We use cookies to enhance your experience on our website. By continuing to browse, you agree to our use of cookies as outlined in our Privacy Policy, User License Agreement, and Terms of Use.

Privacy Policy

Last Updated: [23.05.2025]

Introduction:
Omegarender LLP (“Company”, “we”, “Omega”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use Omega’s educational platform (our “Website” or “Service”), which includes the purchase of recorded masterclasses and subscription-based access to educational content (“Club”). It also describes your rights and choices regarding your personal data. This Privacy Policy is governed by the laws of England and Wales and is designed to comply with the EU General Data Protection Regulation (GDPR) as well as applicable United States privacy laws (including the California Consumer Privacy Act (CCPA), to the extent they apply). We aim to adhere to the most stringent and consumer-protective privacy standards across the jurisdictions we serve.

By using our Website or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Website. This Privacy Policy is incorporated into and made part of our Terms of Use. For definitions of capitalized terms not defined here, please refer to the Terms of Use.

Data Controller: Omegarender LLP having registered address at Beck Mill, Reva Syke Road, Bradford, United Kingdom, BD14 6QY is the “data controller” of your personal data for purposes of EU/UK/USA data protection law. If you have any questions or requests regarding your personal data, you can contact us at cgincubator2.0@gmail.com.

1. Personal Data We Collect

We collect several types of personal data from and about users of our Service. The types of information we collect include:

  • Identity and Contact Data: When you register or make a purchase, we collect personal identifiers such as your name, email address, and (in some cases) phone number. You may also provide us with your mailing/billing address or other contact details if needed for payment or invoicing.
  • Account Credentials: If an account is required, we collect the username and password you create. (Passwords are stored in an encrypted form and not visible to us.)
  • Payment Information: If you purchase a masterclass or subscription, our payment processor (e.g., Stripe) will collect your payment card details and billing information. We do not store full credit/debit card numbers or security codes on our own servers; that information is handled by the third-party payment provider. We may retain non-sensitive payment details such as transaction dates, amounts, and the last four digits of your card for record-keeping.
  • Profile Data: If you set up a profile on our platform, we may collect optional information you choose to provide such as a profile photo, biography, preferences, or interests related to our courses. (Providing this information is optional.)
  • Communications: If you contact us (e.g., via customer support email or chat), we will collect the information you provide in your inquiry, such as your contact details and the content of your message. We may also keep records of our correspondence with you.
  • Usage Data: We collect information about how you access and use our Website. This includes:
    • Technical Data: Your device and internet connection information, such as your IP address, device type, operating system, browser type, browser language, and platform.
    • Usage and Interaction Data: Details of your use of the Website, such as pages or content viewed, links clicked, time spent on pages, referring webpage, and navigation paths. We also collect information on your interactions with our videos or downloadable materials (e.g., whether you have accessed or completed a lesson).
    • Login and Log Data: When you log in to your account or access content, our systems automatically record the date and time, and other log details (this helps us with security and auditing access).
  • Cookies and Tracking Data: We use cookies and similar tracking technologies to collect data about your browsing actions and preferences on our Website. This may include:
    • Analytics Data: Through tools like Google Analytics, we collect data on page requests, interactions, and site performance metrics (such as load times or errors). This helps us understand user behavior and improve our Service.
    • Advertising and Behavioral Data: We may use cookies or pixels (e.g., from Facebook Ads or Google Ads) to understand how you interact with our ads or to deliver targeted advertisements. For example, if you visit our site via an ad, a cookie might record that for future analytics or ad targeting.
    • Functional Cookies: These remember your preferences (like language or volume settings) and help with authentication (keeping you logged in, with your consent).
      Cookies are discussed in more detail in Section 3 below. You can control cookies through your browser settings and other tools, as described later.
  • Learning Progress Data: If our platform tracks course progress (e.g., which lessons you’ve completed, quiz scores, etc.), we will collect that information to provide you with your learning history and to improve our content.
  • Social Media Data: If you interact with our social media pages or use social media login features (if available), we might receive basic information from your social media profile (such as your name, profile ID, and email) as permitted by your social media account settings. We do not collect this unless you choose to use such features or interact with us via those platforms.

We do not collect any special categories of personal data about you (such as race, ethnicity, religion, health, biometric data, etc.), unless you voluntarily provide such information in using our platform (and we advise you not to post such sensitive information in any public areas). We also do not intentionally collect any information about criminal convictions or offenses.

2. How We Collect Personal Data

We collect personal data from you through several methods:

