; we will notify you of any breach within 72 hours of discovery.

8. Your Rights

Depending on your location, you may have rights under GDPR, CCPA, India's DPDP Act 2023, or other applicable laws, including:

• —Right to access your data
• —Right to correct inaccurate data
• —Right to delete your account and data
• —Right to data portability
• —Right to withdraw consent

To exercise any right, email support@ominvo.com.

9. Children's Privacy

Ominvo is not intended for users under 18. We do not knowingly collect data from minors.

10. International Data Transfers

Ominvo is operated from the United States. By using our service, you consent to your data being transferred to and processed in the United States, where data protection laws may differ from your country.

11. Changes to This Policy

We will notify users of material changes via email or in-app notice at least 14 days before they take effect. Continued use after the effective date constitutes acceptance.

12. Contact