Privacy Policy

Last Updated: April 8, 2025

Introduction

OMAX Group Ltd ("OMAX," "we," "us," or "our") is committed to protecting your privacy and safeguarding your personal data. We are a private limited company registered in England and Wales (Company No. 16125244), with our registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you interact with our website, platform, and services. We process personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Scope

This Privacy Policy applies to personal data collected and processed in connection with:

• Your use of our website and platform at omaxtelecom.com
• Our provision of services, including eSIM, SMS, VoIP, and other telecommunications services
• Business communications, inquiries, and correspondence
• Recruitment and employment activities

OMAX as Data Controller and Processor

In most cases, OMAX acts as the data controller, determining the purposes and means of processing your personal data.

In certain B2B contexts, OMAX acts as a data processor when processing end users' personal data on behalf of our business customers. In such cases, the business customer is the data controller, and a Data Processing Agreement governs our processing activities.

Personal Data We Collect

We may collect and process the following categories of personal data:

Information you provide directly:

• Name, email address, company name, and contact details submitted through forms
• Account registration data, including login credentials
• Payment and billing information

Information collected automatically:

• IP address, device type, browser type, and operating system
• Cookies and similar tracking technologies
• Pages visited, time spent, and referral sources

Service usage data:

• eSIM profile and activation data
• SMS metadata (sender, recipient, timestamps)
• Call detail records for voice services
• Usage logs and analytics

How We Use Your Data

We process your personal data for the following purposes:

• Service delivery: To provide, maintain, and improve our telecommunications services
• Billing and payments: To process transactions, manage accounts, and issue invoices
• Quality assurance: To monitor service quality and resolve technical issues
• Legal compliance: To meet our regulatory, tax, and legal obligations
• Marketing: To send promotional communications where you have given consent
• Security: To detect, prevent, and respond to fraud, abuse, or security incidents

Legal Bases for Processing

We rely on the following legal bases under UK GDPR:

• Contract performance: Processing necessary to fulfil our contractual obligations to you
• Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services, preventing fraud, and ensuring network security
• Consent: Where you have given explicit consent, such as for marketing communications
• Legal obligation: Processing required to comply with applicable laws and regulations

How We Share Your Data

We may share your personal data with the following categories of recipients:

• Affiliates: Companies within the OMAX Group for internal administration and service delivery
• Service providers: Third-party vendors who assist with hosting, payment processing, analytics, and customer support
• Telecom partners: Network operators and wholesale partners necessary for service provisioning
• Legal and regulatory authorities: Where required by law, court order, or regulatory request

We do NOT sell your personal data to third parties.

International Data Transfers

OMAX is headquartered in the United Kingdom. Your personal data may be processed in countries outside the UK where our service providers or telecom partners operate.

When transferring data internationally, we implement appropriate safeguards including:

• Transfers to countries with an adequacy decision from the UK Secretary of State
• Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office
• Other lawful transfer mechanisms as required under UK GDPR

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Active accounts: Data is retained for the duration of your use of our services
• Financial records: 6–7 years as required by tax and accounting regulations
• Telecommunications logs: Retained in accordance with applicable telecommunications law
• Job applicant data: 6–12 months after the recruitment process concludes

Data Security

We take appropriate technical and organisational measures to protect your personal data, including:

• TLS encryption for data in transit
• Access controls and role-based permissions
• Regular security assessments and vulnerability testing
• Incident response plans and breach notification procedures

Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your data where there is no compelling reason for continued processing
• Right to restrict processing: Request that we limit how we use your data
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to object: Object to processing based on legitimate interests or direct marketing
• Right to withdraw consent: Where processing is based on consent, withdraw it at any time
• Right to complain: Lodge a complaint with the Information Commissioner's Office (ICO)

To exercise any of these rights, please contact us using the details below.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date above.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

Data Protection Officer
Email: dpo@omaxtelecom.com

OMAX Group Ltd
71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Telephone: +44 20 805 861 85

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Website: ico.org.uk
Telephone: +44 303 123 1113

Last Updated: 8 April 2025