Privacy Policy

1. Introduction

Desinno Soft FZCO ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.desinno.com or use our services.

This Privacy Policy is designed to comply with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and other applicable data protection laws and regulations.

By using our website or services, you consent to the data practices described in this policy. If you do not agree with this Privacy Policy, please do not use our website or services.

2. Data We Collect

We collect various types of information in connection with the services we provide, including:

2.1 Contact Information

• Full name
• Email address
• Phone number
• Mailing address
• Company name and position

2.2 Account Details

• Username and password
• Account preferences and settings
• Profile information

2.3 Payment Information

• Billing address
• Payment method details (processed securely through third-party payment processors such as Stripe)
• Transaction history

Note: We do not directly store complete credit card numbers or sensitive payment information on our servers.

2.4 Technical Data

• IP address
• Browser type and version
• Device information (type, operating system, unique device identifiers)
• Pages visited and navigation patterns
• Time and date of visits
• Referring website information
• Cookies and similar tracking technologies data

2.5 Voluntarily Provided Information

• Information you provide through contact forms
• Customer support communications
• Survey responses and feedback
• Project requirements and specifications

3. Purpose of Processing

We process your personal data for the following purposes:

• Providing and Improving Services: To deliver, maintain, and enhance our cloud solutions, software development, and consulting services
• Customer Communication and Support: To respond to your inquiries, provide technical support, and communicate about your projects
• Processing Payments and Transactions: To process orders, manage subscriptions, and handle billing
• Compliance with Legal and Regulatory Obligations: To comply with UAE laws, tax regulations, and legal requirements
• Marketing Communications: To send you promotional materials, newsletters, and updates about our services (only with your consent)
• Website Security and Fraud Prevention: To protect against unauthorized access, security threats, and fraudulent activities
• Analytics and Performance Monitoring: To analyze website usage, measure service performance, and improve user experience
• Business Operations: To manage our business operations, maintain records, and conduct internal research

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you have given us explicit consent to process your personal data for specific purposes (e.g., marketing communications)
• Performance of a Contract: When processing is necessary to fulfill our contractual obligations to you or to take steps at your request before entering into a contract
• Legal Obligations: When we are required to process your data to comply with UAE laws, regulations, or legal processes
• Legitimate Business Interests: When processing is necessary for our legitimate business interests, such as improving our services, preventing fraud, or maintaining security, provided these interests are not overridden by your data protection rights

5. Data Storage & Retention

Storage Location: Your personal data is stored on secure servers located in the UAE and/or with trusted cloud service providers (such as Microsoft Azure) that maintain appropriate security standards.

Retention Period: We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention periods include:

• Customer account information: For the duration of your account plus 7 years after account closure
• Transaction records: 7 years from the date of transaction (as required by UAE commercial laws)
• Marketing consent records: Until consent is withdrawn, then 1 year
• Technical logs: 12 months from collection
• Customer support communications: 3 years from last contact

After the retention period expires, we will securely delete or anonymize your personal data.

6. Data Sharing

We do not sell your personal data to third parties.

We may share your personal data with the following categories of recipients:

6.1 Government Authorities

When required by law or in response to valid legal processes, we may disclose your information to UAE government authorities, regulatory bodies, or law enforcement agencies.

6.2 Payment Processors

We work with secure third-party payment processors (such as Stripe) to handle payment transactions. These processors have access to payment information necessary to process your transactions and are bound by strict confidentiality and security obligations.

6.3 Professional Advisors

We may share your information with legal counsel, accountants, auditors, and other professional advisors who are bound by confidentiality obligations.

6.4 IT and Hosting Providers

We work with trusted IT service providers, hosting companies, and cloud service providers (such as Microsoft Azure) to store and process your data. These providers are contractually obligated to maintain the confidentiality and security of your information.

6.5 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred to the successor entity, subject to the same privacy protections outlined in this policy.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the UAE, including our Germany office or through our cloud service providers.

When we transfer your personal data internationally, we ensure adequate protection measures are in place in accordance with the UAE PDPL, including:

• Transferring data to countries with adequate data protection laws recognized by UAE authorities
• Implementing standard contractual clauses approved by relevant authorities
• Ensuring our service providers maintain appropriate security and privacy safeguards
• Obtaining your explicit consent where required

8. Your Rights

Under the UAE PDPL and applicable data protection laws, you have the following rights regarding your personal data:

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website, analyze traffic patterns, and gather demographic information about our user base.

Types of cookies we use:

• Essential Cookies: Required for the website to function properly
• Analytics Cookies: Help us understand how visitors interact with our website
• Functional Cookies: Enable enhanced functionality and personalization
• Marketing Cookies: Used to deliver relevant advertisements (with your consent)

You can control and manage cookies through your browser settings. However, disabling certain cookies may affect the functionality of our website.

For more detailed information about our use of cookies, please see our Cookie Policy.

10. Security Measures

We implement comprehensive technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, loss, or destruction. These measures include:

• Encryption of data in transit and at rest using industry-standard protocols (SSL/TLS, AES-256)
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection and security best practices
• Regular backups and disaster recovery procedures
• Network security measures including firewalls and intrusion detection systems
• Secure development practices and code reviews

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but remain committed to protecting your data to the best of our ability.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately, and we will take steps to delete such information.

12. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email (if you have provided your email address)
• Post a prominent notice on our website
• Obtain your consent where required by law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: