Table of Contents
- Introduction.
- The Purpose Or Our Privacy Policy.
- What Data Do We Collect About You?
- By Using Our Site, You Agree To The Following:
- How We Get Your Information.
- How We Use Your Information.
- Disclosure of Your Personal Information.
- Security.
- What About Data That Is Sensitive?
- How Long Will We Keep Your Personal Information?
- International Transfers Of Data.
- The Rights Of Children.
- Cookies And Similar Tracking Technologies.
- Links To Other Websites.
- What are your rights under the law with regards to your personal Data?
- FOR UAE INDIVIDUALS.
- Privacy Policy Updates.
- Contacting us.
INTRODUCTION.
DUKKANTEK DMCC, (hereinafter referred to as the “company”, “dtek,” “we, or “us”) we take the privacy of our users (“user” or “you”) very seriously. This Privacy Policy explains how we collect, use, and disclose your personal information when you use our website, our apps, or our products (SWIFT Automated Checkout, Guide, POS etc.), and related services (hereinafter collectively referred to as the “Services”). By using our Services, you consent to the collection, use, processing, storage, transfer, and disclosure of your personal information as described in this Privacy Policy.
You also affirm that you are at least 18 years old to access the Services and to abide by all applicable laws and regulations in doing so. A parent or guardian may contact us to seek the removal or deletion of personal information provided by a child under the age of consent (as defined by the applicable legislations).
PLEASE READ THIS PRIVACY POLICY CAREFULLY TO GET A BETTER UNDERSTANDING OF HOW WE GATHER, USE, AND DISCLOSE YOUR PERSONAL INFORMATION, SINCE IT IS CRITICAL. IF YOU DISAGREE WITH ANY OF THE TERMS AND CONDITIONS IN THIS PRIVACY POLICY, PLEASE STOP USING OUR SERVICES RIGHT AWAY.
THE PURPOSE OR OUR PRIVACY POLICY.
This Privacy Policy is intended to inform you about the collection, use, and disclosure of information by DUKKANTEK and its affiliates and international branches, if any (collectively, ” DTEK,” “us,” “we,” or “our”) through our owned and controlled online interfaces (including Websites, Apps, and other applications) collectively referred to herein as the “Site“. This Privacy Policy details the rights you have regarding your personal data and how they are protected by the applicable laws including the United Arab Emirates’ (UAE) Personal Data Protection Law, Federal Decree Law No. 45 of 2021 regarding the Protection of Personal Data, which ensures the confidentiality of information and protects the privacy of individuals in the UAE and the EU General Data Protection Regulation (“GDPR”).
If you have questions or issues regarding our Privacy Policy, please email us at reachus@dukkantek.com.
Certain terminology used but not defined in this Privacy Policy are subject to our Terms and Conditions, which also apply to your use of the Site. If you reside or are situated in the European Economic Area (“EEA”), XXXXXX is the data controller of all Personal Data (as defined below) obtained via this Site and of certain Personal Data collected from third parties.
DATA CONTROLLER/PROCESSOR in the EU.
Identity:
Address:
Country:
Email ID:
DATA CONTROLLER/PROCESSOR in the rest of the World.
DUKANTEK DMCC
HDS Business Center,
Jumeirah Lake Towers (JLT),
+971 45-656-723
reachus@dukkantek.com
P.O. BOX 26296 Dubai,
United Arab Emirates (UAE).
WHAT DATA DO WE COLLECT ABOUT YOU?
Any data we collect about you through the Site will be subject to this Privacy Policy. You can use some of our Site’s features without providing any Personal Data, but to use our Services, we do need certain information about you. To access and make use of certain features and services of the Site, we may ask you for or collect “Personal Data” (also known as “personally identifiable information” or “personal information”).
Personal Data.
