OmegaFP Legal Documents

Omega Tech Ventures, Inc. · Delaware Corporation

All documents effective May 5, 2026 · Version 2026-05

Last reviewed: May 20, 2026. This document may be updated; check back periodically.

Master Terms of Service

Your agreement with Omega Tech Ventures, Inc.

Effective: May 5, 2026

Please read these terms carefully. Section 11 (Limitation of Liability) materially limits our liability — to zero during Free Trials and to a capped amount for paid subscribers. Section 14 requires binding arbitration in Wilmington, Delaware (with limited court exceptions in Delaware courts only) and Section 14.7 imposes a one-year statute of limitations on all claims.

1. Parties and Definitions

1.1 These Master Terms of Service ("Agreement") are entered into between Omega Tech Ventures, Inc., a corporation organized under the laws of the State of Delaware, operating as OmegaFP ("OmegaFP", "Company", "we", "us", or "our"), and the entity or individual that creates an account or accesses the Services ("Customer", "you", or "your").

1.2 Definitions.

"Services" means the OmegaFP SaaS platform, APIs, AI features, mobile applications, and related services described at omegafp.com.
"Documentation" means any user guides, help articles, or specifications we publish.
"Customer Data" means all data, files, and content submitted by Customer or its Users to the Services.
"Users" means employees, contractors, and agents of Customer authorized to access the Services under Customer's account.
"Free Trial" means any period during which Customer accesses the Services without paying fees, including but not limited to the 14-day trial period offered at sign-up.
"Subscription Term" means the paid period beginning on the date Customer's first payment is processed by Stripe.

2. Acceptance

2.1 By creating an account, clicking "I Agree," checking the acceptance boxes on the sign-up form, or otherwise accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Agreement and all documents incorporated by reference, including:

Support & Service Level Terms (version 2026-05), which also contains the Acceptable Use Policy
Data Processing Agreement (version 2026-05)
Privacy Policy (version 2026-05)

2.2 If you are accepting on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that entity. If you do not have such authority, you may not access the Services.

2.3 We record the date, time, IP address, and document versions accepted at sign-up. This record constitutes evidence of Customer's acceptance.

3. Right of Access to the Services

3.1 Access (not a software license). The Services are provided as a hosted, cloud-based subscription. OmegaFP does not deliver any installable copy of the Services to Customer. Subject to the terms of this Agreement and Customer's payment of all applicable Fees, OmegaFP grants Customer a limited, non-exclusive, non-transferable, non-sublicensable, revocable right to access and use the Services during the applicable Term solely for Customer's internal business operations and up to the number of authorized Users purchased.

3.2 Free Trial Access. Subject to the terms of this Agreement (including Sections 10.3 and 11.1), OmegaFP grants Customer a temporary, revocable right to access and use the Services during the Free Trial period for internal evaluation purposes only. The Free Trial is provided without fee and is the sole "pilot" or "evaluation" offering under this Agreement; no separate pilot or proof-of-concept agreement applies unless OmegaFP signs one in writing.

3.3 Reservation of Rights. All rights not expressly granted in this Section 3 are reserved by OmegaFP and its licensors. The Services are licensed-as-a-service and not sold; no title to or ownership of the Services or any underlying software is transferred to Customer.

4. Restrictions and Acceptable Use

4.1 Restrictions. Customer shall not, and shall not permit any User or third party to:

Reverse engineer, decompile, disassemble, or attempt to derive source code from any part of the Services;
Resell, sublicense, rent, lease, time-share, or otherwise make the Services available to third parties except as expressly authorized;
Use the Services to store or transmit infringing, defamatory, or otherwise unlawful content;
Use the Services to transmit malware, viruses, or other malicious code;
Use automated scraping, crawling, or mining tools not expressly authorized by OmegaFP, or exceed documented API rate limits;
Remove or obscure any proprietary notices on the Services;
Circumvent or attempt to defeat any security, authentication, or access controls;
Use AI-generated outputs from the Services as a substitute for qualified professional advice.

4.2 Acceptable Use Policy. Customer's use of the Services is also governed by the Acceptable Use Policy set forth in the Support & Service Level Terms (including the messaging, CAN-SPAM, and TCPA provisions). The Acceptable Use Policy is incorporated into this Agreement by reference. A violation of the Acceptable Use Policy is a material breach of this Agreement.

5. AI Features — Not Professional Advice

5.1 No Investment, Legal, or Regulatory Advice. The Services include artificial intelligence and machine learning features that may generate outputs including meeting summaries, financial data summaries, workflow suggestions, and planning analysis. These outputs do not constitute investment advice, legal advice, tax advice, compliance advice, or any other form of licensed professional advice.

5.2 Advisor Responsibility. Customer and its Users — who are licensed financial professionals — are solely responsible for all advice given to their clients, all regulatory filings, all compliance decisions, and all reliance placed on any output from the Services. OmegaFP is not a registered investment adviser, broker-dealer, insurance company, or financial planner. OmegaFP does not hold any license under the Investment Advisers Act, the Securities Exchange Act, or any state securities law.

5.3 Errors and Inaccuracies. AI-generated outputs may contain errors, omissions, or outdated information. Customer must independently verify all material AI outputs before relying on them for client-facing communications or professional decisions.

5.4 Compliance Tools Are Not Compliance Guarantees. Compliance-related features (including SMS archival, keyword flagging, and audit logs) are provided as administrative aids. OmegaFP makes no representation that use of these features satisfies any regulatory obligation under FINRA, the SEC, state securities regulators, or any other authority. Customer remains solely responsible for its own regulatory compliance.

5.5 Recording Consent — All-Party-Consent Jurisdictions. The AI Notetaker records audio (and, in some configurations, video) of meetings, transcribes that content, and processes the transcripts via third-party large-language-model providers (AWS Bedrock, OpenAI, Anthropic). Recording a conversation is regulated by federal and state wiretapping laws. In all-party-consent jurisdictions — including California (Cal. Penal Code § 632), the California Invasion of Privacy Act (CIPA, § 631), Florida, Illinois, Massachusetts, Maryland, Montana, New Hampshire, Pennsylvania, and Washington — every participant must be informed of, and consent to, the recording before it begins. CIPA further restricts transmission of recorded content to third parties (such as our LLM providers) without consent.

Customer is solely responsible for obtaining the legally required consent from every meeting participant before enabling the AI Notetaker for any meeting that involves participants in any all-party-consent jurisdiction. OmegaFP provides the recording tool; consent capture is Customer's responsibility. Customer agrees to indemnify OmegaFP against claims arising from Customer's failure to obtain required recording consent (see Section 12, Indemnification). If Customer cannot confirm consent for a given meeting, Customer must disable the AI Notetaker for that meeting.

6. Customer Data

6.1 Ownership. As between the parties, Customer retains all right, title, and interest in and to Customer Data.

6.2 License to OmegaFP. Customer grants OmegaFP a non-exclusive, worldwide, royalty-free license to use, process, store, transmit, and display Customer Data solely to provide the Services and as otherwise set forth in the Privacy Policy and Data Processing Agreement.

6.3 Customer Responsibility. Customer is solely responsible for (a) the accuracy, quality, and legality of Customer Data; (b) obtaining all necessary consents from third parties (including clients) whose data is uploaded to the Services; and (c) complying with all applicable laws regarding Customer Data, including privacy laws.

6.4 Data Deletion. Upon termination, OmegaFP will make Customer Data available for export for 30 days, after which OmegaFP may delete Customer Data from active systems. S3-archived compliance records subject to legal hold will be retained per their configured retention period.

7. Fees and Payment

7.1 Free Trial. No fees are due during the Free Trial period. OmegaFP reserves the right to terminate the Free Trial at any time without notice.

7.2 Subscription Fees. Subscription fees are as stated on the pricing page or as agreed in a written order form. Fees are billed in advance on a monthly or annual basis and are processed through Stripe.

7.3 No Refunds. All fees are non-refundable except as required by applicable law or as expressly stated in a separate written agreement.

7.4 Fee Changes. OmegaFP may change fees upon 30 days' written notice. Continued use after the notice period constitutes acceptance of the new fees.

7.5 Billing Authorization. By subscribing, Customer authorizes OmegaFP and its payment processor (currently Stripe, Inc.) to charge the payment method on file for all recurring subscription fees until the subscription is canceled in accordance with Section 7.7.

7.6 Auto-Renewal. Paid subscriptions automatically renew at the end of each billing cycle (monthly or annual) unless canceled before the renewal date. If OmegaFP has increased pricing since the prior billing cycle, the new pricing will apply upon renewal, subject to the 30-day advance notice requirement in Section 7.4.

7.7 Cancellation. Customer may cancel a subscription at any time through the account settings within the platform or by emailing support@omegafp.com. Cancellation takes effect at the end of the current billing period. No prorated refunds are provided for partial billing periods.

7.8 Failed Payments and Suspension. If OmegaFP's payment processor is unable to successfully collect payment from Customer's payment method, OmegaFP may suspend or limit Customer's access to paid features until the billing issue is resolved. Subscriptions that remain past due or are canceled due to non-payment may result in loss of access to paid features. Payment retry schedules are managed by Stripe in accordance with Stripe's policies.

7.9 Taxes. All fees stated on the pricing page or in an order form are exclusive of applicable sales, use, value-added (VAT), goods-and-services (GST), or similar transactional taxes. Customer is responsible for all such taxes, except for taxes based on OmegaFP's net income.

7.10 Trial Expiration. The Free Trial does not automatically convert into a paid subscription. When the Free Trial period expires, Customer's access to paid features will be suspended unless Customer actively purchases a subscription. Customer Data will be retained for 30 days after trial expiration, during which Customer may export data or subscribe.

