Terms of Service

Effective date: 30.03.2026

These Terms of Service govern access to and use of the OAsset website, web application, mobile applications, and related services operated by Optimiraj d.o.o. ("OAsset", "we", "us", "our").

1. Scope

OAsset provides software for asset management, work order management, related documentation, QR/barcode access, visual asset context, and related maintenance workflows.

By creating an account, accessing the Service, or using the Service on behalf of an organization, you agree to these Terms.

2. Eligibility and Accounts

You must be legally able to enter into these Terms.

You are responsible for:

keeping your login credentials secure

using the Service only for authorized business purposes

ensuring that account information is accurate and up to date

all activity carried out through your account or your organization's accounts

If you use OAsset on behalf of an organization, that organization is responsible for the acts of its users and administrators.

3. Customer Data

You or your organization may upload or create data in the Service, including account details, asset records, work orders, files, comments, reports, and other operational content ("Customer Data").

You retain all rights in Customer Data. You grant OAsset the limited rights needed to host, process, transmit, secure, back up, index, and display Customer Data solely to provide and support the Service.

You must have a valid legal basis for any personal data you upload to the Service.

You must not use OAsset to store or process unlawful content, malware, or sensitive categories of personal data unless explicitly agreed by us in writing.

4. Acceptable Use

You must not:

access or use the Service unlawfully

interfere with the security, integrity, or availability of the Service

attempt unauthorized access to any account, data, system, or network

reverse engineer, copy, resell, or misuse the Service except as permitted by law

use the Service to infringe the rights of others

We may suspend access where reasonably necessary to protect the Service, other users, or legal compliance.

5. Availability and Changes

We may update, maintain, improve, or modify the Service from time to time.

We do not guarantee uninterrupted or error-free availability. Temporary downtime may occur due to maintenance, updates, incidents, third-party outages, or events outside our reasonable control.

6. Third-Party Services

OAsset relies on third-party infrastructure and service providers, including providers for hosting, authentication, database services, search, network delivery, and transactional email. Their services are subject to their own technical and legal terms.

7. Fees and Billing

Paid plans, if applicable, are billed under the pricing, order form, or subscription terms presented at the time of purchase.

Unless stated otherwise:

fees are exclusive of taxes

subscriptions renew for the agreed billing period

unpaid amounts may result in suspension or termination

8. Intellectual Property

The Service, including its software, design, branding, text, graphics, and non-customer content, is owned by OAsset or its licensors and is protected by applicable intellectual property laws.

These Terms do not transfer ownership of the Service or any OAsset intellectual property to you.

9. Termination

You may stop using the Service at any time.

We may suspend or terminate access if:

these Terms are breached

payment obligations are not met

use of the Service creates security, legal, or operational risk

we are required to do so by law

On termination, your right to use the Service ends. We may delete or anonymize Customer Data in line with our retention practices, except where we must retain it for legal, security, or backup reasons.

10. Warranties and Liability

The Service is provided on an "as available" basis, except where applicable law requires otherwise.

To the maximum extent permitted by law, OAsset is not liable for indirect, incidental, special, consequential, or loss-of-profit damages.

To the maximum extent permitted by law, OAsset's total aggregate liability arising out of or relating to the Service is limited to the amount paid by you or your organization to OAsset for the Service during the 12 months preceding the event giving rise to the claim. If no fees were paid, liability is limited to EUR 100.

Nothing in these Terms excludes liability that cannot be excluded under applicable law.

11. Privacy

Our Privacy Policy explains how we process personal data in connection with the website, app, accounts, and related services.

12. Governing Law

These Terms are governed by the laws of Slovenia, unless mandatory law requires otherwise.

The courts of Slovenia have jurisdiction, unless mandatory law requires otherwise.

13. Contact

Optimiraj d.o.o.

Privacy Policy

Effective date: 30.03.2026

This Privacy Policy applies to the OAsset website, web application, mobile applications, and related services.

1. Controller

The data controller for personal data described in this Privacy Policy is:

Optimiraj d.o.o.

2. What this Policy Covers

This Policy covers:

visitors to our website

account holders and app users

customer representatives, administrators, and support contacts

personal data included in normal use of the Service

This Policy does not cover third-party sites, app stores, or services that have their own privacy notices.