  • Directly from You: Most of the data listed above is provided directly by you. For example:
    • When you register an account, you provide identity and contact data and choose a password.
    • When you purchase a course or subscription, you input payment information (which goes to our payment processor) and provide any details needed to complete the transaction.
    • When you fill out forms on our site (such as a contact form, newsletter sign-up, or comment field), you provide the information requested by those forms.
    • When you communicate with us via email, support chat, or phone, you give us your contact information and the contents of the communication.
    • If you submit user content (e.g. posting on a forum or sending us your project work), we collect whatever information you include in those submissions.
  • Through Automated Technologies: As you interact with our Website, we automatically collect certain Usage Data, Technical Data, and Tracking Data described above. This is collected via technologies such as:
    • Server Logs: Our servers log requests made when you visit the site (recording IP, timestamps, etc.).
    • Cookies: Small data files placed on your device. Cookies allow us to remember your actions or preferences over time. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain until they expire or you delete them). See Section 3 for more on cookies.
    • Tracking Pixels and Tags: We and our third-party partners (like Facebook, Google, or email providers) may use tiny graphic images or scripts that collect data about your interaction with our site or emails (for example, whether you opened an email, or clicked a certain link). This helps us measure the effectiveness of our communications and marketing campaigns.
    • Analytics Scripts: We use third-party analytics tools (like Google Analytics) that deploy their own cookies or identifiers to collect usage . These tools help us analyze how users use the site. Google Analytics, for instance, collects information like how often users visit the site, what pages they visit, and what other sites they used prior to coming to ours. Google Analytics may acquire information via cookies and report website trends without identifying individual visitors. (You can opt out of Google Analytics as described in Section 3.)
  • From Third Parties: We may receive personal data about you from third-party sources in certain circumstances, such as:
    • Payment Processors: After you make a payment, our payment partner (e.g., Stripe) provides us with confirmation of payment and basic details (like your name, email, and payment amount). This helps us record that you have paid and to activate your access to content.
    • Marketing or CRM Tools: We use customer relationship management services (like ManyChat for messenger communications or ActiveCampaign for email marketing) to collect data that you consent to give (for example, if you subscribe to a newsletter or opt in to receive messages). These services might tell us if you interacted with a message (like opening an email or clicking a link) so we can measure engagement.
    • Advertising Partners: If you came to our site through a third-party advertisement or affiliate link, we might receive info from that partner (e.g., an affiliate ID or campaign info) to understand ad performance or to credit referrals. We might also receive aggregated audience information from advertising platforms to help us understand the demographics or interests of our user base (but typically this data is not identifiable to you individually).
    • Social Media Platforms: If you login via a social network (if we offer that feature) or interact with us on social media, the social platform may send us certain profile information as authorized by you on their platform. For example, if you use Facebook Login on our site, we might receive your name and email from Facebook to create your account.
    • Public Sources: We generally do not collect data from public databases or third-party data brokers. However, if you enter a contest or promotion that is publicly posted, we might collect information from that context (with your consent).

We will only collect personal data that is necessary for the purposes identified in this Privacy Policy. Where we ask for personal data, if you choose not to provide it, you may not be able to use certain features of the Service (for example, we can’t create an account without an email address, or process a purchase without payment information).

3. Cookies and Tracking Technologies

Use of Cookies: Omega uses cookies and similar tracking technologies on our Website to enhance your experience, understand usage patterns, and improve our services. When you first visit our site (and periodically thereafter), we will request your consent for certain non-essential cookies in accordance with applicable law. You can choose to allow or reject cookies (aside from strictly necessary cookies) via our cookie banner or your browser settings.

The types of cookies we use include:

  • Strictly Necessary Cookies: These are essential for the operation of our Website and enable core functionality (e.g., user authentication, shopping cart functionality). Without these, the site may not function properly. They do not require user consent.
  • Preferences Cookies: These cookies remember your preferences and settings (such as language selection or volume levels for video playback) to provide a more personalized experience.
  • Analytics Cookies: We use these to collect information about how visitors use our site. For example, Google Analytics cookies allow us to see aggregated site usage statistics and understand which pages are popular or identify areas for improvement. The information collected is generally aggregated and not used to personally identify individuals. Google Analytics may set cookies (_ga, _gid, etc.) to track user sessions and page interactions. If you wish, you can opt out of Google Analytics tracking by installing Google’s opt-out browser add-on or by adjusting cookie settings.
  • Advertising and Marketing Cookies: These cookies (including from third-party ad platforms like Facebook or Google) collect information about your browsing habits and interests in order to provide you with advertising that is more relevant to you. For instance, we may use the Facebook Pixel to track visits and actions on our site, which helps us retarget ads on Facebook to people who showed interest in our courses. Similarly, Google Ads cookies help us show you relevant ads on Google or partner sites. These cookies might track things like which pages you viewed or whether you completed a purchase. We handle data from these cookies in accordance with this Privacy Policy and the policies of the respective third parties.

Cookie Choices: You have the right to decide whether to accept or reject cookies (aside from those strictly necessary for Site functionality). When you visit our site, you can manage your cookie preferences via the banner. Additionally, most web browsers allow you to control cookies through their settings. You can set your browser to refuse cookies or delete certain cookies. Please note that if you disable cookies entirely, some features of our Service may not function correctly (for example, you might not be able to stay logged in or add items to your cart).

Do Not Track: Our Website does not currently respond to “Do Not Track” (DNT) signals. DNT is a setting in some browsers that you can enable to request that websites not track your online activities. Given the lack of a uniform industry standard, we treat DNT signals like other browser requests regarding tracking (honoring cookie consent choices as described above). We continue to monitor developments around DNT and may update our practices as standards evolve.