8. Confidentiality

8.1 Definition. "Confidential Information" means any non-public information disclosed by one party (the "Discloser") to the other (the "Recipient"), in any form, that is identified as confidential, marked confidential, or that the Recipient should reasonably understand to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information includes, without limitation, the terms and pricing of this Agreement, Customer Data, the Services and underlying software (including non-public features, roadmaps, source code, architecture, and AI configurations), security and audit reports (such as SOC 2 reports and responses to security questionnaires), business and financial information, and any derivatives of the foregoing.

8.2 Obligations. Recipient shall: (a) use Confidential Information solely to exercise its rights and perform its obligations under this Agreement; (b) protect Confidential Information using at least the same degree of care it uses to protect its own information of like sensitivity, and in no event less than a reasonable standard of care; and (c) limit access to Confidential Information to its employees, contractors, agents, and professional advisors (collectively, "Representatives") who have a need to know for the purposes of this Agreement and are bound by written or professional obligations of confidentiality at least as protective as this Section 8. Recipient is responsible for any breach of this Section 8 by its Representatives.

8.3 Exclusions. Confidentiality obligations do not apply to information that the Recipient can demonstrate: (a) is or becomes publicly known through no fault of the Recipient or its Representatives; (b) was lawfully known to the Recipient, free of any confidentiality obligation, before receipt from the Discloser; (c) is rightfully received from a third party without a duty of confidentiality; or (d) is independently developed by the Recipient without use of or reference to the Discloser's Confidential Information.

8.4 Compelled Disclosure. Recipient may disclose Confidential Information to the extent required by applicable law, court order, subpoena, or governmental authority, provided that, where legally permissible, Recipient (a) gives the Discloser prompt prior written notice so the Discloser may seek a protective order or other appropriate remedy, (b) reasonably cooperates with the Discloser's efforts to obtain such relief, and (c) discloses only the portion of Confidential Information that is legally required.

8.5 Return or Destruction. Upon the Discloser's written request or upon termination of this Agreement, Recipient will, at the Discloser's option, return or destroy all Confidential Information in its possession or control, except (i) one archival copy retained for legal, regulatory, or backup purposes (which remains subject to this Section 8) and (ii) Customer Data which is handled as set forth in Section 6.4 and the Data Processing Agreement.

8.6 Equitable Relief. The parties acknowledge that any unauthorized disclosure or use of Confidential Information may cause irreparable harm to the Discloser for which monetary damages would be inadequate. Accordingly, the Discloser is entitled to seek injunctive and other equitable relief in addition to all other remedies available at law or in equity, without the requirement of posting a bond, in the courts identified in Section 14.8.

8.7 Survival. Each party's obligations under this Section 8 survive termination of this Agreement for a period of five (5) years, except that the obligations with respect to any Confidential Information that constitutes atrade secret survive for as long as such information remains a trade secret under applicable law.

8.8 No Separate NDA Required. This Section 8 functions as a mutual non-disclosure agreement between the parties for purposes of this Agreement. If the parties sign a separate non-disclosure agreement covering the same subject matter, the more protective of confidentiality terms will control to the extent of any conflict.

9. Intellectual Property

9.1 OmegaFP and its licensors own and retain all right, title, and interest in and to the Services, including all software, AI models, documentation, and other intellectual property embodied therein. No rights are granted except those expressly stated in this Agreement.

9.2 Feedback. If Customer provides suggestions, ideas, or other feedback regarding the Services, OmegaFP may freely use such feedback without restriction or compensation.

10. Warranties and Disclaimer

10.1 By Customer. Customer represents and warrants that (a) it has full authority to enter into this Agreement; (b) Customer Data does not infringe any third-party rights; and (c) Customer's use of the Services will comply with all applicable laws.

10.2 By OmegaFP — Paid Subscriptions Only. During a paid Subscription Term, OmegaFP warrants that the Services will perform materially in accordance with the Documentation under normal use conditions.

10.3 DISCLAIMER — FREE TRIAL. THE SERVICES ARE PROVIDED DURING ANY FREE TRIAL PERIOD "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, OR NON-INFRINGEMENT. OMEGAFP EXPRESSLY DISCLAIMS ALL WARRANTIES DURING ANY FREE TRIAL PERIOD.

10.4 GENERAL DISCLAIMER. TO THE MAXIMUM EXTENT PERMITTED BY LAW, OMEGAFP DOES NOT WARRANT THAT THE SERVICES WILL BE ERROR-FREE, UNINTERRUPTED, OR FREE OF SECURITY VULNERABILITIES. AI-GENERATED OUTPUTS ARE NOT WARRANTED TO BE ACCURATE, COMPLETE, OR FIT FOR ANY PARTICULAR PURPOSE.

11. Limitation of Liability

Critical Terms — Please Read

The following provisions fundamentally limit OmegaFP's liability. Do not accept these terms unless you understand and agree to these limitations.

11.1 FREE TRIAL — ZERO LIABILITY. DURING ANY FREE TRIAL PERIOD, OMEGAFP SHALL HAVE ZERO LIABILITY TO CUSTOMER OR ANY THIRD PARTY FOR ANY CLAIM, LOSS, DAMAGE, OR EXPENSE OF ANY KIND ARISING FROM OR RELATED TO THE SERVICES OR THIS AGREEMENT, REGARDLESS OF THE FORM OF ACTION OR THE BASIS OF THE CLAIM (INCLUDING NEGLIGENCE, BREACH OF CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE), AND WHETHER OR NOT OMEGAFP HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.

11.2 PAID SUBSCRIPTIONS — LIABILITY CAP. DURING A PAID SUBSCRIPTION TERM, OMEGAFP'S TOTAL CUMULATIVE LIABILITY TO CUSTOMER FOR ALL CLAIMS ARISING UNDER OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED THE TOTAL FEES ACTUALLY PAID BY CUSTOMER TO OMEGAFP IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

11.3 EXCLUSION OF CONSEQUENTIAL DAMAGES. IN NO EVENT SHALL OMEGAFP BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING WITHOUT LIMITATION LOST PROFITS, LOST REVENUE, LOSS OF DATA, LOSS OF GOODWILL, BUSINESS INTERRUPTION, OR COST OF SUBSTITUTE SERVICES, EVEN IF OMEGAFP HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND WHETHER ARISING UNDER CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHERWISE.

11.4 Essential Basis. The parties acknowledge that the limitations of liability in this Section 11 reflect a reasonable allocation of risk and form an essential basis of the bargain between the parties. OmegaFP would not enter into this Agreement or provide the Services at the prices charged without these limitations.

11.5 Exceptions. Nothing in this Agreement excludes liability for (a) death or personal injury caused by OmegaFP's gross negligence or willful misconduct; (b) fraud or fraudulent misrepresentation; or (c) any liability that cannot be excluded or limited under applicable law.

12. Indemnification

12.1 By Customer. Customer shall indemnify, defend, and hold harmless OmegaFP and its officers, directors, employees, and agents from and against any third-party claims, damages, losses, and expenses (including reasonable attorneys' fees) arising out of or relating to (a) Customer Data; (b) Customer's or any User's violation of this Agreement; (c) Customer's violation of any applicable law or third-party rights; or (d) Customer's professional advice to its clients.

12.2 By OmegaFP. OmegaFP shall indemnify, defend, and hold harmless Customer from and against any third-party claims alleging that the Services, as provided by OmegaFP and used in accordance with this Agreement, infringe a valid United States patent, copyright, or trade secret ("IP Claim"). If the Services become, or in OmegaFP's reasonable opinion are likely to become, the subject of an IP Claim, OmegaFP may, at its option and expense: (a) modify the Services so they are no longer infringing; (b) procure a license for Customer's continued use; or (c) terminate Customer's subscription and refund any prepaid fees for the unused portion of the then-current term. This Section 12.2 does not apply to claims arising from (i) Customer's modification of the Services; (ii) Customer's combination of the Services with non-OmegaFP products, services, or data; (iii) Customer's use of the Services in violation of this Agreement or the Documentation; or (iv) OmegaFP's compliance with Customer-specific requirements.

12.3 Indemnification Procedures. The indemnified party shall (a) promptly notify the indemnifying party in writing of any claim (provided that failure to notify does not relieve the indemnifying party's obligations except to the extent it is materially prejudiced); (b) grant the indemnifying party sole control of the defense and settlement of the claim; and (c) provide reasonable cooperation at the indemnifying party's expense. The indemnifying party shall not settle any claim in a manner that imposes obligations on the indemnified party without the indemnified party's prior written consent.

13. Term and Termination

13.1 Term. This Agreement begins on the date you first access the Services and continues until terminated.

13.2 Termination by Customer. Customer may terminate this Agreement at any time by canceling the subscription through the account settings or by providing written notice to support@omegafp.com. No refunds are provided for early termination.

13.3 Termination by OmegaFP. OmegaFP may terminate or suspend this Agreement immediately upon written notice if (a) Customer materially breaches this Agreement and fails to cure within 15 days after written notice; (b) Customer fails to pay any undisputed fees when due; (c) Customer becomes insolvent or files for bankruptcy; or (d) OmegaFP determines, in its reasonable discretion, that continued service poses a legal, security, or reputational risk.

13.4 Effect of Termination. On termination, the license granted to Customer terminates, and Customer must cease all use of the Services. Sections 5, 6.4, 8, 9, 11, 12, 14, 15, 16, 17, 18, 19, 20, 21, and 22 survive termination.

14. Dispute Resolution and Arbitration

14.1 Informal Resolution. Before initiating any formal dispute proceeding, the parties agree to attempt to resolve any dispute informally by sending written notice to the other party and engaging in good-faith negotiations for at least 30 days.