All information that can be used to determine the identity of a living individual is considered personal data, or personal information. This broad category includes all the types of private information we’ll be discussing in the next sections. Information like a company’s registration number, which cannot be used to identify a single person, is not included. The term “Data Subject” refers to any living individual who can be directly or indirectly recognized thanks to collected or held personal data. A name, number, location, online identifier, or some other identifier that can be used to distinguish one natural person from another based on their physical, physiological, genetic, mental, economic, cultural, or social characteristics is often used for this purpose.
Depending on whether and how you use the Site, we will collect, use, store, and transfer the following categories of personal data about you:
PERSONAL DATA CLASSIFICATION | SPECIFIC EXAMPLES OF PERSONAL INFORMATION |
Personal Information | - first name,
- maiden name,
- last name,
- username or similar identifier,
- title,
- date of birth and gender,
- biometric information, including a visual image of your face,
- national identity cards,
- passports, driving licences or other forms of identification documents.
|
Data on Social Identity | - your group/company data,
- information on referrals related to you,
- political background,
- close connections,
- behavioural data,
- risk assessment,
- compliance assessment.
|
Contact Data | - residence details,
- billing address,
- delivery address,
- home address,
- work address,
- email address and telephone numbers,
- proof of address documentation.
|
Data from Transactions | - details about payments to and from you,
- other details of any transactions you enter into using our Services, the Site.
|
Profile Data | - your username and password,
- your identification number as our user,
- information on whether you have an account with us, and the email associated with your account,
- requests by you for products or services,
- your interests, preferences, and feedback
- other information generated by you when you communicate with us, for example when you address a request to our customer support.
|
Usage Data | - information about how you use the Site, our Services, other applications, and course offerings made available by us to you, including:
- device download time,
- install time,
- interaction type and time,
- event time, name, and source.
|
Data on Marketing and Communications | our preferences in receiving marketing from us or third parties, - your communication preferences,
- your survey responses.
|
Technical Data | - internet connectivity data,
- internet protocol (IP) address,
- operator and carrier data,
- login data,
- browser type and version,
- device type, category, and model,
- time zone setting and location data,
- language data,
- application version and SDK version,
- browser plug-in types and versions,
- operating system and platform,
- diagnostics data such as crash logs and any other data we collect for the purposes of measuring technical diagnostics, and
- other information stored on or available regarding the devices you allow us access to when you visit the Site or our Services.
|
Financial Data | - bank account,
- payment card details,
- virtual currency accounts,
- external account details,
- source of funds and related documentation
|
Personal data in special categories.
You have an extra layer of security for some categories of personally identifiable information according to the law that applies to you. They are known as “special categories” of personal data. These unique subsets are:
- Data that can be used to determine a person’s racial or ethnic background.
- Political viewpoints
- Spiritual or philosophical convictions.
- joining a union to represent workers.
- The goal of processing genetic and biometric data to arrive at a unique identifier for a living person.
- Information pertinent to health.
- Knowledge of a person’s sexual life or orientation.
We will only use sensitive personal information if we have a valid basis for doing so and that purpose falls under one of the categories below.
- You have given your explicit permission.
- Processing is a term for information about you that you have made public on purpose.
- Processing is required to create, exercise, and defend legal claims.
You must provide us with information that is true, complete, and accurate, and you must update us on any changes regarding the information.
BY USING OUR SITE, YOU AGREE TO THE FOLLOWING:
Understand the legal foundations on which the collection and use of your data is based. For example, we may need to use your personal information to:
- Meet our contractual obligations to you (such as fulfilling the Terms of Use of our Site, which you accept by browsing our website, or any other organization that may be providing you with access to the Site);
- Meet our legal requirements; or
- To send you communications or gather specific information from you, or if the applicable local law mandates that we rely on consent.
- Meet our legitimate interests or the legitimate interests of others, which require us to use your personal information. For our own good, we must.
- do research and statistical analysis;
- do marketing and business development;
- run our Site and provide our Services;
- choose appropriately skilled and qualified suppliers/service providers;
- build relationships with partners;
- run, grow, and develop our business.