4. How We Use Personal Data (Purposes of Processing)

Omega uses your personal data for the following purposes (and in accordance with the legal bases described in Section 5 below):

  • Providing and Managing the Service: We use data to create and manage user accounts, authenticate you when you log in, and provide you with access to purchased content or subscription areas. For example, we use your registration information to set up your profile and your payment information to give you access to the masterclass or Club content you paid for. We also use data to provide customer support, verify your identity (to prevent unauthorized access), and process transactions.
  • Delivering Educational Content: We keep track of your course enrollments and progress so that we can deliver the correct materials to you (e.g., unlocking modules in a sequence, or allowing you to resume a video where you left off). If you download materials, we may use data to generate download links or send you the files.
  • Communications:
    • Service-Related Communications: We use your email or phone (if provided) to send you essential communications about your use of the Service. This includes confirmations of purchases, receipts, updates on course availability or changes, notices about subscription expiration/renewal, and important announcements (like changes to our terms or privacy policy). These are transactional or relationship messages, not marketing, so you cannot opt out of receiving them aside from ceasing use of the Service.
    • Customer Support: If you reach out with questions or issues, we will use your contact information and relevant data to respond and help resolve your issue. We might send follow-ups to ensure your issue was resolved.
    • Marketing Communications: With your consent (or as otherwise permitted by law), we may send you newsletters, promotions, or offers about new courses, special deals, or content we think you might find interesting. These may be sent via email or via messaging platforms such as Messenger  if you have opted in. You can opt out of marketing emails at any time by clicking the “unsubscribe” link in any promotional email, or by contacting us. If you have opted in to messaging bot communications, instructions to stop or unsubscribe (e.g., replying “STOP”) will be provided in those messages as required.
  • Personalization: We may use data to personalize your experience on the platform. For example, we might recommend courses or content that align with subjects you’ve shown interest in. We could also customize the homepage or emails to include content relevant to you. This often involves analyzing your past interactions or preferences.
  • Improvement and Analytics: We use usage and analytics data to understand how our Service is used and to improve it. For instance, we analyze which pages or lessons have high engagement or where users drop off, so we can improve content or site navigation. We might conduct surveys or solicit feedback to gauge user satisfaction. All this helps us debug issues, optimize user experience, and develop new features or content that better serve our users.
  • Marketing and Advertising: We may use your data for marketing purposes, such as:
    • Audience Targeting: Creating custom audiences for our advertisements on platforms like Facebook or Google. For example, we might use a hashed version of your email to target you (or people with similar interests) with Omega ads on social media. We may also exclude current customers from certain promotional campaigns (so you don’t see ads for a product you already bought).
    • Retargeting: If you visited our site or showed interest in a course but didn’t complete a purchase, we might show you ads as reminders or related offers. This involves using cookies or pixels as described in Section 3 to track that you visited our site and then using advertising networks to show relevant ads on other sites.
    • Promotional Materials: If you participate in a contest or challenge and share your work, we might (with your permission) showcase your creation on our site or social media as promotion. We might also use testimonials or reviews you’ve given (with attribution to first name or username) on our marketing pages. (We will not disclose sensitive personal info in doing so, and will seek additional consent if needed.)
  • Third-Party Marketing: Important: We do not sell your personal data to third parties for their own marketing. We also do not share your personal data with unrelated third parties for them to send you marketing without your consent. If we run a promotion with a partner and you explicitly opt in to share info with them, then we will honor that specific consent. Otherwise, your personal data stays with Omega and trusted service providers (who only use it on our behalf as described in Section 6).
  • Payments and Fraud Prevention: We use personal data (like payment and account info) to process transactions and to detect and prevent fraud or abuse. For example, our payment processor might analyze transactions for fraud indicators, and we may use IP or device information to ensure a purchase isn’t suspicious. If we suspect fraud, we might use personal data to further verify identity or report the activity to authorities.
  • Compliance with Legal Obligations: We may process personal data as required by applicable laws and regulations. For example, we keep records of transactions for tax and accounting purposes. We might also process data to comply with consumer protection laws (such as honoring opt-out requests) or privacy laws (addressing data subject rights requests). If law enforcement or regulatory authorities lawfully require information, we may process data to comply (after verifying the request and any applicable procedures).
  • Enforcing Terms and Policies: We use data to monitor for and investigate violations of our Terms of Use, EULA, or other policies. For instance, we might track login patterns to ensure a single account isn’t being shared beyond permitted use. If we detect content piracy or sharing of our materials in unauthorized ways, we may use relevant data to enforce our rights (including taking legal action if necessary).
  • Business Transfers: In the event of a potential or actual merger, acquisition, sale of assets, bankruptcy, or transition of service to another provider, we may process and transfer personal data to the new owner or successor entity as part of the evaluation or execution of the transaction. In such cases, we will ensure the recipient agrees to handle your data in a manner consistent with this Privacy Policy (and we will notify you of any change in data control, if required by law).

We will not use your personal data for purposes that are incompatible with the ones outlined above without updating this Privacy Policy or obtaining your consent if required. We do not engage in automated decision-making or profiling that produces legal effects or similarly significant effects for you, except for limited advertising segmentation as described (which does not have significant impact on individuals). If this changes, we will inform you.