14.2 Binding Arbitration. Any dispute not resolved informally shall be settled by binding arbitration administered by JAMS under its Streamlined Arbitration Rules and Procedures. The arbitration shall be conducted in Wilmington, Delaware. The arbitrator's decision shall be final and binding and may be entered as a judgment in any court of competent jurisdiction.

14.3 Class Action Waiver. BOTH PARTIES WAIVE ANY RIGHT TO BRING OR PARTICIPATE IN A CLASS ACTION, COLLECTIVE ACTION, OR REPRESENTATIVE ACTION.

14.4 Exceptions. Either party may seek injunctive or other equitable relief in the state or federal courts located in New Castle County, Delaware (subject to Section 14.8) to prevent or address infringement of intellectual property rights or unauthorized use of the Services.

14.5 Federal Arbitration Act. This arbitration provision is governed by the Federal Arbitration Act (9 U.S.C. §§ 1–16) and not by any state arbitration statute.

14.6 Small Claims Exception. Notwithstanding Section 14.2, either party may bring an individual action in a small claims court located in New Castle County, Delaware as an alternative to arbitration, provided the claim falls within that court's jurisdictional limits.

14.7 Statute of Limitations. Any claim or cause of action arising under or relating to this Agreement must be filed within one (1) year after the date on which the cause of action accrued, regardless of any longer statutory limitations period. Failure to file within this period constitutes a permanent waiver of the claim.

14.8 Exclusive jurisdiction and venue (arbitration first). Subject to Section 14.2, the parties intend that binding arbitration in Wilmington, Delaware be the exclusive forum for the resolution of disputes covered by Section 14.2. For any court proceeding expressly permitted under this Agreement—including (a) provisional or permanent injunctive or other equitable relief under Section 14.4; (b) an action in small claims court under Section 14.6; or (c) any action to confirm, vacate, or enforce an arbitral award—the parties consent to the exclusive jurisdiction and venue of the state and federal courts located in New Castle County, Delaware, and each party irrevocably submits to the personal jurisdiction of those courts and waives any objection based on inconvenient forum.

15. General

15.1 Governing Law and Venue. This Agreement is governed by the laws of the State of Delaware, without regard to conflict-of-law principles. Disputes are resolved as set forth in Section 14 (including exclusive Delaware venue for court proceedings permitted thereunder).

15.2 Entire Agreement. This Agreement (including all incorporated documents) constitutes the entire agreement between the parties with respect to its subject matter and supersedes all prior and contemporaneous agreements, representations, and understandings.

15.3 Amendments. OmegaFP may update this Agreement from time to time by posting an updated version to the Services. Material changes will be notified via email or in-app notice at least 30 days before taking effect. Continued use after the effective date constitutes acceptance of the updated terms.

15.4 Assignment. Customer may not assign this Agreement without OmegaFP's prior written consent. OmegaFP may assign this Agreement in connection with a merger, acquisition, or sale of all or substantially all of its assets.

15.5 Severability. If any provision of this Agreement is found unenforceable, that provision will be modified to the minimum extent necessary to make it enforceable, and the remaining provisions will continue in full force.

15.6 Waiver. Failure to enforce any provision of this Agreement shall not constitute a waiver of that provision.

15.7 Notices. Legal notices to OmegaFP must be sent to legal@omegafp.com. Notices to Customer will be sent to the email address on file.

15.8 Force Majeure. Neither party shall be liable for any failure or delay in performance due to causes beyond its reasonable control, including but not limited to: acts of God; natural disasters; fire, flood, or earthquake; war, terrorism, or armed conflict; cybersecurity attacks or incidents; epidemics or pandemics; government actions, regulations, or embargoes; internet or telecommunications infrastructure failures; supply-chain disruptions; labor disputes or strikes; and outages of third-party service providers. If a force majeure event continues for more than thirty (30) consecutive days, either party may terminate the affected obligations under this Agreement by providing written notice to the other party. Force majeure does not excuse Customer's obligation to pay fees that accrued before the force majeure event.

16. DMCA and Copyright Policy

16.1 OmegaFP respects intellectual property rights and complies with the Digital Millennium Copyright Act (17 U.S.C. § 512). If you believe that content accessible through the Services infringes your copyright, you may submit a takedown notice to our designated agent at legal@omegafp.com.

16.2 Notification Requirements. A valid DMCA notice must include: (a) identification of the copyrighted work claimed to be infringed; (b) identification of the material that is claimed to be infringing, including a URL or other specific location within the Services; (c) your contact information (name, address, telephone, email); (d) a statement that you have a good-faith belief that the use is not authorized by the copyright owner, its agent, or the law; (e) a statement, under penalty of perjury, that the information in the notice is accurate and that you are authorized to act on behalf of the copyright owner; and (f) a physical or electronic signature of the copyright owner or authorized agent.

16.3 Counter-Notification. If you believe your content was removed in error, you may submit a counter-notification to legal@omegafp.com containing: (a) identification of the removed material and its prior location; (b) a statement under penalty of perjury that you have a good-faith belief the material was removed by mistake or misidentification; (c) your name, address, and telephone number; (d) consent to jurisdiction in the federal district court for your address (or Wilmington, Delaware if outside the U.S.); and (e) your physical or electronic signature.

16.4 Repeat Infringers. OmegaFP may, in appropriate circumstances, suspend or terminate the accounts of users who are repeat copyright infringers.

17. Aggregated and Anonymous Data

17.1 OmegaFP may create aggregated, de-identified, or anonymized data derived from Customer Data, platform usage, and service performance metrics ("Aggregated Data"). Aggregated Data will not identify Customer, any User, or any Data Subject.

17.2 OmegaFP may use Aggregated Data for any lawful purpose, including product development, improvement, benchmarking, industry analytics, and marketing, both during and after the Term of this Agreement. This right survives termination.

17.3 For the avoidance of doubt, Aggregated Data is not Customer Data and is not subject to Customer's data rights under Section 6 or the Data Processing Agreement.

18. Books-and-Records Regulatory Acknowledgment

18.1 Customer acknowledges that OmegaFP is a technology provider and is not a registered investment adviser, broker-dealer, or other regulated financial services entity. OmegaFP does not have independent obligations to maintain books and records under securities regulations.

18.2 The Services include compliance archival features — such as SMS WORM storage, meeting-recording retention, and audit logs — that are designed to assist Customer with recordkeeping obligations under FINRA Rules 4510/4511 and SEC Rules 17a-3/17a-4. However, whether these features satisfy Customer's specific regulatory obligations is a determination that only Customer and its compliance counsel can make. OmegaFP makes no representation that use of these features satisfies any particular regulatory requirement.

18.3 Customer is responsible for (a) configuring retention periods within the platform to meet its own regulatory requirements; (b) maintaining independent backup systems and records as required by its compliance program; and (c) ensuring that its use of the Services' archival features is consistent with applicable law and regulation.

19. Circular 230 Tax Disclaimer

IRS Circular 230 Notice: Any tax-related content, calculations, projections, or AI-generated outputs provided through the Services are not intended as, and cannot be used for the purpose of, (i) avoiding penalties under the Internal Revenue Code; or (ii) promoting, marketing, or recommending to another party any tax-related matter addressed herein.

19.1 OmegaFP is not a tax advisor, certified public accountant, enrolled agent, or licensed tax preparer. The tax calculation features and AI outputs within the Services are informational tools only and are not a substitute for professional tax advice.

19.2 Customer and its Users are solely responsible for all tax advice, calculations, and filings provided to their clients. Customer must independently verify all tax-related outputs from the Services before relying on them for any purpose.

20. Account Ownership and Transfer

20.1 Individual Accounts. An account created by an individual is owned by that individual. If the account holder dies or becomes permanently incapacitated, an authorized legal representative (executor, administrator, or holder of a valid power of attorney) may request account access or data export by submitting appropriate legal documentation (such as a death certificate, letters testamentary, or court order) to legal@omegafp.com.

20.2 Firm Accounts. An account created on behalf of a firm or entity is owned by that entity. The departure, death, or incapacity of an individual principal does not automatically transfer or terminate the firm account. Remaining authorized Users retain access, and the firm's authorized representative may update account ownership or administrative roles by contacting support@omegafp.com with appropriate verification.

20.3 Verification. OmegaFP may require reasonable verification before processing any account ownership change, including identity verification and legal documentation.

20.4 Customer may not transfer or assign its account except as provided in Section 15.4 (Assignment) or this Section 20.

21. Publicity

21.1 OmegaFP may identify Customer by name and logo as a customer of OmegaFP on its website, marketing materials, and investor presentations.

21.2 Opt-Out. Customer may opt out of publicity use at any time by sending written notice to marketing@omegafp.com. OmegaFP will remove Customer's name and logo from future materials within thirty (30) days of receiving the opt-out notice.

21.3 Press Releases. Neither party shall issue a press release referencing the other party without the other party's prior written approval.

22. Export Controls and Sanctions

22.1 The Services are provided from the United States and may be subject to U.S. export control laws and regulations, including the Export Administration Regulations (EAR) and the regulations administered by the U.S. Treasury Department's Office of Foreign Assets Control (OFAC).

22.2 Customer represents and warrants that (a) it is not located in, and will not access or use the Services from, any country or region subject to comprehensive U.S. sanctions (currently including Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions); (b) it is not listed on, and will not provide access to the Services to any person listed on, the U.S. Specially Designated Nationals (SDN) List, the U.S. Entity List, or the U.S. Denied Persons List; and (c) it will comply with all applicable export control and sanctions laws in connection with its use of the Services.

22.3 OmegaFP may immediately suspend or terminate Customer's access if OmegaFP reasonably believes that continued service would violate applicable export control or sanctions laws.

