OmniFlow documentation

A clear guide to modules, document relationships, and security principles of the OmniFlow SaaS service. These pages are for anyone who wants to understand the product before or without creating an account; the chapters below explain features from an everyday user perspective. After you sign in, the in-app help adds more operational detail.

OmniFlow is a cloud invoicing, payables and stock application for Czech businesses. OmniFlow is operated by OmniSys s.r.o. You use the service in a browser (SaaS); your company data is stored in the service’s secure infrastructure.

One user account may access multiple companies (e.g. parent and subsidiary, or several trades). Company data is separated; you only see companies you were granted access to. Switch the active company from the sidebar.

Customers and suppliers (contacts) always belong to the active company – they are not shared across all OmniFlow customers globally; each of your companies has its own directory.

The chapters below describe each area from a day-to-day user perspective. After you sign in, the in-app help (menu entry) adds further context.

Users sign in with e-mail and password. After a correct password, mandatory two-factor verification (2FA) follows — by default a 6-digit e-mail code, optionally an Authenticator app in Profile (then no e-mail codes at sign-in). 2FA cannot be disabled entirely. After login, they always work in the context of the active company (and can switch when they have access to multiple companies).

Roles and permissions distribute work across owners, accountants, and other team members. Password and 2FA are personal — each user manages them in Profile; company roles do not control a colleague’s sign-in.

• Owner – full company administration, users, sensitive settings, and selected accounting actions.

• Accountant – documents, payments, exports, and reporting based on assigned permissions.

• Other roles – available actions and menu items depend on role and licence status.

Multiple users can work in the same company at the same time. Each user should have their own credentials for security and traceability.

In SaaS mode, multiple companies can be grouped under one customer account (subscription with OmniFlow) with central licensing and limits according to your plan.

The issued invoices module handles tax documents for customers. It supports the full lifecycle from draft to payment and related accounting actions.

Typical workflow:

• create a draft,

• issue/send the document,

• track due dates,

• record payment, or process cancellation/correction when needed.

Statuses and transitions are controlled to keep accounting logic consistent:

• Draft → Sent / Cancelled,

• Sent → Paid / Overdue / Cancelled,

• Overdue → Paid / Cancelled,

• Paid → terminal (no content edits; bank match cannot be undone once fully paid),

• Cancelled → terminal status.

Editing can be restricted on issued documents when linked records exist (for example deposit links or corrective documents). The app shows a reason when an action is blocked.

Invoices can be downloaded as PDF, sent by e-mail, and include payment QR (SPD) for quick transfer when the bank account has a Czech IBAN and the document is in CZK; foreign IBANs may not show a QR. Reminder behaviour and templates are managed in company settings.

Where supported, you can export an ISDOC file and generate a delivery note PDF for dispatch logistics—availability depends on document state and configuration.

The customer invoice portal lets customers open a secret link to view documents without logging in; see the dedicated chapter below.

OmniFlow may offer a customer invoice portal on a separate public URL: your customer without an app account can see their issued documents with your company, open an invoice preview, and download PDF; depending on state and version also ISDOC or a delivery note.

From the company side you complete the public path segment in company settings. On a customer contact you generate a personal link (token); you can share it manually or the app can append it to system e-mails per invoicing settings and templates. Regenerating the link invalidates older URLs (including links in already sent e-mails).

From the customer side the UI is simple on a dedicated public portal address; language usually follows the browser. Invalid or revoked links do not reveal the exact reason — the visitor ends at the main app login (anti-enumeration).

A deposit invoice requests advance payment. After payment, VAT payers usually issue a tax document for the received deposit (often referred to as DDPP in the UI workflow).

Deposits can be paid, cancelled (per rules) and followed by a final invoice that applies the deposit. The app enforces consistency of data and numbering according to company settings.

What usually cannot be done without following steps: create a final invoice inconsistent with the tax document date or with an unresolved deposit – the system shows an error. Follow on-screen messages.

Track supplier invoices: attachments, due dates, partial and full payments, statuses. Useful for payables and cash flow. Exports are available (e.g. CSV). Documents always belong to the active company.

When enabled, you can import received invoices from ISDOC (.isdoc / .xml) or from a PDF with embedded ISDOC (PDF/A-3 hybrid) to speed up capture—exact behaviour depends on file quality and settings.

Work with bank transactions (statements or e-mail notifications from supported banks). The app can suggest matches to issued and received documents, support manual pairing, and let you confirm, split or unmatch links so receivables and payables stay aligned with the bank. Features depend on your role, licence and account settings.

