OmniDrop

The all-in-one AI-powered dropshipping platform. Find winning products, generate marketing content, and scale your store — all on autopilot.

Stay in the loop

Get product updates, growth tips, and exclusive offers. No spam — unsubscribe anytime.

Product

  • Features
  • Pricing
  • Documentation
  • Blog

Company

  • About
  • Contact

Legal

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • GDPR
  • DPA

© 2026 OmniDrop Inc. All rights reserved.

PrivacyTermsCookiesSOC 2 Type II
Back to home

Privacy Policy

Last updated: April 1, 2026OmniDrop Inc.

Legal Documents

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • GDPR
  • DPA

Questions about our legal policies? Contact us at legal@omnidrop.io

This Privacy Policy explains how OmniDrop Inc. ("OmniDrop," "we," "us," or "our") collects, uses, discloses, and safeguards your information when you use our platform, website, and related services (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with its terms, please discontinue use of the Service.

1. Information We Collect

1.1 Information You Provide

We collect information you voluntarily provide when you register for an account, subscribe to a plan, contact support, or interact with the Service:

  • Account Data: Full name, email address, password (stored as a salted hash), and optional profile photo.
  • Billing Data: Payment method details are collected and processed by our PCI-DSS Level 1 compliant payment processor, Stripe. We never store card numbers on our servers.
  • Store & Integration Data: OAuth tokens and store metadata from connected platforms (Shopify, Amazon, TikTok, Meta).
  • Content: Product listings, AI-generated copy, uploaded media, and campaign configurations you create within the Service.
  • Communications: Support tickets, contact form submissions, and survey responses.

1.2 Information Collected Automatically

When you access the Service, we automatically collect certain technical information:

  • Device & Browser: IP address, browser type and version, operating system, device identifiers, and screen resolution.
  • Usage Data: Pages visited, features used, clickstream data, session duration, and referring URLs.
  • Performance Data: API response times, error logs, and crash reports to maintain service reliability.

2. How We Use Your Information

We process your personal data for the following purposes:

  • Service Delivery: To provide, operate, and maintain the features and functionality you have subscribed to.
  • Billing & Transactions: To process payments, issue invoices, and manage your subscription lifecycle.
  • Product Improvement: To analyze usage patterns (in aggregate) and improve performance, reliability, and the user experience.
  • Security & Fraud Prevention: To detect, investigate, and prevent unauthorized access, abuse, and fraudulent activity.
  • Communications: To send transactional emails (receipts, alerts, password resets) and, with your consent, marketing communications.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. Information Sharing & Disclosure

We do not sell, rent, or trade your personal information. We share data only in these limited circumstances:

  • Service Providers: Vetted third parties who perform services on our behalf (hosting, payment processing, email delivery, analytics). Each is bound by contractual data protection obligations.
  • Connected Platforms: When you connect a store (e.g., Shopify), we share product and order data necessary to fulfill that integration.
  • AI Model Providers: Prompts sent to AI models (OpenAI, Anthropic, Google) for content generation. We do not include personal data in AI prompts.
  • Legal Requirements: When required by law, subpoena, court order, or to protect the rights, safety, or property of OmniDrop or its users.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users.

4. Data Security

We implement industry-standard security measures to protect your personal information:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Role-based access controls with principle of least privilege
  • Regular security audits and penetration testing
  • Automated threat detection and real-time monitoring
  • SOC 2 Type II compliance

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We encourage you to use strong, unique passwords and enable two-factor authentication on your account.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion, we retain certain data for up to 30 days to allow for recovery, then permanently delete it. Billing records are retained for 7 years to comply with tax and accounting regulations.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Correct inaccurate or incomplete personal data.
  • Erasure: Request deletion of your personal data (subject to legal retention requirements).
  • Portability: Export your data in a machine-readable format (JSON).
  • Restriction: Limit how we process your data in certain circumstances.
  • Objection: Object to processing based on legitimate interest.
  • Withdraw Consent: Where processing is based on consent, withdraw it at any time.

To exercise any of these rights, contact us at privacy@omnidrop.io. We will respond within 30 days.

7. Cookies & Tracking Technologies

We use essential cookies for authentication and session management, and optional analytics cookies to understand usage patterns. We do not use advertising or social media tracking cookies. For full details, see our Cookie Policy.

8. International Data Transfers

Our servers are located in the United States. If you access the Service from outside the U.S., your data may be transferred internationally. We use Standard Contractual Clauses (SCCs) approved by the European Commission and implement supplementary measures to ensure adequate protection for international data transfers.

9. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at privacy@omnidrop.io.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email and/or an in-app notification at least 30 days before taking effect. The "Last updated" date at the top of this page reflects the most recent revision.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact our Privacy Team:

  • Email: privacy@omnidrop.io
  • Data Protection Officer: dpo@omnidrop.io
  • Postal Address: OmniDrop Inc., Privacy Department, 548 Market Street, Suite 36879, San Francisco, CA 94104, United States