5. Legal Bases for Processing Personal Data

For individuals in the European Economic Area (EEA), United Kingdom, and other jurisdictions that require a legal justification for processing personal data, Omega relies on the following legal bases under the GDPR for the processing of your data:

  • Contract Performance: We process certain personal data because it is necessary to perform our contract with you. When you sign up for our services or purchase content, a contract is formed (the Terms of Use and EULA are part of that). We need to process your data to fulfill our obligations under that contract, for example: to provide you with the content you purchased, to manage your account, and to respond to your requests. If you refuse to provide data that is necessary for these services (such as account or payment information), we cannot perform the contract (i.e., we cannot provide the service).
  • Consent: We process personal data based on your consent in certain cases. For example, we rely on consent for sending marketing emails or newsletters (if you sign up), for dropping non-essential cookies on your device (per Section 3), or when we collect sensitive information (which we typically do not do, but if we ever did, we would ask for explicit consent). Where we rely on consent, you have the right to withdraw it at any time (see Section 9 on Your Rights) – this will not affect the lawfulness of processing before withdrawal. For instance, if you consent to our use of cookies or to receive marketing, you can change your mind and we will stop future processing (but note that it won’t undo past processing already done).
  • Legitimate Interests: We process personal data as necessary for Omega’s legitimate interests, provided those are not overridden by your data protection rights. Our legitimate interests include: improving and ensuring the security of our services, understanding how our services are used, conducting marketing and advertising (in a proportionate way), preventing fraud, and pursuing business growth strategies. For example, it is in our legitimate interest to analyze usage patterns to improve content and user experience, and to promote our services to interested users. When we rely on this basis, we consider and balance any potential impact on your rights. You have the right to object to processing based on legitimate interests (see Section 9). If you do, we will assess whether our legitimate grounds for the processing override your rights and freedoms.
  • Legal Obligation: We process personal data when we have a legal obligation to do so – for example, retaining transaction records for tax auditing (as required by financial regulations), or providing information to law enforcement when legally required by a subpoena or similar process. In such cases, the law is the basis for processing and we will limit the data processed to what is legally required.
  • Vital Interests: This is rarely applicable in our context, but if processing is necessary to protect someone’s life or vital health (e.g., handling an emergency involving personal data), we would rely on vital interest as a lawful basis.
  • Public Interest: Similarly unlikely for our typical operations – this would apply only if processing is necessary for a task carried out in the public interest or under official authority (which Omega, as a private company, generally is not engaged in).

If we ever need to process your personal data for a new purpose that is not compatible with the purposes listed in this Policy, we will inform you and, if required, seek your consent or provide a legal justification for that new processing.

6. Disclosure of Personal Data (Third-Party Processors and Recipients)

We do not sell your personal information to third parties. However, we do share certain personal data with third parties, but only in the following categories and circumstances:

  • Service Providers (Processors): We employ trusted third-party companies and individuals to perform functions on our behalf – these service providers are bound by contract to process personal data only according to our instructions and to protect it. Key service providers we use include:
    • Payment Processors: As mentioned, we use Stripe (and possibly other payment gateways) to handle credit card transactions securely. These processors will have access to your payment data for the purpose of processing payments and refunds. They are PCI-DSS compliant and forbidden from using your data for other purposes.
    • Customer Relationship Management (CRM) & Marketing Platforms: We use tools for chatbot and messaging communications and other tools for email marketing and CRM to manage user communications. If you opt-in to our mailing list or messenger updates, these providers store your name, email, and communication history so we can send you relevant messages. They act on our instructions to send out emails or messages that we author. Each of these providers in turn maintains their own privacy and security commitments
    • Analytics Providers: We use Google Analytics and similar analytics tools to gather Usage Data (as described in Section 1). These providers act as our processors in providing aggregated insights. Google may use some data for its own purposes; however, we have configured our Google Analytics to anonymize IP addresses (where applicable) and to not share data with Google’s advertising features unless you have consented. (See Google’s privacy policy for more on how they handle data.)
    • Advertising Partners: Companies like Facebook (Meta) and Google may receive some of your data when we use their advertising and tracking tools on our site (via cookies/pixels). For instance, if we use Facebook Pixel, Facebook can match your site usage with your Facebook account to help us create custom audiences. These companies act as independent data controllers for the personal data they collect (because they use it for their own purposes too, like improving their ad services). We ensure any data matching is done in compliance with their policies (e.g., uploading a hashed email list to Facebook for custom audiences). We do not provide your contact info to advertisers unless you have consented (for example, in a co-branded webinar sign-up).
    • Content Delivery and IT Infrastructure: Our website may be hosted on third-party servers or use content delivery networks (CDNs) to serve content quickly (for example, Amazon Web Services or Cloudflare). These providers process data like your IP address and requests as part of delivering our webpages and content to you. They are typically processors, obligated to handle data securely.
    • Email and Communication Tools: Aside from marketing platforms, we also use email service providers and support software (for example, if we use a service like Zendesk or Freshdesk for support tickets, or if we use GSuite/Outlook for company email). These providers will process the communications data (like your emails to us) for the purpose of storing and transmitting communications.
    • Learning Management System (LMS) Platform: If Omega’s courses are delivered via a third-party LMS or course platform (not just our own servers), that platform might host your account data and course progress. For example, if we partner with a course hosting service, they would necessarily handle user data under our instructions. (Any such platform would also be bound by data protection obligations.)
  • Affiliated Entities: If Omega is part of a group of companies, we may share personal data within our corporate family (e.g., parent company, subsidiaries, affiliates) as necessary to operate the Service. Any such entities will honor the commitments of this Privacy Policy. For example, if Omega has a subsidiary managing the Club content, data may be shared with that subsidiary to deliver the service.
  • Business Transfers: If Omega undergoes a business transaction such as a merger, acquisition by another company, or sale of all or part of its assets, your personal data might be transferred to the acquiring entity or merged with that entity’s data. We would ensure that the new owner continues to handle your data in accordance with this Privacy Policy (or provides notice of any changes). Similarly, if Omega is involved in bankruptcy or restructuring, personal data may be considered an asset and transferred accordingly, subject to legal requirements.
  • Legal Requirements: We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court order, subpoena, or government demand). We will attempt to limit the data disclosed to what is strictly necessary and, when permitted, will inform you of such disclosure. We may also disclose information if we believe in good faith that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend Omega’s rights or property, (iii) prevent fraud, investigate or act on suspected violations (of law or our terms), (iv) protect the personal safety of users or the public, or (v) protect against legal liability.
  • Partners with Your Consent: In some cases, you may explicitly consent to our sharing of information with third parties. For example, if we run a collaboration with another instructor or company and you sign up to receive their content or offers, we might share your contact info with them but only with your knowledge and consent. Likewise, if you use integrations that involve sharing data (e.g., linking your Omega account with a third-party app), we will do so only with your direction.

