Omli Privacy Policy

Privacy Policy

Omli Technologies Private Limited ("Omli", "we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you access or use any of the following (collectively, the "Services"):

• Our websites (including [omli domain] and related pages) (the "Website")
• Our mobile and web applications (the "Apps")
• Our voice-enabled hardware and connected toys/devices (the "Products").

This Policy is tailored for individuals in India and is intended to align with the Digital Personal Data Protection Act, 2023 (the "DPDP Act") (as and when operationalized) and the Information Technology Act, 2000 and applicable rules (including reasonable security practices). Where the DPDP Act imposes stricter obligations, Omli will comply upon commencement and as rules are notified.

If you do not agree with this Policy, please do not access or use the Services. By using the Services, you consent to the practices described here.

1) Who We Are & How to Contact Us

Data Fiduciary: Omli Technologies Private Limited, WeWork DLF Forum, Cybercity, Phase III, Gurugram, Haryana 122002, India.
Email (Privacy/Support): contact@omli.in

India Grievance Officer: Shivam Munshi, CEO,
Contact: +91-9500153960,
Address: Omli Technologies Private Limited, WeWork DLF Forum, Cybercity, Phase III, Gurugram, Haryana 122002, India.
Email: shivam@omli.in

We aim to acknowledge grievances within 24–72 hours and resolve them within applicable statutory timelines.

2) Who Uses Omli - Roles & Audience

The categories of people who interact with our Services (collectively, "Users") include:

• Site Visitor: anyone visiting our Website.
• Customer: an individual who purchases Products from Omli or our partners.
• Authorized User (Parent/Guardian/Representative): an adult who registers/manages a Product for a child.
• Primary User: the user of a Product (either the Authorized User or the Authorized User's child) and any person who interacts with a Product in a store/demo.

Children & Teens. Under the DPDP Act, a child is any person under 18. The Apps and Website are intended for adult parents/guardians to set up/manage Products for a child. We do not knowingly collect personal data from children via the Website or Apps without verifiable parental/guardian consent. See Section 7 (Children's Privacy).

3) Personal Data We Collect

3.1 Information You Provide

a. Account & Purchase: name, email, phone, shipping/billing address, login credentials; order and warranty details. Payments are processed by our payment partners; we store limited payment metadata.

b. Child Setup (provided by parent/guardian): what the Product should call the child (name or nickname), child's date of birth (to tailor age appropriate experiences), names/relationships of family members, parental contact email/phone, and optional preferences (likes/dislikes).

c. Your Communications: support queries, feedback, emails, phone calls, or postal correspondence.

d. Surveys, Promotions: responses and any details you choose to submit.

e. Social Channels & Forums: content you post on Omli managed forums/blogs/social pages is considered public and may be read, collected, and used by others.

3.2 Voice Interactions & Transcripts

a. Temporary Audio Capture: When a Primary User speaks to a Product, the Product may capture voice audio to perform via our service provider(s). Audio files are deleted promptly after transcription (they may temporarily remain on device to complete processing).

b. Text Transcripts: Transcriptions of interactions may be retained for up to 90 days to (i) enable parental review and (ii) support conversation continuity/personalization. Parents/guardians can view and delete transcripts in the App at any time; after 90 days they are automatically deleted.

c. Model Use: We do not use your audio or transcripts to train generalized models unrelated to Omli's Services. Where providers process data to deliver our features, they are contractually restricted to Omli's instructions.

3.3 Images, Environment & Sensors

a. Voices in the Household: Depending on features you enable, Products may detect and/or analyze voices to personalize experiences (e.g., recognizing a household profile) or to wake on trigger words (e.g., "Hello" style wake word). Background audio could be captured incidentally when someone speaks near the Product. You can disable mic access in settings.

b. Spatial Mapping: Certain Products may collect information about their environment (movement/path, proximity sensors) to create a digital map of accessible space; this is generally non-visual and not a recognizable image of your home.

3.4 Automatic Data Collection

We may automatically collect: IP address, device identifiers (e.g., MAC/advertising ID), OS/browser details, mobile network info, approximate location (e.g., time zone or city) to enable features like local weather and for connectivity, pages/screens viewed, actions taken, error logs/diagnostics, session duration and telemetry. We also use cookies, local storage, and secure mobile storage for authentication, preferences, fraud prevention, analytics, and features.

3.5 Biometric Information (If Enabled)

With explicit, verifiable parental/guardian consent (or your consent if you are an adult Primary User), Products may collect and store face/voice characteristics to help a user securely log in or personalize experiences. We do not sell, lease, or trade biometric data. Biometric templates (if used) are stored with industry standard security and retained for no more than three (3) years from the last use, after which they are deleted. You may delete biometric data at any time via the App or by contacting us.

3.6 Information from Other Sources

We may receive information from app stores, identity verification services, social sign-in providers, analytics/measurement partners, retail partners, and logistics/payment partners, consistent with your settings on those services.

4) How We Use Personal Data (Purposes)

We process personal data to:

• Provide and operate the Services (including pairing/control of Products over Bluetooth/Wi-Fi; conversational features: speech-to-text, text generation, text-to-speech);
• Create/manage accounts; verify a parent/guardian's identity and relationship to a child; manage onboarding;
• Personalize content (e.g., age appropriate experiences, nickname, preferences);
• Communicate about accounts, purchases, updates, warranty, and policy changes;
• Support & safety: detect/repair errors, prevent fraud/abuse, ensure product integrity, and respond to incidents;
• Analytics and improvement of Services, including de-identified/aggregated insights;
• Marketing to adults (with consent/opt-in where required); no behavioral targeting to children;
• Comply with law, respond to lawful requests, enforce terms, and protect rights/safety.