- use it for internal administrative and auditing purposes.
- HOW WE GET YOUR INFORMATION.
We get information from and about you in many ways, such as:
- Direct Interactions: You can give us your Identity Data, Social Identity Data, Contact Data, Financial Data, Profile Data, and Marketing and Communications Data when you talk to us directly, like when you fill out a form, send us an email, or talk to us in another way. This includes any information about yourself that you give us when you:
- visit our Site;
- apply for our Services;
- create an account, where necessary;
- ask for marketing materials to be sent to you, such as by signing up for our newsletters;
- Enter a contest, promotion, or survey, even through social media;
- Tell us what you think (via feedback/review) or get in touch with us.
- Automated technologies or Interactions: As you interact with us via our Site, we will automatically collect Technical Data about your device, browsing actions, and habits. This private data is gathered with various tracking mechanisms, such as cookies and server logs. Additionally, Transaction Data will be gathered. We may collect Technical Data and Marketing and Communications Data about you when you visit other websites that employ our cookies. The Cookie Policy details our cookie usage in further detail.
- Third parties or publicly available sources: We also obtain information about you from other parties and publicly accessible sources, including Social Identity Data. These sources include:
- fraud and crime prevention agencies,
- a customer referring you,
- public blockchain,
- Internet-accessible public information (websites, articles, social media etc.).
HOW WE USE YOUR INFORMATION.
- Providing the Site and/or Services: We utilize the information you give us to provide the Site and/or Services, including fulfilling your requests for information, products, or services.
- Security and technical support: Your personal information may be used to help you with technical issues and to keep our Services and the Site safe.
- Communications with or from DTEK: To respond to your email or other correspondence and/or as otherwise described in this Privacy Policy, we may use the information you provide. To the extent authorized by law, we may also store your data and use it to contact you in the future. We may keep tabs on your email open rates and clickthrough rates when we send them to you (such as when you open an email or click on a link inside an email). This data is used to refine and personalize the content of our conversations with you.
- Communications with Our Business Partners: In cases where it is permissible under applicable law, we may provide your Personal Data to other business partners so that they may provide you with information about their products and services that may be of interest to you.
DISCLOSURE OF YOUR PERSONAL INFORMATION.
We share your personal information with our third-party service providers, agents, subcontractors, and other related organizations, as well as with our parent company and affiliates, so that they can do things for us and provide you with the Site and/or Services. When you use third-party service providers, they are required to keep your personal information safe and follow the law.
We are permitted to process or share your data based on the following legal grounds:
- We can handle your data if you have given us clear permission to use your personal information for a certain reason. (Consent):
- We can process your data when we have a good reason to believe it will help us reach our legitimate business goals. (Legitimate Business Interests)
- If we have a contract with you, we can use your personal information to carry out the terms of that contract. (Contractual Performance).
- We may give out personal information to comply with the law, government requests, a judicial procedure, a court order, or a legal process, such as a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements). (Legal Obligations)
- We may share your information if we think it’s necessary to investigate, stop, or act about possible policy violations, suspected fraud, situations that could put someone’s safety at risk, or illegal activities, or if it’s needed as evidence in a lawsuit, we’re involved in. (Vital Interests)
We may need to process your data or share your personal information in the following situations:
- Transferring a business: We may share or transfer your information in connection with or during any merger, sale of company assets, financing, or acquisition of all or part of our business by another company.
- Advertisers: When you visit or use the Website, we may show ads from third-party advertising companies. These companies may use information about your visits to our Site and other platforms that they get from web cookies and other tracking technologies to show you ads for services that you might be interested in.
- Affiliates: We may share your information with our affiliates. If we do, we will require them to follow the rules of this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or share control with.