Support and Service Level Terms

Uptime SLA, support tiers, infrastructure, acceptable use.

Effective: May 9, 2026

These Support and Service Level Terms (formerly the "SaaS & Cloud Terms") supplement the Master Terms of Service and govern the technical delivery, availability, support, and acceptable use of the OmegaFP platform. Capitalized terms not defined here have the meanings given in the Master Terms of Service.

Free Trial Note: Service Level Commitments in Section 2 apply only to paid Subscription Terms. No uptime or support SLA applies during the Free Trial period.

1. Infrastructure and Hosting

1.1 Cloud Provider. The Services are hosted on Amazon Web Services (AWS) in the United States. OmegaFP uses AWS regions us-east-1 and/or us-west-2 for primary workloads. OmegaFP may add or change cloud regions upon reasonable notice.

1.2 Subprocessors. The complete and current list of subprocessors used to deliver the Services is maintained in the Data Processing Agreement (Schedule A). OmegaFP will provide 30 days' advance notice of material changes to subprocessors as set forth in the Data Processing Agreement.

1.3 Data Residency. Customer Data is stored in the United States unless otherwise agreed in writing. OmegaFP does not currently offer EU or other regional data residency options.

2. Service Level Commitments (Paid Subscriptions Only)

2.1 Uptime Target. OmegaFP targets 99.5% monthly uptime for the core application (web application and APIs) during any paid Subscription Term, measured excluding Scheduled Maintenance.

2.2 Uptime Calculation.

Uptime % = ((Total minutes in month − Downtime minutes) / Total minutes in month) × 100

"Downtime" means the core application is not accessible by Customer due to OmegaFP's systems (excluding third-party outages, Customer-side issues, or Scheduled Maintenance).

2.3 Service Credits. If OmegaFP fails to meet the uptime target in any calendar month, Customer may request a service credit equal to 5% of the monthly fee for each full percentage point below 99.5%, up to a maximum of 25% of the monthly fee. Credits must be requested within 30 days of the affected month and are applied to future invoices. Service credits are Customer's sole remedy for uptime failures.

2.4 Exclusions. Uptime SLA does not apply to: (a) AI inference features (which depend on third-party model providers); (b) meeting recording or transcription features (which depend on Recall.ai); (c) third-party CRM integrations; (d) Free Trial periods; or (e) any degradation caused by Customer's actions or third-party services outside OmegaFP's control. SMS messaging is delivered via AWS End User Messaging within OmegaFP's AWS environment and is included in the platform uptime measurement, subject to U.S. mobile carrier delivery windows and TCR/10DLC throughput rules.

3. Scheduled Maintenance

3.1 OmegaFP performs routine maintenance during its designated maintenance window: Sundays, 2:00 AM – 6:00 AM Mountain Time. Scheduled maintenance during this window does not count as Downtime.

3.2 For maintenance expected to cause more than 30 minutes of disruption, OmegaFP will provide at least 48 hours' advance notice via email or in-app notification.

3.3 Emergency maintenance may be performed without advance notice when required to address critical security vulnerabilities or prevent data loss.

4. Security

4.1 Security Measures. OmegaFP implements industry-standard security measures including:

Encryption in transit (TLS 1.2+) and at rest (AES-256)
AWS Cognito-based authentication with MFA support
Role-based access controls enforced at the API layer
S3 Object Lock (WORM) for compliance archives
Vulnerability scanning and dependency auditing
Audit logging of all significant user and system actions

4.2 Customer Security Responsibilities. Customer is responsible for (a) the security of its User credentials; (b) promptly revoking access for former employees or contractors; (c) maintaining secure computing environments from which Users access the Services; and (d) reporting any suspected unauthorized access to security@omegafp.com.

4.3 Breach Notification. OmegaFP will notify Customer of a confirmed Security Breach affecting Customer Data within 72 hours of confirmation, to the extent permitted by law. OmegaFP will provide reasonable cooperation with Customer's incident response activities.

5. Data Backup and Recovery

5.1 OmegaFP performs automated database backups with a point-in-time recovery capability of up to 7 days for paid subscriptions. OmegaFP does not provide backup or recovery guarantees during the Free Trial period.

5.2 Compliance archives stored in S3 Object Lock are retained for the configured retention period (default 5 years for SMS archives) and are not subject to the 7-day backup window.

5.3 Customer is encouraged to export critical data regularly using the platform's export features. OmegaFP is not responsible for data loss caused by Customer's actions.

6. Support

6.1 Support Channels.

Email: support@omegafp.com
In-app: Help & Support section within the platform

6.2 Support Hours. Support is available Monday through Friday, 8:00 AM – 6:00 PM Mountain Time, excluding U.S. federal holidays.

6.3 Response Times (Paid Subscriptions).

Critical (service unavailable): 4 business hours
High (major feature impaired): 1 business day
Normal (general issues/questions): 3 business days

6.4 Free Trial Support. Best-effort support only. No response time commitments apply during the Free Trial period.

7. Acceptable Use

In addition to the restrictions in the Master Terms, Customer may not use the Services to:

Send unsolicited commercial messages (spam) to any person;
Transmit communications that violate TCPA, CAN-SPAM, or other applicable messaging laws;
Store protected health information (PHI) without a signed Business Associate Agreement with OmegaFP;
Use the Services in a manner that unreasonably burdens OmegaFP's infrastructure (e.g., automated bulk API calls beyond rate limits).

7.1 CAN-SPAM Compliance

When sending commercial email through the Services, Customer must: (a) include a valid physical mailing address in each message; (b) include a functional unsubscribe mechanism; (c) honor opt-out requests within ten (10) business days; (d) not use deceptive subject lines or false header information; and (e) clearly identify the message as an advertisement where required by law.

7.2 TCPA Compliance

When sending SMS, MMS, or making automated telephone calls through the Services, Customer must: (a) obtain prior express written consent from each recipient before sending marketing messages; (b) maintain and regularly update internal do-not-call lists; (c) honor opt-out and STOP requests immediately upon receipt; (d) restrict messaging to permitted hours under applicable law; and (e) comply with all other requirements of the Telephone Consumer Protection Act (47 U.S.C. § 227) and implementing regulations.

7.3 Consent Records

Customer must maintain records of all consents obtained for outbound communications sent through the Services, including the date, time, method of consent, and the specific consent language presented to the recipient. Customer shall provide copies of consent records to OmegaFP upon reasonable request.

7.4 Suspension for Messaging Violations

OmegaFP may immediately suspend Customer's outbound messaging capabilities (email, SMS, or voice) if OmegaFP reasonably believes that Customer is violating CAN-SPAM, TCPA, carrier policies, or other applicable messaging laws. OmegaFP will notify Customer promptly of any suspension and provide a reasonable opportunity to cure the violation. Repeated violations may result in permanent revocation of messaging capabilities or termination of the Agreement under Section 13.3 of the Master Terms.

8. Changes to Services

8.1 OmegaFP may add, modify, or remove features of the Services. We will provide reasonable advance notice of material changes that negatively affect existing functionality that Customer is actively using.

8.2 OmegaFP may change its subprocessors and infrastructure providers. We will maintain equivalent or better security and performance standards when doing so.

Data Processing Agreement

Processor obligations for U.S. customers — CCPA / CPRA aligned.

Effective: May 9, 2026

This Data Processing Agreement ("DPA") forms part of the Master Terms of Service and applies when OmegaFP processes Personal Data on behalf of Customer in the course of providing the Services. This DPA is designed for United States customers and U.S. data subjects and is aligned with the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"), and other applicable U.S. state privacy laws.

Geographic scope — U.S. only

The Services are offered to U.S.-domiciled customers for the processing of Personal Data relating to U.S. data subjects. Customer shall not submit, upload, or otherwise cause OmegaFP to process Personal Data of individuals located in the European Economic Area, the United Kingdom, or Switzerland ("EU/EEA/UK Personal Data"). OmegaFP does not act as a "processor" within the meaning of the EU/UK General Data Protection Regulation, and this DPA is not intended to make EU/UK GDPR applicable to OmegaFP or the Services. If Customer requires processing of EU/EEA/UK Personal Data, Customer must obtain OmegaFP's prior written consent and execute a separate written agreement covering such processing; absent that, any submission of EU/EEA/UK Personal Data is at Customer's sole risk and constitutes a material breach of this Agreement.

1. Definitions

"Personal Data" means any information relating to an identified or identifiable natural person that is processed through the Services, including names, email addresses, phone numbers, financial data, and any other Client Data that constitutes personal information under applicable law.
"Processing" means any operation performed on Personal Data, including collection, storage, use, disclosure, and deletion.
"Controller" means Customer, the entity that determines the purposes and means of Processing Personal Data.
"Processor" means OmegaFP, which processes Personal Data on behalf of Customer.
"Data Subject" means the natural person whose Personal Data is processed (e.g., Customer's clients, household members).
"Sub-processor" means any third party engaged by OmegaFP to process Personal Data.
"Security Breach" means a confirmed unauthorized access to, or acquisition, disclosure, or loss of, Personal Data processed through the Services.

2. Roles and Responsibilities

2.1 Customer as Controller. Customer is the Controller of all Personal Data submitted to the Services. Customer determines what data is collected, why it is collected, and how it is used. Customer is responsible for ensuring it has a lawful basis to process the Personal Data it submits to the Services.

2.2 OmegaFP as Processor. OmegaFP processes Personal Data only on Customer's behalf and in accordance with Customer's documented instructions (as set out in this DPA and the Master Terms). OmegaFP does not sell Personal Data and does not use Customer's Personal Data for OmegaFP's own commercial purposes or to train its own AI models.

