Omni← Back to home

Security & Incident Response

Omni is operated by a single founder and uses third-party infrastructure (Vercel, Supabase, LemonSqueezy, Anthropic, OpenAI, Google) for hosting, database, payments, and AI processing. This page describes how security incidents and service disruptions are handled.

Reporting an incident

If you discover a security vulnerability, data exposure, or unexpected behavior that could affect other users, please report it to hello@askomni.app.

Include in your report:

Do not publicly disclose vulnerabilities before we have had a reasonable opportunity to address them.

Response timeline

Omni is operated alongside a full-time job. Response times reflect this:

We prioritize incidents that affect user data, authentication, payment processing, or service availability.

Service disruptions

Omni depends on multiple third-party services. When one of these is degraded or unavailable, Omni may return errors, slow responses, or partial cascade results. We monitor service health continuously and post status updates on incidents that affect users.

Data breaches

In the event of a confirmed data breach affecting personal data, affected users will be notified by email within 72 hours of confirmation, in line with GDPR Article 33 requirements. Notification will include:

We will also notify the relevant supervisory authority (the Dutch Autoriteit Persoonsgegevens) within the same timeframe.

What we do not protect against

Contact

Security and incident reports: hello@askomni.app

Last updated: 2026-05-26