Privacy Policy

Last Updated: November 2025

1. Introduction

UAE Entertainment & Leisure Analytics Platform ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our analytics platform.

This Privacy Policy complies with the laws of the United Arab Emirates (UAE), including the UAE Federal Law No. 45 of 2021 on the Protection of Personal Data, and international data protection standards including GDPR where applicable.

2. Information We Collect

2.1 Information You Provide

We may collect information that you voluntarily provide to us when you:

  • Contact us through our website
  • Subscribe to our analytics reports
  • Request information about our services
  • Participate in surveys or feedback forms

This information may include:

  • Name and contact information (email address, phone number)
  • Company or organization name
  • Any other information you choose to provide

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and browsing behavior, including:

  • IP address and location data
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website addresses
  • Device identifiers

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect information about your browsing activities. For detailed information about our use of cookies, please refer to our Cookie Policy.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our analytics platform and services
  • Communication: To respond to your inquiries, provide customer support, and send you updates about our services
  • Analytics: To analyze website usage patterns and improve user experience
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Security: To protect against fraud, unauthorized access, and other security threats
  • Marketing: To send you promotional materials and newsletters (with your consent)

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you have given clear consent for us to process your data
  • Legitimate Interests: For our legitimate business interests, such as improving our services
  • Legal Obligation: To comply with legal requirements under UAE law
  • Contract Performance: To fulfill our contractual obligations to you

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our website and conducting our business, subject to confidentiality agreements
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with any merger, acquisition, or sale of assets
  • Protection of Rights: To protect our rights, property, or safety, or that of our users

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication procedures
  • Employee training on data protection

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely delete or anonymize it.

8. Your Rights

Under UAE law and applicable data protection regulations, you have the following rights regarding your personal information:

  • Access: Request access to your personal data
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Objection: Object to processing of your personal data
  • Restriction: Request restriction of processing
  • Data Portability: Request transfer of your data to another service provider
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at [email protected].

9. International Data Transfers

Your information may be transferred to and processed in countries other than the UAE. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

10. Children's Privacy

Our website is not intended for children under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party websites you visit.

12. Google Services

We use Google services, including Google Maps and Google Analytics, which may collect information about your use of our website. For information about how Google collects and uses data, please visit Google's Privacy Policy.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

14. Data Processing Activities

We process personal data for various analytical and operational purposes. Our data processing activities include:

  • Website Analytics: Analyzing visitor behavior, page views, session duration, and user interactions to improve website functionality and user experience
  • Content Personalization: Customizing content and recommendations based on user preferences and browsing history
  • Performance Monitoring: Tracking website performance metrics, loading times, and technical issues
  • Security Monitoring: Detecting and preventing fraudulent activities, unauthorized access attempts, and security breaches
  • Communication Management: Managing email communications, newsletters, and service notifications
  • Research and Development: Conducting research to improve our analytics platform and develop new features

15. Data Minimization and Purpose Limitation

We adhere to the principles of data minimization and purpose limitation:

  • We only collect personal data that is necessary for the specified purposes
  • We do not process personal data for purposes incompatible with those for which it was collected
  • We regularly review and update our data collection practices to ensure we only collect what is necessary
  • We delete or anonymize personal data when it is no longer needed for the original purpose

16. Automated Decision-Making

We may use automated processing and decision-making technologies, including:

  • Content recommendation algorithms based on browsing patterns
  • Automated security threat detection systems
  • Website performance optimization tools

You have the right to request human intervention, express your point of view, and contest any automated decision that significantly affects you.

17. Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will:

  • Notify you without undue delay, where feasible, within 72 hours of becoming aware of the breach
  • Provide clear information about the nature of the breach
  • Describe the likely consequences of the breach
  • Explain the measures we have taken or propose to take to address the breach
  • Notify relevant supervisory authorities in accordance with applicable laws

18. Third-Party Data Processors

We engage third-party service providers who process personal data on our behalf. These processors are contractually bound to:

  • Process personal data only in accordance with our instructions
  • Implement appropriate technical and organizational security measures
  • Maintain confidentiality and not disclose personal data to unauthorized parties
  • Assist us in responding to data subject requests
  • Notify us immediately of any data breaches

Our main third-party processors include:

  • Google Analytics (website analytics)
  • Google Maps (location services)
  • Cloud hosting providers (data storage)
  • Email service providers (communication)

19. Data Subject Rights - Detailed Procedures

19.1 Right of Access

You can request a copy of your personal data we hold. Your request should include:

  • Your full name and contact information
  • Proof of identity (to verify your request)
  • Specific information about the data you wish to access

We will respond within 30 days and provide the information in a commonly used electronic format.

19.2 Right to Rectification

If you believe any personal data we hold is inaccurate or incomplete, you can request correction. We will:

  • Verify the accuracy of the new information
  • Update our records promptly
  • Notify relevant third parties if we have shared the data

19.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data when:

  • The data is no longer necessary for the original purpose
  • You withdraw consent and there is no other legal basis
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • Deletion is required to comply with legal obligations

Note: We may retain certain data if required by law or for legitimate business purposes.

19.4 Right to Data Portability

You can request transfer of your personal data to another service provider. We will provide your data in a structured, commonly used, and machine-readable format (e.g., JSON, CSV).

19.5 Right to Object

You can object to processing of your personal data for:

  • Direct marketing purposes (we will stop immediately)
  • Processing based on legitimate interests (we will assess and respond)
  • Scientific or historical research purposes

20. Complaints and Dispute Resolution

If you have concerns about how we handle your personal data, you can:

  • Contact us directly at [email protected]
  • File a complaint with the UAE Data Protection Authority (when established)
  • Seek legal remedies through the courts of Dubai, United Arab Emirates

We are committed to resolving all complaints promptly and fairly. We will acknowledge your complaint within 5 business days and provide a response within 30 days.

21. Special Categories of Data

We do not intentionally collect special categories of personal data (sensitive data) such as:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Biometric data
  • Health information
  • Sexual orientation

If we inadvertently collect such data, we will delete it immediately unless we have your explicit consent or another legal basis for processing.

22. Data Processing Records

We maintain comprehensive records of our data processing activities, including:

  • Categories of personal data processed
  • Purposes of processing
  • Categories of data subjects
  • Recipients of personal data
  • Data retention periods
  • Security measures implemented

These records are regularly reviewed and updated to ensure compliance with data protection laws.

23. Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities, including:

  • Large-scale processing of personal data
  • Systematic monitoring of publicly accessible areas
  • Processing of special categories of data
  • Automated decision-making with significant effects

DPIAs help us identify and mitigate privacy risks before implementing new processing activities.

24. Cross-Border Data Transfers

When transferring personal data outside the UAE, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by data protection authorities
  • Adequacy decisions recognizing the recipient country's data protection standards
  • Binding corporate rules for intra-group transfers
  • Certification schemes demonstrating compliance

We only transfer data to countries with adequate data protection laws or where appropriate safeguards are implemented.

25. Updates and Version Control

This Privacy Policy may be updated periodically to reflect changes in:

  • Our data processing practices
  • Legal and regulatory requirements
  • Industry standards and best practices
  • Technology and security measures

We maintain a version history of this policy. Previous versions are available upon request. Material changes will be communicated through:

  • Email notifications to registered users
  • Prominent notices on our website
  • Updated "Last Updated" date at the top of this policy

26. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer:
Email: [email protected]
Phone: +971 4 123 4567

General Inquiries:
Email: [email protected]
Address: Dubai Marina, Dubai, United Arab Emirates
PO Box 12345

Response Time: We aim to respond to all inquiries within 5 business days. For complex requests, we may require up to 30 days as permitted by law.