top of page
rown Lounge Chair

Privacy Policy

A legal disclaimer

Legal Disclaimer

 

The information provided by ODMS Retail on this website and in our documentation, including but not limited to terms and conditions, privacy policies, and shipping policies, is for general informational purposes only. All information on the Site is provided in good faith, however, we make no representation or warranty of any kind, express or implied, regarding the accuracy, adequacy, validity, reliability, availability, or completeness of any information on the Site.

 

Under no circumstance shall we have any liability to you for any loss or damage of any kind incurred as a result of the use of the site or reliance on any information provided on the site. Your use of the site and your reliance on any information on the site is solely at your own risk.

 

External Links Disclaimer

 

Our website and documents may contain links to other websites or content belonging to or originating from third parties. Such external links are not investigated, monitored, or checked for accuracy, adequacy, validity, reliability, availability, or completeness by us. We do not warrant, endorse, guarantee, or assume responsibility for the accuracy or reliability of any information offered by third-party websites linked through the site or any website or feature linked in any banner or other advertising. We will not be a party to or in any way be responsible for monitoring any transaction between you and third-party providers of products or services.

 

Professional Disclaimer

 

The information contained in this document and on our website is not intended as, and shall not be understood or construed as, legal, financial, or professional advice. While the employees and owners of ODMS Retail are professionals, the information provided is not a substitute for advice from a licensed professional who is aware of the facts and circumstances of your individual situation.

 

You should consult with a qualified professional for any legal, financial, or other professional advice. Do not disregard professional advice or delay in seeking professional advice because of something you have read on this website or in our documents.

 

"As Is" and "As Available" Disclaimer

 

Our services and all information provided are on an "as is" and "as available" basis. ODMS Retail expressly disclaims all warranties of any kind, whether express or implied, including, but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. ODMS Retail makes no warranty that (1) the services will meet your requirements; (2) the services will be uninterrupted, timely, secure, or error-free; (3) the results that may be obtained from the use of the services will be accurate or reliable; or (4) the quality of any products, services, information, or other material purchased or obtained by you through the services will meet your expectations.

Privacy Policy - the basics

Introduction

At ODMS Retail, we are committed to protecting the privacy and security of your personal and business data. This Privacy Policy outlines how we collect, use, store, and safeguard your information when you interact with our website, use our services, or communicate with us. We adhere to industry best practices and comply with applicable data protection laws, including GDPR and CCPA where relevant.

Information We Collect

We collect various types of information to provide and improve our services:

 

  • Personal Identification Information: Name, email address, phone number, job title, and company name when you register for an account, request a demo, subscribe to our newsletter, or contact us.

  • Business Information: Details about your retail operations, sales data, inventory data, customer data (anonymized or aggregated where possible), and other relevant business metrics necessary for providing our solutions.

  • Technical Data: IP address, browser type and version, operating system, referral source, website navigation paths, and information about the timing, frequency, and pattern of your service use. This data is collected through cookies and similar technologies.

  • Customer Support Interactions: Records of communications with our support team, including phone calls, emails, and chat transcripts, to help resolve issues and improve our service.

How We Use Your Information

We use the collected information for the following purposes:

 

  • To Provide and Manage Services: To deliver, operate, maintain, and improve our retail solutions, including POS systems, inventory management, CRM, e-commerce integration, and data analytics.

  • To Personalize User Experience: To tailor our services and communications to your specific needs and preferences.

  • For Communication: To respond to inquiries, send service-related announcements, updates, security alerts, and administrative messages. We may also send marketing communications about new features, promotions, or other information we think may be of interest to you, with your consent.

  • For Analytics and Improvement: To understand how our services are used, analyze trends, track user activities, and gather demographic information to enhance our product offerings and service delivery.

  • For Security and Fraud Prevention: To protect our services and users from fraudulent activities, unauthorized access, and other security threats.

  • For Legal Compliance: To comply with legal obligations, enforce our terms and conditions, and resolve disputes.

How We Share Your Information

We do not sell your personal or business data to third parties. We may share your information in the following circumstances:

 

  • Service Providers: We may engage trusted third-party service providers to perform functions on our behalf, such as hosting, data analysis, payment processing, marketing assistance, and customer service. These providers are obligated to protect your information and use it only for the purposes for which it was disclosed.

  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred to the acquiring entity. We will notify you via email or a prominent notice on our website of any such change in ownership or control of your personal data.

  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).

  • With Your Consent: We may share your information with third parties when we have your explicit consent to do so.

Data Security

We implement robust technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. These measures include:

 

  • Encryption: Using industry-standard encryption protocols (e.g., SSL/TLS) for data in transit and at rest.

  • Access Controls: Implementing strict access controls and authentication mechanisms to limit access to sensitive data only to authorized personnel.

  • Regular Security Audits: Conducting regular security audits and vulnerability assessments to identify and address potential weaknesses.