2.3 AI Model Providers. When Customer uses AI features powered by third-party providers (such as AWS Bedrock / Anthropic), prompts and context may be transmitted to those providers' inference endpoints. OmegaFP configures these providers with no-training data-use policies where available. Customer should avoid submitting highly sensitive Personal Data in AI prompts where possible.

3. Scope of Processing

3.1 Categories of Personal Data. OmegaFP may process the following categories of Personal Data on Customer's behalf:

Identity data: names, dates of birth, government IDs (if provided)
Contact data: email addresses, phone numbers, mailing addresses
Financial data: account balances, portfolio values, income figures, tax data (as entered by Customer)
Meeting and communication data: meeting transcripts, call recordings, email metadata, SMS content
Behavioral data: activity logs, usage patterns within the platform
Authentication data: usernames, hashed passwords, SSO tokens

3.2 Data Subjects. The Data Subjects whose Personal Data is processed include Customer's clients, household members, and authorized Users.

3.3 Purpose of Processing. Personal Data is processed solely to provide and improve the Services as described in the Master Terms, including CRM management, AI-assisted features, communications, billing, and compliance archival.

4. OmegaFP's Obligations

4.1 OmegaFP shall:

Process Personal Data only on Customer's documented instructions, which are as set out in this DPA and the Master Terms;
Ensure that personnel with access to Personal Data are subject to appropriate confidentiality obligations;
Implement and maintain the technical and organizational security measures described in Section 5;
Not engage new Sub-processors without providing Customer 30 days' advance notice, giving Customer an opportunity to object;
Provide reasonable assistance to Customer in responding to Data Subject rights requests (Section 6);
Notify Customer of a confirmed Security Breach within 72 hours of confirmation (Section 7);
Delete or return Customer's Personal Data upon termination as described in Section 8;
Provide reasonable information and assistance to Customer in conducting Data Protection Impact Assessments where required.

5. Security Measures

OmegaFP implements the following technical and organizational security measures:

Technical Measures

Encryption of Personal Data in transit using TLS 1.2 or higher
Encryption of Personal Data at rest using AES-256 (AWS KMS-managed keys)
S3 Object Lock (WORM / Compliance Mode) for compliance archive data
Database-level row isolation enforced by firmId on all queries
AWS Cognito with MFA support for authentication
API-layer authorization checks (role-based access control)
Automated vulnerability scanning and dependency auditing
Server-side audit logging of all significant actions

Organizational Measures

Access to production systems limited to OmegaFP personnel on a need-to-know basis
Personnel with access to Personal Data are bound by confidentiality obligations
Incident response procedures for Security Breaches
Regular review of access controls and security configurations

6. Data Subject Rights

6.1 Customer, as Controller, is responsible for responding to Data Subject rights requests (such as access, correction, deletion, or portability requests) under applicable law.

6.2 OmegaFP will, upon Customer's written request, provide reasonable technical assistance to help Customer fulfill Data Subject rights requests within the Services, to the extent technically feasible and within OmegaFP's control.

6.3 Right to Delete. Customer may delete Customer Data through the platform's built-in deletion features. OmegaFP will process deletion requests and remove data from active systems. Note that S3 WORM-archived data subject to a compliance retention period or legal hold cannot be deleted until the retention period expires.

7. Security Breach Notification

7.1 OmegaFP will notify Customer of a confirmed Security Breach affecting Customer's Personal Data within 72 hours of OmegaFP confirming the breach, to the extent permitted by applicable law.

7.2 The notification will include, to the extent known at the time:

Nature and scope of the breach
Categories and approximate number of Data Subjects affected
Likely consequences of the breach
Measures taken or proposed to address the breach

7.3 Customer is solely responsible for its own regulatory notifications to supervisory authorities and Data Subjects under applicable U.S. federal and state law.

8. Data Retention and Deletion

8.1 Active Data. OmegaFP retains Customer's Personal Data in active systems for the duration of the subscription and for 30 days after termination, during which Customer may export data.

8.2 Compliance Archives. SMS and meeting-recording compliance archives stored under S3 Object Lock are retained for the period configured by Customer (default 5 years). These cannot be deleted early due to WORM constraints.

8.3 Backups. Automated database backups are retained for up to 7 days for paid subscribers.

8.4 Post-Termination. After the 30-day data export window, OmegaFP will delete Customer Data from active systems. OmegaFP may retain anonymized or aggregated data derived from Customer Data for product analytics, provided such data cannot reasonably identify Customer or any Data Subject.

9. Sub-processors

9.1 Authorized Sub-processors. Customer authorizes OmegaFP to engage the Sub-processors listed in Schedule A below. OmegaFP will enter into data processing or equivalent agreements with each Sub-processor that impose data protection obligations equivalent in substance to those in this DPA.

9.2 Changes. OmegaFP will give Customer 30 days' advance notice of any new or replacement Sub-processor (by email and/or by updating Schedule A in this DPA). If Customer objects in writing to a new Sub-processor within that period and OmegaFP cannot accommodate the objection, Customer may terminate the Services for cause by providing 30 days' written notice, and OmegaFP will refund any prepaid fees for the remaining unused subscription period.

10. Data Location

10.1 Customer Data is stored and processed in the United States. OmegaFP does not currently offer non-U.S. hosting regions.

10.2 Because EU/EEA/UK Personal Data is out of scope under this DPA (see the geographic-scope notice above), no international transfer mechanism such as the EU Standard Contractual Clauses or the UK International Data Transfer Agreement is contemplated. OmegaFP does not undertake to enter into any such mechanism under this DPA.

11. CCPA Compliance

11.1 To the extent OmegaFP processes Personal Information of California residents as a "Service Provider" under the CCPA/CPRA, OmegaFP agrees not to:

Sell or share Personal Information (as defined under CCPA/CPRA);
Retain, use, or disclose Personal Information for any purpose other than providing the Services;
Combine Personal Information received from Customer with personal information received from other sources, except as permitted by law.

11.2 OmegaFP will assist Customer in fulfilling verified consumer requests under the CCPA/CPRA to the extent technically feasible.

12. Audit Rights

Upon Customer's written request (no more than once per year) and at Customer's expense, OmegaFP will provide reasonable written information to support Customer's verification of OmegaFP's compliance with this DPA, which may include completed security questionnaires or third-party audit summaries. OmegaFP may decline on-site audits due to operational and confidentiality constraints but will provide equivalent documentation where practicable.

13. Governing Law and Venue

This DPA is governed by the laws of the State of Delaware (without regard to conflict-of-law principles), and disputes arising out of or relating to this DPA are resolved as set forth in Section 14 of the Master Terms of Service (binding arbitration in Wilmington, Delaware, with exclusive Delaware venue for permitted court proceedings).

14. Regulatory Retention Acknowledgment

14.1 OmegaFP acknowledges that Customer may be subject to books-and-records requirements under securities regulations, including but not limited to FINRA Rules 4510/4511 and SEC Rules 17a-3/17a-4, and that these requirements may affect data retention and deletion schedules.

14.2 OmegaFP's standard data retention and deletion schedules (Section 8) will accommodate Customer's configured retention periods within the platform. Customer is responsible for configuring appropriate retention periods that meet its regulatory obligations.

14.3 Compliance archive data stored under S3 Object Lock (WORM) will not be deleted before the configured retention period expires, even upon termination of Customer's account. The standard data deletion provisions of Section 8.4 do not apply to data subject to an active WORM retention period or regulatory hold.

14.4 Upon request, OmegaFP will provide reasonable assistance to Customer in responding to regulatory inquiries or examinations that require access to compliance archive data stored within the Services.

Schedule A — Authorized Sub-processors

Each Sub-processor below is bound by a written agreement imposing data protection obligations equivalent in substance to this DPA. OmegaFP will provide 30 days' advance notice of any new or replacement Sub-processor as set forth in Section 9.

Sub-processor	Purpose	Data Processed	Location
Amazon Web Services (AWS)	Cloud infrastructure: RDS PostgreSQL database hosting, S3 document storage, Cognito authentication, SES transactional email, KMS encryption, ElastiCache Redis caching, CloudWatch logging and monitoring, two-way SMS / 10DLC delivery via AWS End User Messaging (Pinpoint SMS Voice V2)	All Customer Data (encrypted at rest with AWS-managed and customer-managed KMS keys; in transit via TLS 1.2+). For SMS: recipient phone numbers and message content carried over U.S. mobile carrier networks (AT&T, T-Mobile, Verizon, US Cellular).	United States (us-east-1 / us-west-2)
AWS Bedrock (Anthropic Claude, Amazon Titan, Amazon Nova models)	AI language model and embedding inference for chat, meeting summaries, document analysis, and advisor assistance. Runs entirely within AWS infrastructure with zero data retention; PII tokenized before each call and Bedrock Guardrails applied.	Tokenized / de-identified text (PII stripped or replaced with firm-scoped tokens before processing)	United States (AWS us-east-1)
Stripe, Inc.	Payment processing and subscription billing	Firm billing information, payment method details	United States
Recall.ai	Meeting recording bot and transcription	Meeting audio / video, participant names, transcripts	United States

Questions about Sub-processors or requests for data processing agreements should be sent to legal@omegafp.com.

Privacy Policy

Collection, use, and protection of your personal information.

Effective: May 14, 2026

1. Overview

This Privacy Policy explains how Omega Tech Ventures, Inc., a corporation organized under the laws of the State of Delaware, operating as OmegaFP ("we", "us", "our") collects, uses, and protects personal information when you use our CRM and AI-powered Services.

By using the Services, you agree to the practices described in this Policy.

2. Scope

This Policy applies to:

Personal information we collect from users of our web application and related services.
Personal information processed on behalf of our customers as part of CRM integrations, meeting note-taking, and AI-powered features.
Use of the OmegaFP Clips browser extension (Chrome) when your firm enables it, as described in Section 3.7.

