Privacy Policy

Last updated: May 4, 2026

1. Introduction

This Privacy Policy explains how Ominies (“Ominies,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information when you use the Ominies mobile application or visit our website at ominies.com(together, the “Service”). The Service is operated by an individual sole proprietor based in the Arab Republic of Egypt. You can reach us at support@ominies.com. This policy is effective as of May 4, 2026.

2. Information We Collect

Information you provide

  • Account profile. When you sign in with Apple or Google, we receive your email address, your name, and (where available) your avatar URL, which we store in your Ominies profile.
  • Ratings and comments. If you rate a dish, we store your numeric rating (0–100) and any optional comment text you submit.
  • Favorites and notes. If you favorite a restaurant or dish, we store that association along with any optional private note you add.
  • Support messages. If you email support@ominies.com, we keep the contents of your message and our reply for as long as needed to handle your request.

Information collected automatically

  • Hashed device identifier. We compute a one-way SHA-256 hash of a per-app device identifier provided by the operating system (Android ID on Android, identifier-for-vendor on iOS) and use the hash to enforce free-tier usage limits and prevent abuse. We never store the raw identifier.
  • Platform. Whether you are using the iOS or Android version of the app.
  • Approximate location. If you grant location permission, the app sends your approximate latitude and longitude to our backend so we can find restaurants near you. We do not store your location against your profile after the search.
  • Search activity. When you look up a restaurant we record which restaurant you searched, when, and which dishes the search returned, so we can show your search history and apply usage limits.
  • Diagnostic data. If the app crashes or hits an error, we collect a stack trace, an error context tag, and your Ominies user identifier through Firebase Crashlytics so we can diagnose and fix the issue.
  • Product analytics. We log pseudonymous, event-level usage analytics through Firebase Analytics (for example: which screens you visited, when you started or completed a search, when a paywall was shown). These events do not include the text of your searches, comments, or notes.

Information from third parties

  • Subscription status. When you purchase Ominies Pro, Apple or Google notifies our subscription provider (RevenueCat) of the purchase, renewal, cancellation, or expiration. We receive your subscription state, the product purchased, and the store of origin. We do not receive your full credit-card or payment-method details.
  • OAuth identity. When you sign in, Apple or Google passes us the basic identity information described above.

3. How We Use Information

We use the information we collect to:

  • Provide, maintain, and operate the Service.
  • Authenticate you, manage your account, and keep the Service secure.
  • Search for restaurants near you and return dish information.
  • Enforce free-tier usage limits and prevent abuse, fraud, and misuse of the Service.
  • Combine your dish ratings, on an aggregated basis, into a dish’s overall score.
  • Bill, deliver, and support paid subscriptions (through Apple, Google, and RevenueCat).
  • Diagnose crashes, monitor performance, and improve the Service through pseudonymous analytics.
  • Respond to your support requests and other communications.
  • Comply with legal obligations and enforce our Terms of Use.

4. Legal Bases (EEA / UK Users)

If you are in the European Economic Area or the United Kingdom, we process your personal information under the following GDPR / UK GDPR legal bases:

  • Performance of a contract– to provide the Service to you, manage your account, and deliver paid subscriptions.
  • Legitimate interests – to keep the Service secure, prevent abuse of free limits, diagnose errors, and analyze pseudonymous product usage. We balance our interests against your rights and freedoms.
  • Consent– to access your approximate device location. You can withdraw consent at any time in your device’s system settings.
  • Legal obligation – to comply with applicable laws and respond to lawful requests.

5. Service Providers

We work with a limited number of carefully selected third-party service providers who help us operate the Service. They act on our instructions and only receive the information they need to perform their function. We do not allow them to use your information for their own purposes.

Our service providers fall into the following categories:

  • Hosting, authentication, and database providers that run our backend and store your account information.
  • Mobile app stores and a subscription-management partner that sell, deliver, and manage paid subscriptions.
  • Mapping and restaurant-information providers that help us find places and aggregate publicly available reviews.
  • Automated content-processing tools that read publicly available review text and produce dish information for you.
  • Analytics and crash-diagnostics tools that help us understand pseudonymous usage of the Service and fix errors.
  • Operational infrastructure that helps us enforce usage limits and protect against abuse.