- Third-Party Service Providers: We may share your information with third-party service providers, contractors, or agents who work for us or on our behalf and need access to certain information to do their jobs. Some examples are payment processing, data analysis, email delivery, hosting services, customer service, and marketing. We might let some third parties use tracking technology on the Website to gather information about how you use it over time on our behalf. This information can be used to evaluate and track data, find out how popular certain content, pages, or features are, and learn more about what people do online. WE DON’T SHARE, SELL, RENT, OR LEASE YOUR PERSONAL INFORMATION UNLESS THIS PRIVACY POLICY SAYS OTHERWISE.
DTEK won’t give out personal information to other people unless the law says so. But if the user’s information is to be sent to a third party, the user will be told ahead of time and given the chance to say whether or not he or she agrees with the transfer.
SECURITY.
We value the protection of your Personal Information. We adhere to generally acknowledged industry standards to safeguard your Personal Information both during transmission and once we receive it. Our Services protect your Personal Information with suitable technical and organizational safeguards. The security measures employed are intended to provide a level of protection commensurate with the risk of unauthorized or illegal processing of your Personal Information.
Unfortunately, Personal Information transmission via the internet is not totally safe. We will try our utmost to protect your Personal Information, but we cannot guarantee the security of your Personal Information transmitted via our Services. Any transmission is undertaken at your own peril. After receiving your Personal Information, we shall employ stringent protocols and security measures to prevent unauthorized access. Please note that no website or online service can ever be guaranteed to be completely secure, and you should take reasonable efforts to safeguard your Personal Information (for example, by sharing Personal Information only with operators of websites and other digital platforms that you trust, by keeping any login details secure and confidential and by using antivirus software on your devices etc.).
WHAT ABOUT DATA THAT IS SENSITIVE?
By and large, we do not collect sensitive data as specified in the second paragraph below (also known as special categories inside the EEA) via this website or elsewhere. In the few instances where we may collect such information, we will comply with applicable data privacy laws and/or obtain your consent.
The phrase “sensitive data” refers to the many categories of personal data designated by data privacy legislation as requiring handling, including the need to acquire your explicit approval in some cases. These categories include race or ethnicity, political viewpoints, religious, philosophical, or other similar beliefs, union participation, physical or mental health, biometric or genetic data, sexual life or orientation, and criminal convictions and offenses (including information about suspected criminal activities).
HOW LONG WILL WE KEEP YOUR PERSONAL INFORMATION?
We will only retain your personal information for as long as is required. We maintain records management and retention policies and procedures so that personal information is removed after a reasonable period of time based on the retention criteria outlined below:
- We keep your information if we maintain a relationship with you (if you have an account with us).
- We will only retain the data for as long as your account is active or as long as necessary to provide you with the Services.
- We store your information for as long as necessary to abide by our global legal and commercial commitments.
INTERNATIONAL TRANSFERS OF DATA.
Your Personal Data may be collected, transferred to, and stored by us in the United Arab Emirates (UAE), as well as by our affiliates and third parties in other countries. Your Personal Data may therefore be handled outside of your jurisdiction, including in countries and jurisdictions that may not afford an equivalent degree of protection. However, we have implemented procedures to ensure a sufficient degree of data protection when transferring your Personal Data outside of your country or jurisdiction.
We may do so in the following circumstances:
- for operational, administrative, and compliance purposes by DUKKANTEK’s Affiliates;
- by DTEK and its Affiliates’ sales, business partners, operational or customer support teams in our various locations, as detailed on the Website; and
- By our service providers, for the purposes outlined above under “Sharing Information with Third Parties.”
By agreeing to the collection and use of your personal information, you consent to the transfer and storage of your personal information in this manner and for the mentioned reasons.
The following are the protections that we implement while carrying out such transfers across boundaries:
- Adequacy. Transfers to DTEK Affiliates may be undertaken in accordance with a European Commission adequacy decision.
- Model Clauses. With some of our processors, we apply European Commission-approved standard contractual terms, which are legally binding norms for the processing of personal data by third parties processing information for us and on our behalf.