Third-Party Websites: Please note that our Website may contain links to third-party websites or services (for example, a link to an article or a partner’s site). This Privacy Policy does not apply to those external sites. Clicking those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party sites and encourage you to review their privacy policies. For instance, if you follow a link to a social media site or a payment provider, your interactions on that site will be governed by its own privacy rules.

We strive to ensure that any third party with whom we share personal data will have adequate safeguards for your information. We perform due diligence on our service providers and require them to implement appropriate technical and organizational measures to protect personal data. If you would like more details on the specific third parties we use or have questions about them, you may contact us at cgincubator2.0@gmail.com.

7. International Data Transfers

Omega is based in the United Kingdom  however our Website is primarily targeted at EU and USA. However, the personal data we collect may be transferred to and stored in countries outside of your own, including the United States and other locations. In particular, many of our third-party processors (Stripe, Google, Facebook, ActiveCampaign, ManyChat, etc.) are U.S.-based companies or otherwise may process data in the U.S. or other jurisdictions. This means your personal data could be transferred to, or accessed from, a country that may not provide the same level of data protection as your home country.

Our Approach to International Transfers: When we transfer personal data out of the UK or European Economic Area (EEA), we will ensure that appropriate safeguards are in place to protect it, as required by the GDPR and UK data protection law. These safeguards may include:

  • Adequacy Decisions: Transferring data to countries that the European Commission (or relevant UK authority) has deemed to have an adequate level of data protection. (For example, at the time of writing, the EU has recognized that countries like Canada, Switzerland, Japan, and others provide adequate protection. The U.K. has similar adequacy regulations.)
  • Standard Contractual Clauses (SCCs): We may use the European Commission’s approved contractual clauses (and/or the UK’s International Data Transfer Agreement/Addendum, as applicable) in agreements with our service providers to contractually require that they protect personal data to EU/UK standards. These SCCs are a valid legal mechanism to legitimize transfers to non-EEA countries.
  • Additional Technical Measures: Where appropriate, we may implement additional security measures such as encryption or pseudonymization of data before it is transferred to further protect it from unauthorized access.
  • Privacy Frameworks: We will monitor developments such as the EU–US or UK–US data transfer frameworks. If our U.S. partners are certified under any approved framework (for instance, if a replacement for the Privacy Shield is in effect and our partner is part of it), we may rely on that as a basis for transfer.

By using our Service, you understand that your personal data may be transferred to our facilities and those of our service providers as described above. 

Unknown Storage Locations: Our services sometimes use cloud-based solutions, and as a result, data might be stored in data centers whose exact physical location can vary. For example, if our CRM or database is cloud-based, your data might be stored redundantly in servers across multiple regions for reliability. As noted in our internal records, we may not always know the exact country of storage for each service (it could be “unknown/subject to service provider location” as noted). In all cases, we contractually bind providers to appropriate safeguards regardless of where they store the data.

If you would like more information about the specific transfer mechanisms or safeguards we utilize for international data transfers, please contact us (see Contact section below). We can provide copies of relevant contractual clauses or references to adequacy decisions upon request.

Notice for California Residents (and other US states): Your personal information may be transferred to, and processed in, countries outside of your state of residence, including countries that may have different privacy laws than your state (or the U.S. generally). Where we transfer data out of the U.S., it would typically be to the EU or other regions for our operational needs (which generally have strong data protection laws). We will protect your information as described in this Policy.

8. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including to satisfy any legal, accounting, or reporting requirements. In general:

  • Account Data: If you create an account, we will keep your personal data as long as your account is active. You may request that we delete your account (see Section 9 on Your Rights). If you request deletion or if your account is inactive for an extended period, we will either delete or anonymize your data, or if that’s not immediately feasible (e.g., the data is stored in backups), we will securely store your data and isolate it from further use until deletion is possible.
  • Transaction Data: We retain information about purchases and payments for a minimum of [7] years (or as required by tax and financial regulations). This includes your order details, payment records, and any communications about the purchase. We keep this data to comply with our legal obligations and in case of disputes.
  • Course Content and Progress: We retain your course progress, submissions, and related data for as long as you have access to the course and a reasonable period thereafter, in case you return or need proof of completion. If you delete your account or if we discontinue a course, we may anonymize or erase this data. If user-generated content (e.g., forum posts or project submissions) was made public on our platform, copies of it might remain visible to other users even after your account is deleted, but we will attempt to anonymize the author.
  • Marketing Data: If you have consented to receive marketing, we will retain your marketing preferences and contact information until you opt out or unsubscribe from marketing communications. Once you unsubscribe, we will move your contact info to a suppression list to ensure we don’t accidentally send you further marketing (unless you resubscribe).
  • Analytics Data: We typically retain analytics data in aggregate form. If any analytics data is linked to your user profile, we limit access to or anonymize that data after a reasonable period (commonly 26 months for Google Analytics retention by default, unless we adjust this).
  • Logs and Security Data: Web server logs, security logs, and related records are usually kept for a short period (e.g., a few months) unless they are actively used to investigate security incidents or abuse. We may retain specific logs longer if needed for incident analysis.
  • Legal and Contractual Obligations: If we are under a legal obligation to keep data (for example, certain communications or records required by law, or data preserved due to a litigation hold), we will retain the data as long as required. We may also retain data for the duration of any statute of limitations to protect ourselves in the event of legal claims (for example, contract claims or consumer complaints might have a limitation period of several years).