  • Employee Training: Providing ongoing privacy and security training to our employees to ensure they understand their responsibilities in protecting your data.

  • Backup and Disaster Recovery: Maintaining comprehensive backup and disaster recovery plans to prevent data loss.

 

While we strive to use commercially acceptable means to protect your data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

Data Retention

We retain your personal and business data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Once your data is no longer needed, we will securely delete or anonymize it.

Your Data Protection Rights

Depending on your location and applicable data protection laws, you may have the following rights regarding your personal data:

 

  • Right to Access: You have the right to request access to the personal data we hold about you.

  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.

  • Right to Erasure (Right to Be Forgotten): You have the right to request the deletion of your personal data under certain circumstances.

  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.

  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

  • Right to Object: You have the right to object to the processing of your personal data under certain circumstances, including for direct marketing purposes.

  • Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

 

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request in accordance with applicable data protection laws.

Cookies and Tracking Technologies

Our website and services use cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and personalize content. Cookies are small data files stored on your device. You can control cookie preferences through your browser settings. However, disabling cookies may affect the functionality of our website and services.

Third-Party Links

Our website and services may contain links to third-party websites or services that are not operated by us. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the content, privacy policies, or practices of third-party websites or services.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or service offerings. We will notify you of any significant changes by posting the revised policy on our website and updating the "Effective Date" at the top of this policy. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

 

ODMS Retail
5062 Lankershim blvd, north hollywood ca 91601
Email: info@odmsl.com
Phone: I213-952-90993

 

Effective Date: October 24, 2025ODMS Retail Privacy Policy

What to include in the Privacy Policy

What to include in the Privacy Policy

11. International Data Transfers

 

This critical section addresses the procedures and legal frameworks governing the movement of personal data across national borders. In an increasingly globalized digital landscape, businesses often operate internationally or serve a diverse clientele, necessitating clear guidelines for cross-border data flows. This ensures compliance with various data protection regulations worldwide and maintains the trust of data subjects.

  • Cross-Border Data Flows: Clearly articulate if and how personal data is transferred beyond the primary operating regions of the client or ODMS Retail. This includes specifying the exact nature of the data transferred, the purpose of such transfers, and the recipient countries. For instance, detail scenarios such as data transfers from the European Union (EU) to the United States (US), or vice-versa, as well as transfers to other regions like Asia, Africa, or South America. This transparency helps data subjects understand where their data might be processed and stored.

  • Legal Basis for Transfers: Specify the robust legal mechanisms relied upon for legitimizing such international data transfers. This is paramount for demonstrating compliance with stringent data protection regulations such as the General Data Protection Regulation (GDPR) in the EU, the California Consumer Privacy Act (CCPA) in the US, and similar laws globally. Examples of legal bases include:

    • Standard Contractual Clauses (SCCs): These are pre-approved model clauses provided by regulatory bodies (e.g., the European Commission) that parties can incorporate into contracts to ensure adequate data protection when transferring data to countries not deemed to offer an adequate level of protection.

    • Binding Corporate Rules (BCRs): These are internal codes of conduct applied by multinational corporations for transfers of personal data within their group of undertakings. BCRs require approval from relevant data protection authorities and offer a strong framework for intra-group data transfers.

    • Adequacy Decisions: Some countries or regions have been deemed by regulatory bodies (e.g., the European Commission) to provide an adequate level of data protection. Transfers to these "adequate" countries do not require additional safeguards.

    • Derogations for Specific Situations: In certain limited circumstances, data transfers may be permissible based on specific derogations, such as the explicit consent of the data subject, the necessity of the transfer for the performance of a contract, or for important reasons of public interest. These derogations must be applied strictly and with careful consideration.

  • Safeguards: Elaborate on the comprehensive safeguards implemented to ensure that transferred data remains protected to the same rigorous standards as in the originating jurisdiction. These safeguards should encompass both technical and organizational measures. Examples include:

    • Encryption and Anonymization: Describing the use of robust encryption protocols (e.g., end-to-end encryption) for data in transit and at rest, and the application of anonymization or pseudonymization techniques where appropriate, to reduce the risk of re-identification.

    • Access Controls: Detailing strict access control mechanisms, including role-based access, multi-factor authentication, and regular access reviews, to ensure that only authorized personnel can access personal data.

    • Security Audits and Penetration Testing: Highlighting regular security audits, vulnerability assessments, and penetration testing to identify and remediate potential security weaknesses in systems and processes involved in data transfers.

    • Data Processing Agreements (DPAs): Explaining the use of comprehensive Data Processing Agreements with all third-party processors involved in international data transfers, outlining their obligations regarding data protection and security.

    • Training and Awareness: Emphasizing ongoing employee training programs on data protection best practices, particularly concerning international data transfer regulations, to foster a culture of privacy awareness.