- Consent. In the absence of an adequacy determination or Model Clauses, and in the absence of any other right to transfer your data, your consent will serve as the legal basis for the transfer. By accessing and using the Website, you acknowledge and understand that your information may be transferred from the European Economic Area (EEA) or other countries from where you may be accessing or using the Website to other jurisdictions beyond your own (including outside the EEA).
THE RIGHTS OF CHILDREN.
Our Site is designed for a wide audience and is not intended for youngsters younger than thirteen (13). In compliance with any legal and regulatory obligations, we do not deliberately collect, use, solicit, or disclose personal information from minors without the prior agreement of their parents. If you are under 18 years of age, you may not use the Site, and/or our Services. We may seek information regarding your age to comply with applicable laws. For instance, we may request your date of birth to determine if we require parental consent from your parent or legal guardian before allowing you access to the Site. Upon learning that Personal Data of persons under the age of 18 have been obtained without verifiable parental consent on our Site, we will take all reasonable measures to delete this information immediately.
COOKIES AND SIMILAR TRACKING TECHNOLOGIES.
DUKKANTEK and its third-party partners, such as advertising and analytics partners, utilize cookies and other tracking technologies (e.g., web beacons, device identifiers, and pixels) to provide functionality and to recognize users across numerous Services and devices. To better serve our users, we use “cookies” to record information about their interactions with our Site, such as the pages they visit, the amount of time they spend on those pages, the presence or absence of error messages, the information they voluntarily provide to help us tailor our service to their needs, and their username and password information to save them time each time they log into the Platform. The sole reason we collect this information is to better serve our customers and the public in the future by learning more about their experiences with our content, courses, and services.
LINKS TO OTHER WEBSITES.
When we think you might be interested, we’ll link you off to a website (a “Third Party Site”) that isn’t run by us. With these Third-Party Sites, we only disclose your Personal Information if we have a valid reason to do so. Therefore, we cannot ensure the security or privacy of any information you submit when you visit such sites, and such sites are not covered by this privacy Policy. The privacy practices of these external websites are not endorsed by or under our control. If you decide to visit one of these Third-Party Sites, it’s important to learn about their data collection and usage practices by reading their privacy policies.
WHAT ARE YOUR RIGHTS UNDER THE LAW WITH REGARDS TO YOUR PERSONAL DATA?
Depending on the laws in your country, you have certain rights when it comes to your Personal Data. If you live in the European Economic Area, the EU General Data Protection Regulation 2016/679 (“GDPR”) applies to your personal information: Depending on the laws in place, these rights could include:
- Subject access requests: (SARs) allow individuals to obtain a copy of their personal data that has been collected and stored by an organization. This way, you can get a copy of the information we have on file about you and verify that we’re following the law while using it.
- Request correction: The information we have about you can and should be updated upon your request. We may need to verify the additional information you supply to us to ensure its accuracy, but this option allows you to have any wrong or incomplete information we have about you updated.
- Make a request to have your record deleted. You have the right to request that we erase or remove your personal information where there is no compelling reason for us to retain it. If you have successfully exercised your right to object to processing (described below), if we may have processed your information unlawfully, or if we are obligated to erase your personal data to accordance with local legislation, you may request that we delete or remove your personal data. Please be aware that there may be circumstances where we are unable to comply with your request of erasure due to legal requirements; in such cases, we will inform you at the time of your request.
- Raise an objection to having your personal information used. By doing so, you can raise an objection to processing when we are relying on a legitimate interest (or those of a third party) and there are reasons to believe that doing so would adversely affect your basic rights and freedoms. If we use your information for direct marketing purposes without your consent, you have the right to protest. We may be able to show that there are significant, overriding legitimate grounds for us to handle your personal data, which outweigh any potential impact on you.