If we act as a processor/service provider for your organization, our use of personal information is governed by our agreement with you and this Policy.

3. Information We Collect

We collect the following categories of information, depending on how you use the Services:

3.1 Account and Firm Information

Name, email address, password (hashed), and contact details.
Firm name, organization details, and subscription-related information.
User role and permissions within your firm.

3.2 CRM Data

When you connect or import from Third-Party CRMs, we may process:

Household and contact records (names, emails, phone numbers, addresses, tags, notes, custom fields).
Company information (name, contact details, notes).
Tasks and activities (call/meeting notes, status, due dates, outcomes).

3.3 AI Notetaker and Meeting Data

If you (or your firm) use the AI Notetaker, we process:

Audio or video content submitted or recorded via the Services.
Transcripts, summaries, action items, and other derived content.
Metadata such as timestamps, meeting participants (if provided), and context fields you define.

Recording consent and wiretapping laws. Recording a conversation is regulated in every U.S. state and many other jurisdictions. California (Cal. Penal Code § 632), Florida, Illinois, Massachusetts, Maryland, Montana, New Hampshire, Pennsylvania, and Washington are "all-party consent" states — every participant must be informed and consent before a recording begins. The California Invasion of Privacy Act (CIPA, Cal. Penal Code § 631) further restricts the transmission of recorded content to third parties without consent.

OmegaFP provides the recording tool. Our customers (advisors and firms) are responsible for obtaining the legally required consent from every participant before enabling the AI Notetaker for any meeting that involves participants in an all-party-consent jurisdiction. If you are a meeting participant and you have questions about whether you consented, contact the firm that scheduled the meeting; OmegaFP cannot speak to the consent practices of any individual firm.

Third parties involved in transcription and analysis. Recordings are processed by our LLM service providers (AWS Bedrock, OpenAI, and Anthropic) under contracts that prohibit them from using your content to train their models or for any purpose other than providing the contracted service. These providers receive only the audio / transcript content necessary to produce the requested output. See Section 8.1 for the full subprocessor list.

3.4 Usage and Device Information

Log data (IP address, browser type, device identifiers, pages viewed, dates/times).
Actions performed in the app (e.g., CRM connections, sync runs, configuration changes) for security and audit purposes.

3.5 SMS and Text Message Data

If your firm uses OmegaFP's two-way SMS feature, we may process:

Phone numbers of clients who have opted in to receive text messages from your firm.
The content of SMS messages exchanged between advisors and clients through the platform.
Opt-in and opt-out timestamps, consent records, and STOP/HELP keyword responses.
SMS delivery status and metadata (e.g., carrier information, timestamps).

See Section 18 (SMS / Text Messaging Policy) for full details on how consent is collected and how you can opt out.

3.6 Integration and Credential Information

Limited connection information to Third-Party Services, including tokens or API keys.
We store such credentials in an encrypted format using industry-standard mechanisms.

3.7 OmegaFP Clips (browser extension)

If your firm uses OmegaFP Clips, a Chrome extension companion to OmegaFP, you can create short screen, tab, window, and/or camera recordings ("clips") and save them to your OmegaFP workspace. This section describes information involved in that feature in addition to the general categories above (including Section 3.3 where clips may include audio or video).

What you record becomes Customer Data. Clips can include anything visible or audible in the capture you choose (for example, shared screen content, your camera feed, and microphone audio if you enable it). You should only record content you are permitted to capture and that your firm's policies allow.

Capture and upload. When you start a recording, the extension uses Chrome's standard screen and media capture flows. The resulting media file is uploaded to OmegaFP and stored with your firm's other Customer Data so you can view, organize, attach clips to households or internal items (such as support or feedback tickets), or share them using in-product sharing options your administrator enables.
Optional blur regions. If you use blur-before-record, the extension may read layout information (such as element bounding boxes) on the page you are recording so you can select regions to obscure in the final video. That process is for masking only; it is not used to read form fields, passwords, cookies, or other page content for unrelated purposes.
Metadata. We may process metadata associated with clips (for example, title, timestamps, which workspace object a clip is linked to, upload status, and technical details needed to process or stream the file securely).
Extension authentication. After you sign in to OmegaFP and authorize the browser, the extension stores the tokens Chrome allows (for example, short-lived session tokens and refresh tokens) so it can upload clips on your behalf. Those tokens are scoped to your OmegaFP account; uninstalling the extension or revoking authorization from OmegaFP ends that access path.

What we do not do with Clips: We do not sell clip content. We do not use clips to serve third-party ads. We do not operate the extension as a general-purpose tracker of your browsing; recording occurs only when you explicitly start a capture through the extension.

Controls. You can stop using the extension at any time, revoke browser authorization from OmegaFP where that control is offered, and manage or delete saved clips within the OmegaFP application according to your role and your firm's settings. Firm administrators may control whether Clips is available.

4. Email Integration Data (Gmail and Outlook)

When you connect your Gmail or Outlook account to OmegaFP, we access and process email data to provide email management features within our CRM platform.

4.1 Gmail Integration

When you authorize Gmail access, we request the following permissions:

Read emails (gmail.readonly): To display your emails within the OmegaFP interface and associate them with client records.
Send emails (gmail.send): To allow you to compose and send emails to clients directly from OmegaFP.
Modify emails (gmail.modify): To organize emails (archive, label, mark as read) and delete emails when you request it.
Manage labels (gmail.labels): To organize your emails with labels for better client communication tracking.
Profile information (userinfo.email, userinfo.profile): To identify your account and display your email address.

4.2 Outlook/Microsoft Integration

When you authorize Outlook access, we request the following permissions:

Read emails (Mail.Read): To display your emails within the OmegaFP interface.
Send emails (Mail.Send): To allow you to send emails to clients from OmegaFP.
Read and write emails (Mail.ReadWrite): To organize and manage your emails within the platform.
User profile (User.Read): To identify your account.

4.3 How We Use Email Data

We use email integration data solely to:

Display your emails within the OmegaFP CRM interface.
Associate emails with client/household records for relationship management.
Enable you to send, reply to, and manage emails without leaving OmegaFP.
Track client communication history for your reference.

4.4 What We Do NOT Do With Email Data

We do NOT sell your email data to third parties.
We do NOT use your email content for advertising or marketing purposes.
We do NOT share your email content with AI training services.
We do NOT access emails beyond what is necessary to provide the Services.

4.5 Revoking Email Access

You can disconnect your Gmail or Outlook integration at any time from your OmegaFP settings. You can also revoke access directly from your Google Account settings (Security → Third-party apps) or Microsoft Account settings (Privacy → Apps and services).

5. Calendar Integration Data (Google Calendar and Outlook Calendar)

When you connect your calendar, we access event data to help you manage meetings and scheduling within OmegaFP.

5.1 Google Calendar Permissions

Read calendar (calendar.readonly): To display your calendar events in OmegaFP.
Manage events (calendar.events): To create, update, and delete calendar events on your behalf.

5.2 Outlook Calendar Permissions

Read calendars (Calendars.Read): To display your calendar events.
Read and write calendars (Calendars.ReadWrite): To manage calendar events on your behalf.

5A. Financial Account Aggregation (Plaid, Stripe Financial Connections, SnapTrade)

When a household connects their financial accounts to OmegaFP, we use third-party account aggregation providers to retrieve account data on the household's behalf. The advisor managing the household uses this data to build and maintain the household's financial plan inside OmegaFP. We do not move money from these accounts.

5A.1 Aggregation Providers

OmegaFP integrates with the following aggregators. Which provider is used depends on the type of institution the household selects:

Stripe Financial Connections — used for connections to U.S. banks, credit unions, credit-card issuers, and online-deposit accounts. Operated by Stripe, Inc. under their Financial Connections legal summary.
SnapTrade — used for connections to brokerages, IRAs, 401(k)s, employer retirement plans, and similar investment custodians. Operated by Passiv, Inc. Their privacy policy is available at snaptrade.com/privacy.
Plaid — supported in our infrastructure as an alternative aggregator for banks, brokerages, and loans. Plaid is not actively used by default; if your advisor's firm enables Plaid, their privacy policy at plaid.com/legal will also apply.

5A.2 What Data We Collect via Aggregators

Depending on the provider and the permissions granted, we may receive:

Account metadata: institution name, account name, account type (checking, savings, brokerage, 401(k), credit card, etc.), and the last four digits of the account number.
Account balances: current, available, and (where supported) pending balances, refreshed on demand or on a periodic schedule.
Transactions: amount, date, merchant or counterparty name, description, and provider-supplied category, for connected deposit and credit accounts.
Holdings and investment data (SnapTrade only, where supported by the institution): positions, security identifiers, share counts, cost basis where available, and asset class.
Account ownership information: name(s) on the account and the mailing address provided by the institution. Used to confirm that the linked account belongs to a member of the household and to display owner context to the advisor.

We do not request or receive routing or full account numbers, and we do not request payment authorization permissions. OmegaFP cannot initiate transfers, debits, or other money movement from connected accounts.

5A.3 How We Use Aggregation Data

Aggregation data is used solely to:

Display real-time account balances in the household's net-worth and Accounts views.
Show transaction history in a Budgeting view that compares actual spending against the household's planned cash flow.
Feed the household's financial planning projections (cash-flow modeling, Monte Carlo simulation, tax-strategy analyses, retirement scenario planning).
Surface investment holdings and asset location for portfolio analysis.
Confirm to the advisor that a linked account belongs to the correct household member.

Aggregation data is shown only to the licensed advisor managing the household (and the firm-authorized administrators above them). It is not exposed to other firms, advisors, or OmegaFP customers.