Once the retention period expires or the purpose of processing has been achieved, we will either delete or anonymize your personal data. Anonymization is a process of altering data so that it can no longer be associated with you (which allows us to keep aggregated statistics indefinitely without identifying individuals). If deletion or anonymization is not feasible (for example, because your data is stored in backup archives that are not easily isolated), then we will securely store your personal data and isolate it from any further processing until deletion is possible.

Data Deletion: In some cases, you may request deletion of your personal data earlier (see the Right to Erasure in Section 9). We will honor such requests where possible, except where we need to retain information for legal or legitimate business reasons as described. For example, if you request deletion, we might still keep a record of your transaction (tied to an order number rather than your name, if possible) to satisfy legal requirements.

9. Your Rights and Choices

You have certain rights regarding your personal data, which may vary depending on your jurisdiction. Omega is committed to honoring these rights. Below we outline the rights for users in the EU/EEA and UK (under GDPR), and relevant rights for users in the United States (including California residents). We will respond to requests to exercise these rights as required by law.

For EU/EEA and UK Users (GDPR Rights):

  • Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to request a copy of the data and additional information about how it’s processed. This includes details like the purposes of processing, categories of data, recipients (or categories of recipients) to whom the data has been disclosed, and the envisaged retention period. We will provide this information free of charge, except in cases of excessive or unfounded requests (where we may charge a reasonable fee or refuse).
  • Right to Rectification: You have the right to request that we correct or update any inaccurate or incomplete personal data we hold about you. For example, if your email address or telephone number has changed, you can ask us to update it. We encourage you to keep your account information up-to-date, and you may be able to make some changes yourself via your account settings.
  • Right to Erasure (Right to be Forgotten): You have the right to request deletion of your personal data in certain circumstances. This right is not absolute, but we will comply if: (a) the data is no longer necessary for the purposes collected, (b) you withdraw consent (if the processing was based on consent) and we have no other legal basis, (c) you object to processing (see below) and we have no overriding legitimate grounds, (d) the data was unlawfully processed, or (e) erasure is required to comply with a legal obligation. Note that we may refuse the request or retain certain information if an exception applies – for instance, we might retain some data for legal compliance (such as transaction records) or if processing is necessary for the establishment, exercise, or defense of legal claims. If you close your account or request deletion, we will remove or anonymize personal data within a reasonable period, keeping minimal info as needed per the retention section above.
  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain scenarios: (a) if you contest the data’s accuracy (for a period enabling us to verify accuracy), (b) if the processing is unlawful but you oppose erasure and request restriction instead, (c) if we no longer need the data but you need it for a legal claim, or (d) if you have objected to processing (see below) pending verification of overriding grounds. When processing is restricted, we will continue to store the data but not use it (unless for legal claims, or with your consent, or to protect others’ rights).
  • Right to Data Portability: For data that you provided to us and which we process by automated means under consent or contract, you have the right to request a copy in a structured, commonly used, machine-readable format (for example, CSV or JSON file). You also have the right to request that we transmit that data directly to another controller, where technically feasible. This right allows you to take your data to other services. It applies to basic data you gave us (like registration info) and data generated by your activities under your control (like courses completed), but not to our derived analytics or proprietary assessments.
  • Right to Object: You have the right to object to our processing of your personal data in certain circumstances:
    • Direct Marketing: You can object at any time to processing of your personal data for direct marketing purposes. If you do so, we will stop processing your data for that purpose immediately. This includes profiling related to direct marketing. In practice, this means if you opt-out or object to marketing, we’ll remove you from our marketing lists (as noted, you can always use the unsubscribe link in emails).
    • Legitimate Interests: If we are processing your data on the basis of legitimate interests (see Section 5), you may object to that processing. In such a case, we will stop processing unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms or if the processing is for the establishment, exercise, or defense of legal claims. For example, if you object to processing for improvement of our services (a legit interest), we would consider if our need to improve (and perhaps ensure platform security or viability) outweighs your personal reasons for objecting; we would either cease the processing or let you know why we need to continue.
  • Right not to be subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significant effects. Omega does not engage in solely automated decisions that have legal or significant effects on individuals (such as creditworthiness decisions purely by algorithm, etc.). Any automated recommendations (like course suggestions) do not have significant impact and involve some human oversight. If this changes, we will ensure compliance with this right (e.g., obtain consent or provide an opt-out).
  • Right to Withdraw Consent: If we rely on consent to process your personal data, you have the right to withdraw that consent at any time. For example, you can withdraw consent for marketing emails or tracking cookies. This will not affect the lawfulness of processing based on consent before its withdrawal. Once consent is withdrawn, we will stop the processing that was based on consent (unless we have another legitimate basis to continue, which we will inform you of).
  • Right to Lodge a Complaint: If you believe that we have infringed your data protection rights, you have the right to lodge a complaint with a supervisory authority, particularly in the EU/EEA country where you live, work, or where the alleged infringement took place. For example, if Omega is UK-based, our lead supervisory authority may be the UK Information Commissioner’s Office (ICO), and you can also complain to your national Data Protection Authority. We would appreciate the chance to address your concerns first, so we encourage you to contact us directly to resolve any issue.

