Privacy Policy - OmniGST

OmniGST is committed to protecting your financial data and ensuring compliance with the New Zealand Privacy Act 2020. This policy explains how we collect, use, and safeguard your information.

1. Information We Collect

When you use OmniGST, we collect:

Account Information: Phone numbers (+64) used for registration and authentication.
Financial Documents: Images or files of receipts, invoices, and bills you upload for processing.
Extracted Data: Structured data derived from your uploads, including vendor names, GST numbers, totals, and tax amounts.

2. How We Use Your Data

We use your data strictly to provide and improve the OmniGST service:

To extract and categorize financial information using our AI-driven rule engine.
To apply our proprietary GST validation logic (e.g., flagging rates outside the 12.8% - 15.2% range).
To facilitate seamless data export or direct API integration with accounting software like Xero (only upon your explicit authorization).
We do not sell your personal or financial data to third parties.

3. Data Residency and Security

Local Hosting: All uploaded documents and extracted data are hosted within the AWS Auckland Region to ensure data sovereignty.
Encryption: Data is encrypted at rest using AES-256 and in transit using TLS 1.3 protocols.
Data Retention: To assist users with IRD compliance, we offer secure storage of processed records. You may request the deletion of your account and associated data at any time by contacting our support team.

4. Third-Party Integrations (Xero)

If you choose to connect OmniGST to Xero:

We utilize the secure OAuth 2.0 protocol.
We only request the minimum permissions necessary to push draft bills and attach original receipt images to your Xero account.

5. Contact Us

For any privacy-related inquiries or to exercise your rights under the Privacy Act 2020, please contact us at: support@omnigst.com