5A.4 Where the Data Is Stored

Aggregation data is stored exclusively in the United States, on Amazon Web Services infrastructure (RDS, S3, ElastiCache) within U.S. AWS regions. Access tokens issued by the aggregation providers are encrypted at rest using AWS KMS-managed keys and AES-256-GCM encryption. Tokens are never logged, transmitted to client browsers, or shared outside OmegaFP and the relevant aggregation provider.

5A.5 What We Do Not Do With Aggregation Data

We do not sell aggregation data to any third party.
We do not use aggregation data for advertising or marketing.
We do not share aggregation data with AI model training services. The household's transaction descriptions, balances, holdings, and ownership data are not used to train OmegaFP's AI features or any external model.
We do not share aggregation data with credit bureaus, marketing partners, or data brokers.
We do not initiate transfers, debits, or any other money movement using connected account credentials.

5A.6 Revoking and Disconnecting

You or your advisor may disconnect a linked institution at any time:

From inside OmegaFP: open the household's Planning → Accounts tab and use the Disconnect control on the relevant connection. Disconnecting stops future syncs and revokes our authorization with the aggregation provider where supported.
From the aggregator: you can also revoke OmegaFP's access directly at the provider:
- Stripe Financial Connections — support.stripe.com/topics/financial-connections
- SnapTrade — snaptrade.com account portal
- Plaid (if enabled) — my.plaid.com

After a connection is disconnected, the cached balances, transactions, holdings, and ownership details we previously retrieved remain stored under our retention schedule (see Section 10) until your advisor or your firm administrator removes them or your household record is deleted. Aggregation tokens are immediately invalidated on disconnect.

5A.7 Aggregator Privacy Policies

The aggregation providers receive and process your data under their own privacy policies and applicable Terms of Service. By choosing to connect an institution, you also agree to the relevant provider's terms:

Stripe Financial Connections — stripe.com/privacy
SnapTrade — snaptrade.com/privacy
Plaid (if enabled) — plaid.com/legal

6. How We Use Information

We use personal information to:

Provide and operate the Services, including CRM imports, sync, AI note-taking, OmegaFP Clips screen recordings stored in your workspace, email integration, and analytics.
Secure the Services, including authentication, monitoring, logging, and incident response.
Improve and develop the Services, including training and refining models and features in a way that is aggregated, de-identified, or otherwise not reasonably linked to identifiable individuals.
Communicate with you about your account, product updates, and support.
Comply with legal obligations and enforce our Terms.

We do not sell personal information. We do not use Customer Data for advertising or marketing to third parties.

7. Legal Bases (where required)

Where applicable (e.g., in the EEA/UK), we process personal information based on:

Performance of a contract (providing the Services).
Legitimate interests (e.g., securing and improving the Services).
Compliance with legal obligations.
Consent, where required (e.g., marketing communications); you may withdraw consent at any time.

8. Sharing and Disclosure

We may share personal information with:

8.1 Service Providers and Subprocessors

Hosting and infrastructure providers (AWS).
AI processing and transcription providers (Amazon Bedrock).
Financial account aggregation providers: Stripe Financial Connections (Stripe, Inc.), SnapTrade (Passiv, Inc.), and Plaid (Plaid Inc.) where enabled. See Section 5A for what data each provider processes on our behalf and how to revoke their access.
Payment processing (Stripe, Inc.) for firm and household billing.
SMS delivery (AWS End User Messaging).
Analytics, logging, and monitoring tools.
Customer support and communication tools.

These providers process data on our behalf under written agreements with confidentiality and security obligations consistent with industry standards.

8.2 Third-Party CRMs and Integrations

When you connect a Third-Party CRM, email provider (Gmail, Outlook), or other integration, we share or receive information as configured by you. Data shared with Third-Party Services is governed by their own privacy policies.

8.3 Corporate Transactions

In connection with a merger, acquisition, financing, or sale of assets, personal information may be transferred as part of the transaction, subject to appropriate safeguards.

8.4 Legal Requirements and Protection

We may disclose information if required by law or to:

Comply with legal process.
Protect the rights, property, or safety of OmegaFP, our users, or others.
Detect, prevent, or address fraud, security, or technical issues.

9. Data Security

9.1 We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized or unlawful access, use, disclosure, alteration, or destruction.

9.2 Our security program includes controls aligned with recognized frameworks and SOC 2–style practices, such as:

Access control and authentication for production environments.
Encryption of data in transit (TLS) and at rest (AES-256) using industry-standard protocols.
Segregation of environments and least-privilege access principles.
Logging and monitoring of key systems.
Vendor risk management and periodic security reviews of critical providers.

9.3 While we take these measures, no security program can guarantee absolute security. You are responsible for maintaining the security of your systems, devices, and credentials.

10. Data Retention

10.1 We retain personal information for as long as necessary to:

Provide the Services.
Comply with legal, accounting, or reporting obligations.
Resolve disputes and enforce agreements.

10.2 After termination of your account, we may:

Retain certain records for a limited period for legitimate business or legal purposes.
Delete or de-identify Customer Data in accordance with our retention schedules and any applicable data processing agreement.

If you require specific retention or deletion arrangements, contact us or refer to your enterprise agreement.

11. International Transfers

We may process and store personal information in countries other than where it was collected. Where required, we implement appropriate safeguards for cross-border transfers, such as contractual protections.

12. Your Rights

Depending on your jurisdiction, you may have rights such as:

Accessing personal information we hold about you.
Requesting correction or deletion of your personal information.
Objecting to or restricting certain processing.
Porting your data to another service.
Withdrawing consent where processing is based on consent.

To exercise rights, contact us at privacy@omegafp.com. We may need to verify your identity and coordinate with your organization (if you are an end user of a firm customer).

13. Cookies and Similar Technologies

We use cookies and similar technologies to operate, secure, and improve the Services.

13.1 Essential Cookies

Required for authentication, session management, and security (including CSRF protection). These cookies cannot be disabled without losing access to the Services. Duration: session or up to 24 hours.

13.2 Preference Cookies

Store your settings such as theme (light/dark mode), layout preferences, and timezone selection. Duration: up to 1 year.

13.3 Analytics Cookies

Help us understand usage patterns and improve the Services by collecting aggregated, non-personally-identifiable usage metrics. Duration: up to 2 years.

13.4 Advertising and Tracking

We do not use advertising or tracking cookies. OmegaFP does not serve advertisements and does not use cookies to track you across third-party websites.

13.5 Third-Party Cookies

Our payment processor (Stripe) and authentication provider (AWS Cognito) may set their own cookies when you interact with payment or login features. These cookies are subject to those providers' respective privacy policies and are outside OmegaFP's direct control.

13.6 Managing Cookies

You can control and delete cookies through your browser settings. Most browsers allow you to block or delete cookies via their privacy or settings menus. However, disabling essential cookies may prevent you from logging in or using the Services. For more information, consult your browser's help documentation.

13.7 Do Not Track

OmegaFP does not currently respond to "Do Not Track" (DNT) browser signals because there is no universally accepted standard for how to interpret or respond to DNT signals. We will update this practice if a standard is adopted.

14. Children's Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe we have collected such information, contact us so we can take appropriate action.

15. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice (e.g., via the app or email). Your continued use of the Services after the effective date of an updated Policy constitutes your acceptance.

16. Governing Law

This Privacy Policy and any dispute arising hereunder shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict-of-law principles.

18. SMS / Text Messaging Policy

18.1 How Consent Is Collected

OmegaFP enables financial advisors to send and receive text messages with their clients through our platform. Before any SMS messages are sent, the advisor's firm must obtain express written consent from each client. Consent is collected via text message: when an advisor initiates contact, the client receives an opt-in request and must affirmatively reply (e.g., reply YES) before any subsequent messages are sent. No messages are delivered to a client until their affirmative reply is received and recorded.

18.2 What Clients Consent To

By opting in, clients agree to receive text messages from their financial advisor's firm via OmegaFP, which may include:

Appointment reminders and meeting confirmations.
Account notifications and service updates related to their advisory relationship.
Responses to client-initiated inquiries via SMS.

Message frequency varies by firm and client relationship. Message and data rates may apply.

18.3 How to Opt Out

Clients can opt out of SMS messages at any time by replying STOP to any message. Upon receiving a STOP reply, OmegaFP will immediately cease sending messages to that phone number and record the opt-out. Clients may also reply HELP at any time to receive assistance information.

18.4 SMS Data Retention and Compliance

All SMS messages sent and received through OmegaFP are archived in compliance with applicable SEC and FINRA recordkeeping requirements (including SEC Rule 17a-4 and FINRA Rule 4511). Archived messages are stored in WORM (Write Once, Read Many) format for a minimum of five years. Opt-in and opt-out records are retained for the same period.

18.5 No Sale or Sharing of SMS Data

Mobile information, SMS opt-in data, and consent records will not be shared with third parties or affiliates for marketing or promotional purposes. SMS data is used solely to deliver messages, maintain compliance records, and operate the platform. The categories of data covered by this commitment include phone numbers, opt-in/opt-out timestamps, consent text the client agreed to, message content exchanged, and delivery status metadata.

We may share SMS-related information only with the limited set of sub-processors necessary to deliver the message (see Data Processing Agreement, Schedule A for the current list). These sub-processors are contractually prohibited from using mobile information for any purpose other than message delivery on our behalf.

18.6 SMS Provider and Sub-Processors

SMS messages are delivered through Amazon Web Services End User Messaging (Pinpoint SMS Voice V2), operating under our AWS account in the United States. AWS processes recipient phone numbers, message content, opt-out registrations, and delivery-status events strictly to deliver SMS on OmegaFP's behalf. AWS is bound by its own customer agreement and AWS Acceptable Use Policy, both of which prohibit the use of customer data for AWS's own marketing purposes.

