Privacy Policy

1.1 This Privacy Policy ("Policy") outlines the principles and practices governing the collection, processing, and security of personal data collected on the Website. It is designed to protect the rights and freedom of individuals in compliance with applicable laws and regulations.

1.2 This Policy is relevant to the personal data we gather on our Website. Where this Policy refers to “we”, “us” and “our” we mean Team F5 FZE, a limited liability company formally registered with Dubai World Trade Center Authority under License No. L-2638 (the “Company”), and where this Policy refers to “you” and “your” we mean the user of the Website.

2.1 This Policy has been developed in accordance with the federal laws of the United Arab Emirates, including the Federal Decree-Law No. 45 of 2021 Concerning the Protection of Personal Data and other relevant regulations (the "UAE Laws"). This Policy ensures the safeguarding of individual rights, including privacy, personal and family confidentiality, and data security.

2.2 The Policy serves as a public document, ensuring transparency in our data processing activities.

2.3 Users may browse the Website without providing personal information unless required for specific transactions or services.

2.4 We collect personal data to enhance customer experience, improve service delivery, and inform users about new offerings and events. Additionally, we may combine personal data with information from other sources to prevent fraud or detect security risks.

2.5 We may collect and process the following types of personal data (“Personal Data”):

• Personal Information: name, email address, phone number, and other contact details
• Technical Data: IP address, browser type, device information, and Website usage details
• Transactional Data: records of your interactions with our Website
• Cookies and Tracking Technologies: to improve user experience and analyze Website performance

2.6 We do not sell, rent, or trade customer information with third-party organizations. Collected data is used solely for order processing, service customization, and customer communication.

3.1 Personal Data refers to any information relating to an identified or identifiable individual ("Data Subject").
This may include, but is not limited to:

• Full name
• Gender
• Date of birth
• Contact details (e.g., email, phone number)
• Identification document details (e.g., passport or Emirates ID number)
• Employment details (e.g., position, company name)
• Technical data (e.g., IP address, device details, geolocation data);
• Information received from third-party services, such as Kommo, including user ID, domain, language, time zone, email address.

3.2 Processing of Personal Data includes any operation or set of operations performed with or without automation, such as collection, recording, storage, use, transfer, anonymization, or deletion of Personal Data.

Personal Data is processed for the following purposes:

• Execution of contractual obligations
• Provision of products and services
• Communication with clients and business partners
• Compliance with legal and regulatory requirements
• Debt collection and enforcement of contractual rights
• Marketing and customer engagement, subject to consent
• Internal operational and security management

The Company is committed to ensuring data security and compliance with UAE Laws. The Company adheres to the following principles:

• Lawfulness, fairness and transparency.
• Purpose limitation, ensuring data is collected and processed for specified legitimate purposes.
• Data minimization, ensuring only necessary data is processed.
• Accuracy and relevance of collected data.
• Implementation of appropriate security measures to protect personal data.
• Ongoing training of personnel on data protection practices.

6.1 The Company recognizes the importance and value of personal information and is committed to upholding constitutional rights pertaining to individuals and citizens. Accordingly, the Company ensures the secure and reliable protection of Personal Data belonging to Data Subjects.

6.2 The Company defines the security of Personal Data as safeguarding it from unauthorized or accidental access, destruction, modification, obstruction, duplication, disclosure, or distribution, as well as any other unlawful actions involving Personal Data.

6.3 The Company implements necessary legal, organizational, and technical measures to ensure the protection of Personal Data.

6.4 The processing and protection of Personal Data are carried out in strict compliance with UAE laws.

6.5 When processing Personal Data, the Company adheres to the following principles:

• Personal Data shall be processed lawfully and fairly.
• Personal Data shall not be disclosed to third parties or disseminated without the Data Subject’s consent, except as permitted by UAE laws.
• The Company shall define specific, legitimate purposes prior to collecting or processing Personal Data.
• The collection of Personal Data shall be limited to what is necessary and sufficient for the specified purposes.
• The processing of Personal Data shall be restricted to achieving pre-defined and lawful objectives.
• Personal Data shall be either deleted or anonymized upon fulfillment of its processing purposes or when such purposes are no longer relevant.

6.6 With the Data Subject’s consent, the Company may delegate the processing of Personal Data to a third party on the basis of a contract concluded with such parties.

6.7 In cases specified by the UAE laws, the Company may transfer Personal Data without requiring the Data Subject’s consent.

6.8 Persons processing Personal Data on behalf of the Company must comply with the UAE Laws. The specific actions and objectives for processing Personal Data shall be defined for each processor. Additionally, such persons must maintain confidentiality, ensure data security, and adhere to all protection requirements applicable to the processing of Personal Data.

6.9 The retention period for Personal Data depends on the data type and its processing purpose, as outlined in this Policy. The Company will retain Personal Data only for as long as necessary to fulfill the objectives stated in this Privacy Policy, unless a longer retention period is mandated or permitted by law. If you wish to request the cessation of data usage, please contact us at global@cmdf5.com.

6.10 When the purposes of processing Personal Data are achieved, as well as in case of withdrawal of consent to their processing by the Data Subject, Personal Data shall be destroyed if, Personal Data shall be deleted unless:

• otherwise stipulated in an agreement to which the Data Subject is a party.
• the Company is legally obligated to process the data without the Data Subject’s consent under the UAE Laws or other federal regulations.
• a separate agreement between the Company and the Data Subject provides for a different retention arrangement.

6.11 App’s use and transfer to any other app of information received from Google Accounts will comply with Google API Services User Data Policy, including the Limited Use requirements.

6.12 We explicitly affirm that Google Workspace APIs are not used to develop, improve, or train generalized/non-personalized AI and/or ML models.

7.1 Personal Data may be shared with third parties, including service providers and regulatory authorities, where necessary to fulfill legal and contractual obligations.

7.2 Data transfers outside the UAE are conducted in accordance with applicable data protection laws, ensuring adequate protection measures are in place.

7.3 In cases where processing is delegated to a third party, a formal agreement will govern the data processing responsibilities and security measures.

Individuals whose Personal Data is processed by the Company are entitled to the following rights:

• request confirmation of whether their Personal Data is being processed and obtain a copy
• request corrections to inaccurate or incomplete data
• request the deletion of Personal Data when no longer necessary for the original purpose
• object to data processing under certain conditions
• request transfer of Personal Data to another entity in a structured format
• withdraw consent at any time where processing is based on consent

To exercise these rights, individuals may contact the Company at global@cmdf5.com.

Official requests must include:

• The Data Subject’s full name (or their representatives).
• Proof of the Data Subject’s relationship with the Company or confirmation that their data is being processed.
• The Data Subject’s (or representative’s) signature. Electronic requests must be in an official format and signed with an electronic signature.

The Company implements legal, technical, and organizational measures to protect Personal Data, including:

• Encryption and access controls to prevent unauthorized access
• Regular security audits and risk assessments
• Secure storage and processing systems
• Incident response protocols to address data breaches

Personal Data is retained for the period necessary to fulfill its intended purpose unless a longer retention period is required by UAE law. Once no longer required, data is securely deleted or anonymized.

This Policy complies with UAE Federal Decree-Law No. 45 of 2021 Concerning the Protection of Personal Data and other applicable data protection regulations. The Company reserves the right to update this Policy as required by changes in legal or regulatory requirements. Any changes will be communicated through appropriate channels.

For any inquiries regarding this Privacy Policy or data protection matters, please contact:
Team F5 FZE