Security and Data Breach Notice

Effective Date: March 25, 2026

OmniRouters uses reasonable administrative, technical, and organizational measures to protect the platform, accounts, API keys, payment information, and personal information. This page summarizes our security approach and how we handle data security incidents.

1. Security Governance

We assess and improve security controls based on business scale, data sensitivity, access scenarios, technical complexity, and real-world risk. Our objectives include:

• reducing the risk of unauthorized access, leakage, loss, tampering, or misuse
• preserving platform stability, availability, and traceability
• meeting applicable legal, regulatory, and contractual obligations

2. Key Security Measures

Our measures typically include:

• account and access management, including role separation, approvals, and access review
• encrypted transmission and controlled handling of credentials, keys, and tokens
• logs and audit records for billing, operations, access, and security investigations
• vulnerability monitoring, patching, change review, and remediation workflows
• backup, recovery, and continuity measures for critical systems and data
• vendor review and contractual controls for infrastructure, payment, model, and support providers
• data minimization, retention management, and deletion or anonymization where appropriate

3. Data Breach Handling

If a personal data or critical business data incident is suspected or confirmed, we generally follow a response process that includes:

1. gathering facts and identifying affected systems, data categories, and scope
2. containing the issue through isolation, key rotation, access restriction, or other safeguards
3. assessing the likely harm to users, customers, partners, and platform operations
4. deciding whether notifications to affected users, partners, processors, payment providers, or regulators are appropriate
5. documenting the incident, implementing fixes, and improving controls

4. Notification Principles

Where we determine that a security incident may create a real risk of harm, we may notify affected users, business customers, relevant service providers, or regulators as appropriate, taking into account applicable law, contractual obligations, investigation needs, and operational realities.

Notifications may include:

• a summary of the incident and affected period
• the categories of data involved
• steps already taken to contain and remediate the issue
• recommended actions for affected users
• follow-up communication channels

5. Your Responsibilities

To help reduce risk, you should:

• keep passwords, API keys, access tokens, and payment credentials secure
• grant access only to authorized personnel
• avoid exposing sensitive credentials in public repositories, screenshots, tickets, or chats
• notify us promptly if you detect suspicious activity, credential compromise, or account misuse

6. Contact

If you discover a security issue, suspect a data breach, or detect unusual account activity, please contact:

• Support: support@omnirouters.com
• Business: business@omnirouters.com