Automated Decisions/Profiling. We do not make decisions producing legal or similarly significant effects using solely automated processing without appropriate safeguards or your consent where required. You can contact us to express a view, obtain an explanation, or contest such decisions where applicable.

5) Legal Bases & Consent

Where the DPDP Act applies, we rely on one or more of the following:

• Consent (including verifiable parental/guardian consent for children) for specified purposes;
• Performance of a contract (providing the Services you request);
• Compliance with law and legitimate uses under Indian law (e.g., fraud prevention, security, legal claims, and emergencies).

You may withdraw consent at any time through settings or by contacting us (Section 1). Withdrawal does not affect prior lawful processing.

6) Cookies, SDKs & Interest-Based Ads (Adults)

We and our partners use cookies, pixels, and APIs/SDKs for functionality, performance, analytics, and (on the Website only) interest-based advertising to adults. You can manage cookies in your browser/device and opt out of interest-based advertising using platform settings and recognized industry tools. We do not use advertising trackers on Products for targeting or retargeting children.

7) Children's Privacy

A child is under 18. We collect only what is reasonably necessary for a child to use child appropriate features, and require verifiable parental/guardian consent before collecting, using, or disclosing a child's personal data, except for limited one time responses or consent seeking.

Parents/guardians can review, correct, or delete their child's data, withdraw consent, or disable microphones /features through settings or by contacting us (Section 1).

Voice audio captured for interactions is used only to provide the requested functionality (transcription and response) and is deleted promptly after transcription. Text transcripts are retained up to 90 days (or less if deleted by the parent) to enable review and continuity.

We do not conduct behavioral advertising to children and design our Services to avoid processing likely to harm a child's well-being.

Household Notice. If you use Products where others may be present, you are responsible for complying with applicable notice/consent requirements (e.g., informing guests that wake-word detection and incidental audio capture may occur). You may restrict capture using settings.

8) Your Choices & Controls

• Account & Profile: Access/update certain details in your account dashboard.
• Transcripts & Biometric Data: View/delete conversation transcripts at any time; delete biometric data in the App or by contacting us.
• Location & Permissions: Disable location, or microphone access in device settings; some features may not function.
• Marketing Preferences (Adults): Opt out via unsubscribe links, in-App settings, or by contacting us.
• Cookies/Ads (Adults): Manage browser/mobile settings; use platform opt-outs.
• Consent Withdrawal: Withdraw at any time via settings or by contacting us.

9) Your Privacy Rights

Subject to applicable law, you (or your parent/guardian for a child) may:

• Access personal data processed by Omli;
• Correct/Update inaccurate or incomplete data;
• Erase data that is no longer necessary or where consent is withdrawn;
• Seek Grievance Redressal via our Grievance Officer; and

We may request information to verify identity and relationship to the child before acting on a request. Certain data may be retained where required by law or for legal claims.

10) Disclosures and Sharing

We may share personal data with:

• Service Providers (Processors): cloud hosting, speech-to-speech/ speech-to-text/text-to-speech, analytics/measurement, identity verification, payments, logistics, customer support. They act on Omli's instructions and are subject to confidentiality and security obligations.
• Third-Party Developers/Partners: where you choose to use partner content/services or jointly branded offerings; your data may be provided directly to those partners under their privacy policies.
• Affiliates: for support consistent with this Policy.
• Advertising Partners (Website – adults only): to deliver/measure ads; never for targeting children or on Products.
• Legal/Safety: to comply with law or legal process; protect rights, property, or safety; prevent fraud/security incidents; or enforce terms.
• Business Transfers: as part of a merger, acquisition, financing, reorganization, or sale of assets.
• With Your Direction/Consent.

No Sale of Personal Data. We do not sell personal data.

11) Data Retention

We retain personal data only as long as necessary for the purposes described, including to comply with law, resolve disputes, and enforce agreements. Illustratively:

• Audio of interactions: retained only until transcription completes, then deleted.
• Text transcripts: retained up to 90 days unless deleted earlier by the parent/guardian.
• Biometric templates (if enabled): retained up to 3 years from last use, then deleted.
• Account, purchase, and support records: retained for the life of the account and a reasonable period thereafter (e.g., tax, fraud prevention, legal obligations).

12) Security

We implement reasonable technical and organizational measures including encryption in transit/at rest for sensitive data, authenticated access, least privilege controls, logging/monitoring, and vendor due-diligence. No system is perfectly secure; if a data incident occurs, we will take steps consistent with law, which may include notifying you and authorities.

13) Third-Party Sites, Social Media & SDKs

The Services may include links to third-party sites/services and embedded SDKs/APIs. Their data practices are governed by their own policies. Your interactions with such features (apart from our Services) are governed by those third parties' terms and privacy notices.

14) Do Not Track

You can manage tracking by adjusting cookies/permissions and using opt out tools.

15) Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will make reasonable efforts to notify you by posting the updated Policy and, where appropriate, by additional notice (e.g., email/in App). Your continued use after the effective date constitutes acceptance.

16) Contact

Omli Technologies Private Limited
WeWork DLF Forum, Cybercity, Phase III, Gurugram, Haryana 122002, India
Email: contact@omli.in
Phone: +91-9500153960

If you are a parent/guardian and wish to review, correct, delete, or withdraw consent for your child's data, or if you wish to delete biometric data, you may do so via the App or by contacting us as above.

Quick Reference — Key Settings & Controls

• Delete Transcripts: App → Profile → Support → Email us
• Delete Account: App → Profile → Support → Delete account

Your Responsibilities. If guests are present near a Product, ensure you have proper notice/consent from those individuals as required by applicable law.