For California (CCPA/CPRA) and U.S. Users: If you are a resident of California, you have certain rights under the CCPA (as amended by CPRA, effective 2023) regarding your personal information. Other states (such as Virginia, Colorado, etc.) have similar laws taking effect, and we will extend similar controls to users in those states. California rights include:

  • Right to Know: You can request that we disclose what personal information we have collected about you in the past 12 months, including the categories of personal info, the categories of sources, the business or commercial purpose for collecting it, the categories of third parties with whom we share it, and specific pieces of information we have collected about you. (Much of this is outlined in this Privacy Policy, but you can also request a report). Under CPRA, you can request information beyond 12 months in certain cases and also request to know what personal information was shared or sold (if any). Note: Omega does not sell personal data as “sell” is traditionally understood, and we do not share personal data for cross-context behavioral advertising without consent. We do share data with service providers and as described in this Policy, but this is for our business purposes, not for third parties’ own use.
  • Right to Delete: You can request that we delete personal information we have collected from you (and direct our service providers to do the same), with certain exceptions. Upon a verified request, we will delete your personal info unless it is necessary for a reason exempted under CCPA (for example, completing the transaction for which it was collected, detecting security incidents, compliance with a legal obligation, etc.). We will inform you of the deletion or the reason for denial if we cannot fulfill the request in part or whole.
  • Right to Correct: You can request that we correct inaccurate personal information we maintain about you. With a verified request, we will correct the information where required by law.
  • Right to Opt-Out of Sale/Sharing: As noted, we do not sell your personal information for money. We also do not “share” it in the sense of providing it to third parties for cross-context behavioral advertising, except possibly via cookies for advertising which, under CPRA, could be considered “sharing.” We provide the ability to opt out of such advertising cookies via our cookie banner (and you can broadcast an opt-out preference via the Global Privacy Control (GPC) signal on supported browsers; we treat GPC as a valid opt-out of cookies that are considered “sale/share” under CCPA). If in the future we consider any use of data as a “sale” or “sharing” under CCPA, we will provide a clear “Do Not Sell or Share My Personal Information” link.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we will not deny you goods or services, charge you different prices, or provide a different quality of service just because you exercised your rights. (However, note that if you request deletion of certain data necessary for the service, we may not be able to provide the service – e.g., deleting your account data might terminate your access. This is permitted as it’s a consequence of your request, not discrimination.) If we offer any financial incentives tied to your data (e.g., a discount for signing up for a newsletter), we would explain those and you have to opt-in to them, and you can revoke at any time.
  • Shine the Light: Separate from CCPA, California’s “Shine the Light” law allows residents to ask companies once a year whether they have disclosed personal info to third parties for those third parties’ direct marketing purposes. Omega does not disclose personal data to third parties for their own direct marketing without your consent. If you have specific questions about this, you can contact us.

Exercising Your Rights: To exercise any applicable rights, please contact us at [Contact Email] with your request. Please include your name, the email associated with your account (if applicable), and which right you wish to exercise (e.g., “Right of access – EU” or “California Request to Know”). We may need to verify your identity before fulfilling the request, to ensure we don’t provide or delete data to the wrong person. Verification may involve confirming ownership of the email account or additional questions. For certain requests (like access or deletion), we may ask for a signed request or other method if needed.

For California, you may also designate an authorized agent to make requests on your behalf. If you do so, we will need proof that the agent is authorized (such as a notarized power of attorney or other written authorization) and we will still verify your identity directly as required by law.

We will respond to your request within the timeframe required by law. Under GDPR, that’s typically one month (extendable by two further months if necessary, with notice to you). Under CCPA, initial response is within 10 business days (to acknowledge) and a substantive response within 45 calendar days (extendable by another 45 days if necessary). We will inform you if we need more time.

If we decline your request (either wholly or partially), we will explain the reason, unless we are legally prevented from doing so. For example, if you request deletion but we must keep certain data for legal compliance, we will state that and ensure only that minimal data is retained.

Your Choices (Opt-Outs): In addition to formal rights, you have various straightforward options:

  • Opt-out of Marketing: As noted, click “unsubscribe” in any marketing email to be removed from our list. You can also email us to request removal. For messenger bots (ManyChat), you can type “STOP” or follow provided instructions to opt out of further messages. We will process these opt-outs as soon as possible.
  • Cookie Controls: Use our cookie consent tool or your browser settings to refuse non-essential cookies. This will prevent certain data collection via cookies (e.g., analytics and advertising).
  • Do Not Track: As mentioned, we don’t respond to DNT signals at this time. Use the cookie controls for now.
  • Account Settings: If your account has settings (for profile visibility, communication preferences, etc.), use those to tailor what info is public or what emails you get. For example, if there’s a community forum, you might control what profile data is visible. If you don’t want your name to show, adjust the profile or use a pseudonym (as long as it’s allowed by Terms).
  • Third-Party Opt-Outs: If you want to manage how third-party platforms use your data from our integrations: e.g., Google’s Ads Settings can control ads personalization, Facebook has ad preference settings, etc. While this is outside Omega’s direct control, we want you to have the information: you can opt out of targeted ads by companies participating in the Network Advertising Initiative or Digital Advertising Alliance (see their opt-out pages), or use browser and device settings to limit ad tracking.

