GDPR Compliance

OmegaEngine follows GDPR principles for data minimization, purpose limitation, lawful processing, and user rights. OmegaEngine acts as a processor for Customer Data.

1. Processor Obligations

• • Only process data according to documented customer instructions
• • No secondary use (no training on customer data)
• • Encryption at rest & in transit
• • Logging segregation per tenant

2. Lawful Basis

Customers must supply the lawful basis for inputs:

• • Contract performance
• • Legitimate interest
• • Consent

3. Data Subject Rights

• • Access requests (via logs & retention settings)
• • Correction
• • Deletion
• • Restriction of processing

4. International Transfers

OmegaEngine uses EU Standard Contractual Clauses (SCCs) where required.