GDPR Compliance

Effective Date: September 5, 2025

OmniCore Ventures is committed to protecting the privacy and personal data of individuals in accordance with the General Data Protection Regulation (GDPR). This page explains how we comply with GDPR requirements and your rights as a data subject.

1. Our Commitment to GDPR

OmniCore Ventures is committed to:

• Processing personal data lawfully, fairly, and transparently
• Collecting data only for specified, explicit, and legitimate purposes
• Ensuring data is adequate, relevant, and limited to what is necessary
• Keeping personal data accurate and up to date
• Storing data for no longer than necessary
• Processing data securely with appropriate technical measures

2. Legal Basis for Processing

3. Your GDPR Rights

4. How to Exercise Your Rights

To exercise any of your GDPR rights, please:

• Contact us using the information provided at the bottom of this page
• Clearly state which right you wish to exercise
• Provide sufficient information to verify your identity
• Specify the personal data you're referring to (if applicable)

We will respond to your request within one month of receiving it. In complex cases, we may extend this period by up to two months.

5. Data Security Measures

We implement robust security measures including:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication mechanisms
• Staff training on data protection principles
• Secure data centers and cloud infrastructure
• Regular backup and disaster recovery procedures

6. Data Transfers Outside the EU

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules (BCRs)
• Certification schemes and codes of conduct

7. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay. We will also report qualifying breaches to the relevant supervisory authority within 72 hours of becoming aware of the breach.

8. Third-Party Processors

We work with carefully selected third-party processors who:

• Have appropriate technical and organizational measures in place
• Process data only on our instructions
• Are bound by data processing agreements
• Comply with GDPR requirements

9. Children's Data

We do not knowingly process personal data of children under 16 years of age without appropriate consent from parents or guardians. If we become aware that we have collected such data, we will take steps to delete it promptly.

10. Complaints and Supervisory Authority

If you believe that your personal data has been processed in violation of GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you live, work, or where the alleged infringement took place.

11. Regular Reviews and Updates

We regularly review our data processing activities and update our practices to ensure ongoing GDPR compliance. This page will be updated to reflect any changes in our approach to data protection.