We are dedicated to respecting your rights. If you have any questions about your privacy or need assistance exercising your rights, please contact us at [Contact Email]. We will be happy to guide you through the process.

10. Security Measures

Omega takes the security of your personal data seriously. We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: We use HTTPS/TLS encryption on our website, which protects data transmitted between your browser and our servers (e.g., login credentials, payment details entered on our site). Sensitive data (like passwords) are stored in encrypted or hashed form. When we transmit sensitive information to back-end services (like payment providers), we use secure APIs and encryption protocols.
  • Access Controls: Internally, we restrict access to personal data to employees, contractors, and agents who need to know that information to operate, develop, or improve our services. These authorized persons are subject to confidentiality obligations. Administrative access to systems that contain personal data is limited and requires strong authentication (such as multi-factor authentication) where possible.
  • Storage Security: We use reputable cloud service providers and hosting facilities that maintain high standards of physical and network security. Data is stored in secure servers, and our service providers are contractually obligated to implement security measures. Regular backups are performed to ensure data resilience (though this also means copies of data might exist in backup storage even after deletion – these are protected as well).
  • Monitoring and Testing: We monitor our systems for possible vulnerabilities and attacks. Security patches and updates are applied to our software and systems regularly. We may conduct periodic security audits or hire third-party experts to test our security (penetration testing) to identify and address potential weaknesses.
  • Payment Information: Any payment transactions are processed through PCI-DSS compliant providers. We do not handle or store full credit card numbers or financial account information on our own servers.
  • Staff Training: Our team is trained on data protection best practices and to be aware of confidentiality requirements. We have procedures in place to handle data incidents and respond to potential breaches.
  • Pseudonymization: Where feasible, especially in analytics, we use techniques like data aggregation or pseudonymization (replacing identifying fields with artificial identifiers) to reduce privacy risks. For example, analytics may focus on overall usage trends rather than individual profiles.
  • Data Minimization: We collect only the data we need for specified purposes and keep it only as long as necessary (as detailed in our retention policy). By minimizing the data we hold, we reduce the impact of any potential incident.

No Absolute Guarantee: Despite our efforts, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee absolute security of your data. For example, email communications might not be fully secure if your email provider has issues, and user accounts can be compromised if login credentials are weak or improperly shared. You also play a role in security: please use a strong, unique password for our site, do not share it, and alert us immediately if you suspect any unauthorized access to your account.

Account Security Practices: Omega will never ask you for your password via email or unsolicited communication. If you receive any such request, treat it as suspicious. When you’re done using the Platform, especially on a public or shared computer, log out of your account. Consider enabling any available security features we offer (like 2-factor authentication, if provided in the future).

Data Breach Procedures: In the unlikely event of a data breach that affects your personal data, Omega will act promptly to contain and investigate the breach. We will notify affected users and relevant authorities as required by law. Our notification would outline the nature of the breach, likely consequences, and measures taken or proposed to address it, including any steps users should take to mitigate possible adverse effects.

11. Children’s Privacy

Omega’s services are generally aimed at adults and mature teenagers interested in our masterclasses and educational content. We do not knowingly collect personal data from children under the age of 13 (or the equivalent minimum age in the relevant jurisdiction) without verifiable parental consent. If you are under 13, do not use or provide any information on this Website or through any of its features, do not register an account, make purchases, or send any information about yourself to us.

For minors aged 13–17: as stated in our Terms of Use, you should only use the Platform with involvement of a parent or guardian and with their consent. If you are a parent or guardian and you learn that your child under 18 has provided us with personal information without your consent, please contact us at cgincubator2.0@gmail.com so we can take appropriate action.

If we become aware that we have inadvertently collected personal data from a child under 13 (or under 16 in certain jurisdictions with higher age thresholds for consent) without proper consent, we will take immediate steps to delete that information from our records.

Some jurisdictions (like the EU, per GDPR) require parental consent for processing personal data of children under 16 (though member states may lower it to 13). Omega does not target children in those age ranges as primary users. If in the future we offer any content specifically directed at children or we knowingly receive personal data from children with parental consent, we will update our practices and this Policy accordingly to ensure compliance (including obtaining necessary parental consents and offering parental rights to access/delete children’s data).

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make changes, we will post the revised Policy on this page with a new “Last Updated” date at the top. If the changes are significant, we will provide a more prominent notice (such as by email notification to registered users or a notice on our Website’s homepage).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Website after any changes to this Policy constitutes your acceptance of the updated terms, to the extent permitted by law. If you do not agree with changes to the Privacy Policy, you should stop using the Service and may request that we remove your personal data (as per Section 9).

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: cgincubator2.0@gmail.com 
  • Attn: Privacy Officer
  • Contact Form: If available, you may use the contact form on our Website.

We will do our best to respond promptly to your inquiries. If you are contacting us to exercise a data rights request, please see Section 9 for instructions to expedite your request.

Thank you for trusting Omega with your learning journey. We value your privacy and are committed to safeguarding your personal data.

Free Masterclass

by Artem Kupriyanenko