Omni Checklist

Privacy Policy

Last updated: April 17, 2026

1. Introduction

Omni Checklist ("we", "us", or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect information about you when you visit https://omnichecklist.com ("the Site").

This policy complies with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Omni Checklist is the data controller for personal data collected through this Site. If you have any questions or wish to exercise your rights, please contact us via our contact page.

3. Data We Collect

We may collect the following categories of personal data:

3.1 Data you provide directly

  • Contact form: name, email address, and your message.
  • Suggestion form: your suggestion text, and optionally your name and email address.

3.2 Data collected automatically

  • Usage data: IP address, browser type, operating system, referring URLs, and pages visited. This data is collected via server logs and third-party analytics.
  • Cookies and similar technologies: See Section 7 for details.

4. How We Use Your Data

We use personal data for the following purposes:

  • To respond to your contact messages and enquiries.
  • To review and potentially act on checklist suggestions.
  • To operate, maintain, and improve the Site.
  • To monitor for and prevent abuse, fraud, or security incidents.
  • To comply with legal obligations.

5. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data on the following legal bases:

  • Consent (Art. 6(1)(a)): When you voluntarily submit a contact or suggestion form, you consent to us processing the data you provide.
  • Legitimate interests (Art. 6(1)(f)): For operating the Site, analysing usage, and maintaining security, where our interests are not overridden by your rights.
  • Legal obligation (Art. 6(1)(c)): Where processing is required to comply with applicable law.

6. Third-Party Services

We use the following third-party services that may process personal data on our behalf:

Google Firebase (Firestore)

We use Google Firebase to store form submissions. Data is stored on Google's infrastructure. Google acts as a data processor under a Data Processing Agreement. See Firebase Privacy.

Google AdSense

We display advertisements served by Google AdSense. Google may use cookies to serve ads based on your prior visits to this or other websites. You can opt out of personalised advertising by visiting Google Ads Settings. See Google's Privacy Policy for more information.

7. Cookies

The Site uses the following types of cookies:

  • Strictly necessary cookies: Required for the Site to function. These cannot be disabled.
  • Advertising cookies: Set by Google AdSense to serve relevant advertisements. These are only placed with your consent where required by law.

You can control cookie settings through your browser preferences. Disabling certain cookies may affect your experience of the Site.

8. Data Retention

We retain personal data submitted via our forms for no longer than necessary to fulfil the purpose for which it was collected, or as required by law. Contact and suggestion submissions are retained for up to 2 years, after which they are deleted or anonymised.

9. International Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States, where Google Firebase infrastructure is operated. Such transfers are made subject to appropriate safeguards, including Standard Contractual Clauses approved by the European Commission.

10. Your Rights (GDPR)

If you are located in the EEA, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data ("right to be forgotten").
  • Right to restriction: Request that we restrict processing of your data.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests.
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us via our contact page. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority (e.g. the ICO in the UK, or your national DPA in the EU).

11. Children's Privacy

The Site is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page with a revised "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions or concerns about this Privacy Policy, or wish to exercise your data rights, please reach out via our contact page.