3. Personal Data We Process

Depending on how you use OAsset, we may process:

account and profile data, such as name, email address, role, organization, login details, and permissions

operational data, such as assets, work orders, procedures, comments, attachments, reports, and related records created in the Service

technical and device data, such as IP address, browser type, device type, app version, system logs, and security events

communication data, such as support requests, emails, and service-related notices

billing and administrative data, if relevant to the subscription relationship

website request data needed to deliver, secure, and operate the website

We do not use customer data for advertising purposes. We process data only to operate, secure, support, and improve OAsset for its intended business use.

4. Purposes and Legal Bases

We process personal data for the following purposes and legal bases:

To provide the Service

This includes account creation, authentication, access control, asset and work order functionality, search, reporting, file handling, and service communications.

Legal basis: performance of a contract or steps prior to entering into a contract.

To secure, maintain, and improve the Service

This includes monitoring, troubleshooting, backups, abuse prevention, performance, reliability, and product improvement.

Legal basis: legitimate interests in running a secure and reliable service.

To comply with legal obligations

This includes accounting, tax, legal claims, audit, fraud prevention, and responding to lawful requests.

Legal basis: compliance with legal obligations.

To send service and transactional messages

This includes login, account, system, report delivery, and support-related emails.

Legal basis: contract performance or legitimate interests, depending on the message.

To use non-essential cookies or similar technologies, if ever enabled

We would rely on consent where legally required.

Legal basis: consent.

5. Roles: When We Act as Controller and When We Act on Instructions

For account management, billing, support, security, website operation, and our direct relationship with customers, OAsset acts as a controller.

Where an organization uses OAsset to manage work orders, assets, comments, attachments, and related operational records about its own users or staff, that organization is typically the controller of that Customer Data, and OAsset acts as its processor or service provider for that data.

If your account is managed by your employer or another organization, requests relating to Customer Data should usually be directed to that organization first.

6. Recipients and Processors

We may share personal data with service providers acting on our behalf, including:

Google Firebase / Google Cloud for authentication, database, storage, and related infrastructure

Algolia for search and indexing

Cloudflare for DNS, CDN, network security, and edge delivery

Amazon Web Services / Amazon SES for infrastructure and transactional email where applicable

These providers process data under their applicable contractual and data processing terms. Firebase states Google is generally a processor for Firebase customer data under GDPR. Cloudflare, AWS, and Algolia publish DPAs and related transfer terms for customer data processing.

We may also disclose personal data:

to professional advisers where necessary

to competent authorities where required by law

in connection with a merger, acquisition, financing, or asset sale, subject to confidentiality and applicable law

We do not sell personal data.

7. International Transfers

Some of our providers may process personal data outside the EEA.

Where that happens, we rely on lawful transfer mechanisms under Chapter V GDPR, such as adequacy decisions or Standard Contractual Clauses and related safeguards, as applicable.

8. Data Retention

We keep personal data only for as long as necessary for the purposes described in this Policy, including to provide the Service, maintain security, comply with legal obligations, resolve disputes, and enforce agreements.

In practice:

account and subscription data are kept while the account is active and for a reasonable period after closure

Customer Data is kept according to the customer relationship and deletion instructions, subject to limited backup and legal retention needs

logs and security data are retained for limited periods appropriate to security, troubleshooting, and compliance

invoices and legally required records are kept for the period required by applicable law

If data is no longer needed, we delete it or anonymize it.

9. Data Subject Rights

Where GDPR applies, you may have the right to:

access your personal data

rectify inaccurate data

erase data in certain cases

restrict processing in certain cases

object to certain processing

receive data portability where applicable

withdraw consent where processing relies on consent

lodge a complaint with your supervisory authority

To exercise rights, contact info@oasset.app.

If your request concerns Customer Data controlled by your organization, we may direct you to that organization or assist it in responding.

10. Security

We use appropriate technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, and disclosure.

We maintain information security and quality management certifications, including ISO 27001 and ISO 9001, as part of our operational controls.

11. Cookies and Similar Technologies

We do not use analytics, advertising, or tracking cookies on our website.

We may use strictly necessary cookies, local storage, or similar technologies required for:

login and session management

security and fraud prevention

load balancing and network delivery

core website or app functionality

If we later introduce non-essential cookies or tracking technologies, we will update this Policy and obtain consent where required by law. Under EU ePrivacy rules, consent is generally required for non-essential cookies, while strictly necessary storage/access can be used for core service functionality.

12. Children

OAsset is intended for business and professional use. It is not directed to children.

13. Changes to this Policy

We may update this Privacy Policy from time to time. The updated version will be posted with a revised effective date.

14. Contact

For privacy questions or requests, contact:

Optimiraj d.o.o.

If you are in the EEA, you also have the right to contact your local data protection authority.