    • Impact Assessments: Mentioning the conduct of Data Protection Impact Assessments (DPIAs) for high-risk data transfers to proactively identify and mitigate potential privacy risks.

12. Children's Privacy

 

This section is paramount if there is any potential for the services to interact with or collect data from minors. Protecting the privacy of children is a legal and ethical imperative, with specific regulations in place globally to safeguard their online experience.

  • Age Limitation: Explicitly and unequivocally state that our services are not intended for, nor directed at, individuals under a specific age. This age limit should be determined in accordance with relevant laws and regulations applicable to the service's target audience and operational scope. For example, specify whether the age limit is 13 (as per the Children's Online Privacy Protection Act - COPPA in the US) or 16 (as commonly observed under GDPR in the EU, with variations by Member State). Clearly outline any mechanisms used to prevent minors from accessing or registering for the service.

  • No Intentional Collection: Affirm in the strongest possible terms that we do not knowingly collect personal information from children without verifiable parental consent. This commitment underscores a proactive approach to protecting children's privacy. Explain the internal processes and technological safeguards in place to identify and prevent the collection of data from minors. This might include age-gating mechanisms during registration or clear warnings on data input forms.

  • Procedure for Removal: Clearly and concisely outline the straightforward steps that parents or legal guardians can take if they believe their child has inadvertently provided us with personal data. This procedure should be easily accessible and user-friendly. Detail:

    • Contact Information: Provide dedicated contact information (e.g., specific email address, phone number, or online form) for parental inquiries regarding children's data.

    • Verification Process: Explain the process for verifying the identity of the parent or guardian to ensure the request is legitimate and to protect the child's data from unauthorized deletion.

    • Prompt Removal: Guarantee that upon successful verification, we will promptly and securely remove all personal data associated with the child from our systems and any third-party processors' systems.

    • Confirmation: Offer to provide confirmation to the parent or guardian once the data has been successfully removed.

    • No Further Contact: Assure parents that once data is removed, no further contact will be initiated with the child.

13. Your Responsibilities

 

This section serves to clearly articulate the client's obligations and responsibilities regarding data privacy when utilizing ODMS Retail's services, particularly concerning the customer data they upload, manage, or process through our platforms. It establishes a shared understanding of roles and accountabilities in maintaining a robust privacy posture.

  • Client Data Compliance: Emphasize, in detail, that clients bear primary responsibility for ensuring that their own data collection, usage, storage, and processing practices, especially pertaining to their customers' personal data, strictly comply with all applicable privacy laws and regulations. This includes, but is not limited to, obtaining necessary consents, providing appropriate privacy notices, and adhering to data subject rights (e.g., access, rectification, erasure). Clients must understand that while ODMS Retail provides a secure platform, the ultimate responsibility for the legality and ethicality of their data handling lies with them.

  • Data Accuracy: Explicitly state that clients are solely responsible for the accuracy, completeness, quality, and legality of any data they provide to ODMS Retail for processing. This means clients must ensure that the personal data they input into our systems is up-to-date, free from errors, and has been collected in a lawful manner. ODMS Retail relies on the integrity of the data provided by clients to deliver its services effectively and in compliance with privacy regulations. Clients should have internal processes for data validation and rectification.

  • Consent Management: If ODMS Retail processes customer data on behalf of clients (e.g., for marketing campaigns, analytics, or order fulfillment), this section should unequivocally clarify the client's responsibility for obtaining and managing necessary consents from their end-users or customers. This includes:

    • Valid Consent: Ensuring that any consent obtained is freely given, specific, informed, and unambiguous, as required by regulations like GDPR.

    • Record Keeping: Maintaining accurate and verifiable records of all consents obtained, including the date, method, and scope of consent, to demonstrate compliance.

    • Withdrawal of Consent: Providing mechanisms for individuals to easily withdraw their consent at any time and ensuring that such withdrawals are promptly honored across all processing activities.

    • Clear Communication: Ensuring that their own privacy policies and notices clearly inform their customers about how their data will be processed by third-party service providers like ODMS Retail.

  • Security of Credentials: Strongly advise and educate clients on their paramount responsibility for maintaining the confidentiality and security of their account credentials (e.g., usernames, passwords, API keys). This includes, but is not limited to:

    • Strong Passwords: Recommending the use of strong, unique passwords and advising against sharing credentials.

    • Multi-Factor Authentication (MFA): Encouraging and, where available, requiring the use of multi-factor authentication to add an extra layer of security.

    • Regular Password Changes: Suggesting periodic password changes.

    • Monitoring Account Activity: Advising clients to regularly review their account activity logs for any suspicious or unauthorized access.

    • Prompt Reporting: Instructing clients to promptly report any suspected unauthorized access or compromise of their credentials to ODMS Retail's support team. Clients will be held responsible for all activities that occur under their accounts due to their failure to adequately secure their credentials.

Accessibility adjustments on this site

bottom of page