- Make a formal request to have further processing of your data restricted. In the following cases, you can ask us to put a hold on processing your personal data while we figure out what to do next: (a) if you want us to make sure the data is correct; (b) if our use of the data is illegal but you don’t want us to delete it; (c) if you need us to keep processing the data even if we no longer require it because you need it to establish, exercise, or defend legal claims; or (d) if you object to our use
- Demand that your data be sent to you, or another chosen recipient. Your information will be delivered to you, or whoever you designate, in a standard, machine-readable format. Please be aware that this privilege only applies to the automated information for which you initially consented to our usage or if we utilized the information to fulfill a contract with you.
- Stop giving your approval. In cases where your consent is the legal basis for our processing of your personal data, you have the right to withdraw such consent at any time. Even if you later change your mind and decide to withdraw your consent, doing so will not invalidate any processing that occurred prior to your withdrawal. If you revoke your consent, we may be unable to continue providing the services in question. If that’s the case, we’ll let you know at the time you cancel your permission.
If we are acting as a processor with respect to your personal data, we shall notify the relevant controller of your request and cooperate with the controller to ensure your request is met. A charge is typically not required to access your personal information (or to exercise any of your other rights).
FOR UAE INDIVIDUALS.
This section serves to furnish additional disclosures and elucidate the entitlements pertaining to the personal data that you may possess under the jurisdiction of the United Arab Emirates (UAE) as per the Federal Decree-Law No. 45 of 2021, (commonly referred to as the “Personal Data Protection Law”) if you are an individual physically residing in the UAE.
- Controller.
DTEK will process your personal data as “controller” for the purposes and on the legal grounds for processing set out above.
“DTEK” is a brand name of DUKKNTEK DMCC, a limited liability company incorporated under the laws of the United Arab Emirates (UAE). Registered with the Dubai Multi-commodities Centre (DMCC) under License No.: DMCC188524.
“Personal data” means any data relating to an identified natural person, or one who can be identified directly or indirectly by way of linking data, using identifiers such as name, voice, picture, identification number, online identifier, geographic location, or one or more special features that express the physical, psychological, economic, cultural, or social identity of such person.
Subject to certain exemptions, limitations, and appropriate proof of identity, you will generally have the following rights in relation to your personal data:
- Right to information about matters set out in this notice. You may also contact us for further details about our data retention policy and international data transfers.
- Right to make an access request to receive a copy of your personal information held by us.
- Right to rectification of any inaccurate or incomplete personal information.
- Right to withdraw consent previously provided.
- Right to object and stop our processing for direct marketing purposes including profiling and statistical surveys, any automated processing that has legal or other serious consequences on you or any processing in breach of the law.
- Right to erasure of personal information that is no longer needed.
- Restriction on the processing of personal information.
- Right to data portability from one service provider to another, where applicable.
- Right to lodge a complaint with the UAE Data Office.
All requests will be processed without undue delay as required by the applicable law.
PRIVACY POLICY UPDATES.
Please be aware that we may update or alter our privacy policies and practices at any time. To ensure that you are familiar with the most up-to-date version of this Privacy Policy, we recommend that you revisit this page on a regular basis. When we make an update or modification to our Site, it will take immediate effect. If we make material changes to this Privacy Policy, we will let you know by prominently displaying a notice on the Site’s homepage for a reasonable time after the change. The effective date will also be updated to reflect the most recent amendment date.
CONTACTING US.
Please contact us with any questions regarding our Privacy Policy, data protection, privacy, requests to access, correct, delete, or withdraw consent, or other requests:
DUKANTEK DMCC
HDS Business Center,
Cluster M, Jumeirah Lake Towers (JLT),
+971 45-656-723
reachus@dukkantek.com
P.O. BOX 26296 Dubai,
United Arab Emirates (UAE).
When contacting us, please provide your nation and/or state of residence. If you believe we have been unable to address your complaint or issue and you reside in the EEA or the United Kingdom, you have the right to file a complaint with the applicable supervisory authority.
The Privacy Policy will become effective from the 10th of August 2023.