After issuing a VAT invoice, corrections use a corrective tax document per VAT rules. The app has a dedicated module and PDF.

You typically cannot simply overwrite an issued invoice once a corrective document exists – accounting reality is handled by the corrective document. Buttons and availability depend on invoice state and version.

Prepare quotes as separate documents, track validity and convert to invoice without re-entering lines. PDF and e-mail similar to invoices.

You can also create a customer order from a quote (or work with orders separately) when your sales process needs a step before invoicing.

Customer orders are separate documents with lines, statuses and PDF output. Create them from a quote or from scratch, send by e-mail, and track them through fulfilment. How they tie into invoicing follows your internal process and the options available in your version.

Contacts are your customer/supplier directory per company. For legal entities enter company ID and load data from the public ARES register. If the service is down or ID is wrong, enter details manually.

Product catalogue with prices and stock levels. Multiple warehouses can be configured when you need separate locations.

Warehouse documents include goods receipts, issues, transfers between warehouses, and inventory count sheets—each with a controlled lifecycle (draft → confirmed, etc.) and PDFs where applicable. Movements also tie to invoice lines for dispatch. Classic stocktaking flow remains available for quick corrections.

Where enabled, serial numbers can be tracked on products and documents.

The dashboard summarises revenue, receivables, payables, top customers, debtors, due alerts and stock value (from company data).

Use global search (when shown in the header) to jump to documents or records quickly. Notifications inform you about relevant events depending on your preferences.

Exports – CSV, ZIP of PDFs, POHODA XML for accountants (if included in your plan). Formats depend on the service version.

In Settings edit company details, logo, numbering series, bank accounts and invoicing defaults. Payment QR (SPD) on documents is generated only for Czech IBAN with document currency CZK; foreign IBAN rows show an on-screen note in bank settings.

You can maintain tags (labels) for organizing documents and records, product categories, warehouses for stock, and notification channels where your role allows.

After the first non-draft issued invoice, company ID often cannot be changed (protects consistency). VAT payer / non-payer transitions may lock fields after certain steps.

E-mail uses SMTP – your company server or OmniFlow system sending. Templates (invoice, reminders, …) can be edited when you have permission.

The owner can add users to the company and set roles (owner, accountant, editor). Colleagues are usually invited by e-mail; the new user completes registration, password and 2FA. Each user should have their own login; sharing one account is discouraged for security.

In multi-company SaaS mode your company may belong to a customer account with a licence (validity, limits on companies or users). After expiry, access may be restricted (licence notice, export rules defined by OmniFlow).

Registration at omniflow.cz creates a user account and initial company; more companies can be added according to permissions and plan. Add colleagues to an existing company via invitation from settings.

The app records selected accounting and security-related events (depending on implementation). Entries help answer “who did what and when”. Retention is defined by OmniFlow according to the service policies.

At OmniSys, data security and product quality are top priorities. We run OmniFlow as a professional SaaS service with continuous maintenance, monitoring, and secure operating practices.

Access and identity

• secure session-based sign-in,

• strict company and customer-account data separation,

• all user operations run in active tenant context.

Account protection

• one-way password hashing (bcrypt),

• CSRF protection on state-changing requests,

• login attempt limits to reduce automated abuse,

• mandatory two-factor sign-in (2FA) — e-mail code or Authenticator; TOTP secrets and backup codes stored securely (encryption, one-time recovery codes).

Credential recovery

• password change/reset via time-limited links,

• optional session invalidation after sensitive security events.

Operational security

• HTTPS transport,

• regular infrastructure/dependency patching,

• monitoring and logs used for timely incident response.

Security detail note: internal control parameters are intentionally not published publicly to avoid helping attackers.

How do I switch documentation language?

Use the CS/EN switch in the header of the documentation page.

Why do different users see different actions?

Feature visibility and available actions depend on user role and licence state.

Can one account manage multiple companies?

Yes. A single account can access multiple companies and switch active context.

Where can I find privacy and data processing information?

On the Privacy page (`/privacy`).

How do backups and data restore work?

We keep daily backups with a 30-day retention window. Data restore is available for a fee to a selected date within the available backup window.

Do you publish internal security configuration details?

No. Public documentation covers principles, not internal protection parameters.

Links: Privacy policy — in the app at /privacy or https://omniflow.cz/en/privacy. Terms of service: https://omniflow.cz/en/vop. Legal overview: https://omniflow.cz/en/legal.

This documentation is not legal advice. For tax and legal conclusions consult a professional.