These providers may operate from countries outside your own, including the United States and the European Union. We may add, remove, or change providers from time to time. You can request the current list of our providers at any time by emailing support@ominies.com.

We do not sell your personal information, and we do not share it with advertising networks or data brokers.

6. International Transfers

Ominies operates from Egypt, and our sub-processors operate from various countries, including the United States and the European Union. When we transfer personal information about users in the European Economic Area or the United Kingdom to a country that has not been recognized as providing an adequate level of protection, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses (and the UK addendum where applicable) put in place by our sub-processors.

7. Data Retention

We keep your account information, search history, ratings, comments, and favorites for as long as your Ominies account is active.

When you delete your account, we delete your profile, your search history, your ratings and comments, and your favorites within twenty-four (24) hours. To prevent abuse of free-tier limits through repeated re-signups, we keep a small deletion tombstone for up to thirty (30) days that contains only a SHA-256 hash of your email address, SHA-256 hashes of the device identifiers previously associated with your account, and the current calendar month’s usage counters. The tombstone does not identify you and is automatically removed at the end of the retention period.

Your subscription record at RevenueCat is preserved after account deletion so that you can restore your purchase if you install Ominies again with the same Apple or Google account in the future.

Pseudonymous analytics events and crash diagnostics retained by Firebase are kept according to the default Firebase retention period.

8. Your Rights

EEA, UK, and similar jurisdictions

Subject to applicable law, you have the right to (a) access the personal information we hold about you, (b) request correction of inaccurate information, (c) request deletion of your information, (d) restrict or object to certain processing, (e) request portability of information you provided to us, and (f) withdraw any consent you previously gave (such as for location). You can also lodge a complaint with your local data protection authority.

California residents

If you are a California resident, the California Consumer Privacy Act (CCPA / CPRA) gives you the right to know what personal information we collect about you and how we use it, the right to request that we delete or correct your personal information, and the right to opt out of any “sale” or “sharing” of your personal information. We do not sell or share your personal information for cross-context behavioral advertising. We will not discriminate against you for exercising any of these rights.

How to exercise your rights

You can delete your account at any time from the Profile screen in the app. For any other request, email support@ominies.com and we will respond within the timeframe required by applicable law. We may need to verify your identity before acting on your request.

9. Account Deletion

You can delete your Ominies account from the Profile screen in the app. Deletion is processed immediately by our backend and removes your profile, your search history, your ratings and comments, and your favorites. The deletion tombstone described in Section 7 is created at the same time and expires within thirty (30) days.

If you have an active Ominies Pro subscription you must cancel it from your Apple App Store or Google Play account settings before deleting your account. Apple and Google do not allow third parties to cancel store-managed subscriptions on your behalf, so deleting your Ominies account does not by itself stop future subscription renewals.

We retain your subscription record at RevenueCat after deletion so that the Restore Purchases feature continues to work if you reinstall Ominies in the future with the same Apple or Google account.

10. Children’s Privacy

The Service is not directed to children under 13 (or under 16 in the European Economic Area and the United Kingdom). We do not knowingly collect personal information from anyone in those age groups. If you believe a child has given us personal information, please email support@ominies.com and we will delete it.

11. Security

We protect your information using industry-standard measures, including TLS encryption in transit, encryption at rest at our backend provider, restricted access to production data, and one-way hashing of device identifiers. We do not store your account password because we authenticate you only through Sign in with Apple or Google. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

12. Cookies and Tracking on the Website

The website at ominies.com does not set cookies and does not run any analytics or advertising trackers. The mobile app does not rely on browser cookies; the analytics and crash-reporting described above are performed using mobile SDKs, not cookies.

13. Communications

We send only transactional messages necessary to operate the Service, such as authentication emails and account-related notices. We do not send marketing emails and we do not currently send marketing push notifications. If we ever introduce marketing communications, we will update this policy and ask for your consent where required by law.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated policy with a new “Last updated” date and, where appropriate, notify you in the app. Your continued use of the Service after the updated policy takes effect means you accept it.

15. Contact

If you have any questions about this Privacy Policy or how your information is handled, email support@ominies.com.