18.7 Message Frequency, Rates, and Carrier Limitations

Message frequency varies depending on the firm's communication patterns and the client's engagement (typical range: 1–10 messages per month per advisor relationship; appointment reminders may add 1–4 messages around scheduled meetings). Message and data rates may apply based on the client's mobile carrier and plan. Consent to receive SMS is not a condition of receiving services from OmegaFP or the advisor's firm. SMS delivery is subject to mobile carrier delivery windows, network availability, and carrier filtering rules; OmegaFP does not guarantee delivery of any individual message.

19. Your California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA)and the California Privacy Rights Act (CPRA) give you specific rights regarding your personal information. This section explains those rights and how to exercise them.

19.1 Our Practices

We do not sell personal information. We have not sold personal information in the preceding 12 months and have no plans to.
We do not share personal information for cross-context behavioral advertising.We do not use advertising pixels, ad-tech networks, or data brokers, and we do not participate in cross-site behavioral advertising of any kind.
We use service providers who process data on our behalf under contract. See Section 8.1 for the list. Each is bound to use the data only to provide the contracted service.

19.2 Your Rights

Right to know the categories and specific pieces of personal information we have collected about you, the sources, the business purposes for collection, and the categories of third parties with whom we share it.
Right to delete personal information we have collected about you, subject to certain exceptions (e.g., legal retention obligations, security, completion of a transaction you requested).
Right to correct inaccurate personal information we maintain about you.
Right to opt-out of sale or sharing of personal information. We do not sell or share for behavioral advertising, but you may still exercise this right.
Right to limit use of sensitive personal information.
Right to non-discrimination — we will not deny services, charge different prices, or provide a different level of service because you exercised any of these rights.

19.3 How to Exercise Your Rights

Submit a request via the form at omegafp.com/legal/california-privacy or email privacy@omegafp.com. We respond to verifiable requests within 45 days as required by CCPA § 1798.130(a)(2). For complex requests we may extend the window by 45 additional days with notice. Before processing requests that delete or change data, we may follow up to verify your identity — this protects you from someone impersonating you.

19.4 Authorized Agents

You may designate an authorized agent to make a request on your behalf. The agent must provide written permission signed by you, and we may require you to verify your identity directly with us.

17. Contact Us

For privacy-related questions or requests:

Email: privacy@omegafp.com
Website: https://omegafp.com
California residents: Your California Privacy Rights

Cookie & Tracking Policy

What cookies we use, why, and how to manage them.

Effective: May 20, 2026

What Are Cookies?

Cookies are small text files that are placed on your device (computer, tablet, or mobile) when you visit a website. They are widely used to make websites work more efficiently and provide information to website owners.

How We Use Cookies

OmegaFP uses cookies and similar technologies for the following purposes:

1. Essential Cookies (Required)

These cookies are necessary for the platform to function properly. They enable core functionality such as:

Authentication: Maintaining your login session and security
Security: Protecting against security threats and unauthorized access
Preferences: Remembering your preferences (e.g., sidebar collapsed state, panel widths)

These cookies cannot be disabled as they are essential for the platform to work.

2. Functional Cookies (Optional)

These cookies enhance functionality and personalization:

User Preferences: Storing your UI preferences (e.g., dark mode, layout settings)
Chat Settings: Remembering your chat interface preferences
Firm Settings: Storing firm-specific display preferences

You can disable these cookies, but some features may not work as expected.

3. Analytics Cookies (PostHog) — opt-in only

Provider: PostHog (us.i.posthog.com)
Purpose: Anonymous usage analytics — which pages are visited, which features get used — to inform product decisions. No advertising, no cross-site tracking.
Type: Analytics; loaded only after you click "Accept all" or enable "Analytics" in the consent banner.
Duration: PostHog cookies persist for up to 12 months. You can revoke consent at any time via the "Manage cookies" link in the footer.
Person profiles: We configure PostHog with person_profiles: 'identified_only' — anonymous visitors are not assigned a stable identity. Logged-in users are associated with their internal user id, which is not PII on its own.

Types of Cookies We Use

First-Party Cookies

These are cookies set by OmegaFP directly:

Session Cookies: Temporary cookies that expire when you close your browser
Persistent Cookies: Cookies that remain on your device for a set period or until you delete them
Local Storage: Browser storage used to remember your preferences (similar to cookies)

Third-Party Cookies

OmegaFP does not use third-party cookies for advertising or tracking purposes. We do not share your data with advertising networks.

Specific Cookies Used

Authentication Cookies

Purpose: Maintain your login session
Type: Essential
Duration: Session-based (expires when you close your browser) or persistent (for "Remember Me" functionality)
Security: Secure, HttpOnly, SameSite flags enabled

Preference Cookies

Purpose: Remember your UI preferences and settings
Type: Functional
Duration: Persistent (until you clear them)
Examples: Dark mode preference, sidebar collapsed state, panel widths, chat interface settings

Service-Provider Cookies

Some of OmegaFP's service providers set their own cookies when their functionality is invoked. These are operational (not advertising) and are bound by data-processing agreements that prohibit use for any purpose other than providing the service.

Stripe (payments)

Domain: js.stripe.com, m.stripe.com
When loaded: Only after you click "Continue to payment" on an invoice or proposal page (/pay/*, /approve/*). Stripe is not contacted on page load.
Purpose: Secure payment collection, fraud detection.
Duration: Up to 24 months per Stripe's policy.
See: stripe.com/cookies-policy

AWS Cognito (authentication)

Domain: cognito-idp.us-east-1.amazonaws.com (API only)
When loaded: Only at sign-in / sign-up.
Purpose: User authentication, session security.
Duration: Session-scoped JWT tokens; refresh tokens up to 30 days unless you sign out.

Local Storage

OmegaFP uses browser Local Storage (similar to cookies) to store:

User Preferences: UI settings and display preferences
Chat Settings: Starred conversations, panel states
Firm Settings: Firm-specific display preferences
Consent record: Your cookie banner choice (key: omegafp-consent)

Local Storage data is stored locally on your device and is not transmitted to our servers except as part of normal application functionality.

How to Manage Cookies

Browser Settings

You can control cookies through your browser settings. Most browsers allow you to:

View Cookies: See what cookies are stored on your device
Delete Cookies: Remove cookies from your device
Block Cookies: Block all or specific types of cookies
Set Preferences: Choose which types of cookies to allow

Note: Blocking essential cookies may prevent the platform from functioning properly.

Browser-Specific Instructions

Chrome: Settings → Privacy and security → Cookies and other site data
Firefox: Options → Privacy & Security → Cookies and Site Data
Safari: Preferences → Privacy → Cookies and website data
Edge: Settings → Privacy, search, and services → Cookies and site permissions

Opt-Out Tools

Advertising Industry Opt-Out:

Note: OmegaFP does not currently use advertising cookies, but these tools can help you manage cookies across all websites.

Do Not Track (DNT)

Some browsers include a "Do Not Track" (DNT) feature that sends a signal to websites indicating that you do not want to be tracked.

OmegaFP's Response to DNT Signals:

We acknowledge DNT signals
We do not use cookies or tracking technologies for advertising or cross-site tracking
Essential and functional cookies are still used to provide core platform functionality
Analytics cookies (PostHog) respect DNT signals (respect_dnt: true)

Third-Party Tracking

OmegaFP does not use third-party tracking services for advertising purposes. We do not:

Share your data with advertising networks
Use third-party cookies for advertising
Track you across other websites
Use tracking pixels or web beacons for advertising

Note: We may use service providers (cloud infrastructure, AI services) that process data as part of providing our services, but these are not used for advertising or cross-site tracking.

Changes to This Policy

We may update this Cookie and Tracking Policy from time to time. When we make changes:

Notification: We will notify you via email (if you have an account) or by posting a notice on our website
Effective Date: The "Last Updated" date at the top of this policy will be updated
Material Changes: For material changes, we will provide at least 30 days' notice

Contact Us

If you have questions about this Cookie and Tracking Policy, contact us at privacy@omegafp.com.

Your California Privacy Rights

CCPA / CPRA notice and rights-request form.

Effective: May 20, 2026

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) give you specific rights regarding your personal information. This section explains those rights and lets you exercise them.

Our practices in plain language

We do not sell personal information. We have not sold personal information in the preceding 12 months and have no plans to.
We do not share personal information for cross-context behavioral advertising. No ad pixels, no ad-tech partners, no data brokers.
We do use service providers who process data on our behalf under contract — for example, AWS (hosting), Stripe (payments), Plaid / SnapTrade / Stripe Financial Connections (financial-account aggregation, only at customer request), and AWS Bedrock / OpenAI / Anthropic (LLM providers behind the AI Notetaker and chat assistant). Each is bound to use the data only to provide the contracted service.

Your rights

Right to know what personal information we collect, use, and disclose.
Right to delete personal information we hold about you (subject to legal retention obligations).
Right to correct inaccurate personal information.
Right to opt-out of the sale or sharing of personal information (we do not do either, but you may still exercise the right).
Right to limit the use and disclosure of sensitive personal information.
Right to non-discrimination for exercising any of these rights.

We respond to verifiable consumer requests within 45 days as required by CCPA § 1798.130(a)(2). For complex requests we may extend the window by 45 additional days with notice.

Authorized Agents

You may designate an authorized agent to make a request on your behalf. The agent must provide written permission signed by you, and we may require you to verify your identity directly with us.

Submit a privacy request

Fill out the form below. We may follow up via email to verify your identity before processing requests that delete or change data — this protects you from someone impersonating you.

Prefer email? Reach us at privacy@omegafp.com.