Privacy & Policy
Last Updated: November 15, 2024
1. INTRODUCTION AND SCOPE
1.1. Application of Policy
This Privacy Policy ("Policy") is issued by Ambienza Home Design LLC, a company registered under the laws of the United Arab Emirates, with its principal place of business in Dubai, UAE ("Ambienza," "we," "our," or "us"). This Policy governs the collection, processing, storage, and protection of personal information of users ("you," "your," or "User") of our website, mobile applications, and services.
1.2. Legal Framework
This Policy is drafted in compliance with:
- UAE Federal Decree Law No. 45 of 2021 regarding Personal Data Protection
- Dubai International Financial Centre (DIFC) Data Protection Law No. 5 of 2020
- General Data Protection Regulation (GDPR) principles where applicable to international clients
- Other applicable international data protection regulations
1.3. Consent
By accessing our website, utilizing our services, or providing personal information to us, you explicitly consent to the collection, processing, and storage of your personal information as described in this Policy.
2. INFORMATION WE COLLECT
2.1. Categories of Personal Data
2.1.1. Identity Information
- Full name and title
- National identification numbers
- Passport details (for international clients)
- Date of birth
- Gender
- Photographs (when provided)
2.1.2. Contact Information
- Residential and/or business address
- Email address(es)
- Telephone numbers
- Emergency contact details
2.1.3. Financial Information
- Bank account details
- Credit card information
- Payment history
- Financial preferences
2.1.4. Professional Information
- Occupation
- Company name
- Business sector
- Professional preferences
2.1.5. Technical Data
- IP address
- Browser type and version
- Operating system
- Device information
- Geographic location
- Time zone setting
- Browser plug-in types and versions
2.2. Methods of Collection
2.2.1. Direct Collection
- Website forms
- Email correspondence
- Telephone conversations
- Physical documentation
- Face-to-face meetings
2.2.2. Automated Collection
- Cookies (see Section 3)
- Web beacons
- Server logs
- Analytics tools
2.2.3. Third-Party Sources
- Public databases
- Social media platforms
- Business partners
- Credit reference agencies
3. COOKIES AND TRACKING TECHNOLOGIES
3.1. Types of Cookies
3.1.1. Essential Cookies
- Required for website functionality
- Cannot be disabled
- No personal data storage
3.1.2. Functional Cookies
- Remember user preferences
- Enhance user experience
- Can be disabled
3.1.3. Analytics Cookies
- Track website usage
- Collect anonymous statistical data
- Used for website improvement
3.2. Cookie Management
- Users can manage cookie preferences through browser settings
- Detailed cookie policy available upon request
- Regular cookie audit and updates
4. USE OF YOUR INFORMATION
4.1. Primary Purposes
- Service delivery and customization
- Contract fulfillment
- Customer support
- Account management
- Payment processing
- Marketing communications (with consent)
4.2. Secondary Purposes
- Market research and analysis
- Service improvement
- Statistical analysis
- Regulatory compliance
- Fraud prevention
4.3. Legal Basis for Processing
4.3.1. Contractual Necessity
- Service provision
- Payment processing
- Project management
4.3.2. Legal Obligations
- Tax compliance
- Anti-money laundering regulations
- Consumer protection laws
4.3.3. Legitimate Interests
- Business development
- Security measures
- Quality improvement
4.3.4. Consent-Based Processing
- Marketing communications
- Cookie usage
- Profile creation
5. DATA SHARING AND DISCLOSURE
5.1. Categories of Recipients
5.1.1. Service Providers
- IT service providers
- Payment processors
- Cloud storage providers
- Analytics providers
5.1.2. Professional Advisors
- Legal consultants
- Accountants
- Auditors
- Insurance providers
5.1.3. Regulatory Bodies
- Government authorities
- Law enforcement agencies
- Tax authorities
5.2. International Data Transfers
5.2.1. Transfer Mechanisms
- Standard contractual clauses
- Adequacy decisions
- Binding corporate rules
5.2.2. Transfer Safeguards
- Encryption protocols
- Data minimization
- Access controls
6. DATA SECURITY
6.1. Technical Measures
- 256-bit encryption
- Firewalls
- Intrusion detection systems
- Regular security audits
- Penetration testing
6.2. Organizational Measures
- Employee training
- Access control policies
- Data handling procedures
- Incident response plans
6.3. Breach Notification
- 72-hour notification requirement
- Detailed incident investigation
- Remediation procedures
- Stakeholder communication
7. YOUR RIGHTS AND CHOICES
7.1. Access Rights
- Right to request data copies
- Format selection
- Verification requirements
7.2. Rectification Rights
- Data correction
- Data completion
- Supporting documentation
7.3. Erasure Rights
- Right to be forgotten
- Deletion procedures
- Exceptions
7.4. Portability Rights
- Data transfer rights
- Format specifications
- Technical requirements
7.5. Objection Rights
- Marketing objections
- Processing restrictions
- Automated decision-making
8. DATA RETENTION
8.1. Retention Periods
- Active accounts: Duration of relationship plus 6 years
- Inactive accounts: 2 years post-last interaction
- Financial records: 10 years
- Marketing data: 2 years post-consent
8.2. Retention Criteria
- Legal requirements
- Business needs
- Technical constraints
- User preferences
9. CHILDREN'S PRIVACY
9.1. Age Restrictions
- Minimum age: 18 years
- Parental consent requirements
- Age verification procedures
10. CHANGES TO THIS POLICY
10.1. Update Procedures
- Regular policy reviews
- Notification of material changes
- User communication methods
- Implementation periods
11. DISPUTE RESOLUTION
11.1. Governing Law
This Policy is governed by the laws of the United Arab Emirates.
11.2. Jurisdiction
Courts of Dubai shall have exclusive jurisdiction.
12. CONTACT INFORMATION
Ambienza Home Design LLC
[Physical Address]
Data Protection Officer: [Name]
Email: privacy@ambienza.ae
Phone: [Number]
Hours: [Operating Hours]
13. DEFINITIONS AND INTERPRETATIONS
For the purposes of this Privacy Policy, the following terms shall have the meanings assigned to them below:
13.1. Technical Terms
"Analytics Tools" - Software and systems used to collect, analyze, and report website and application usage data.
"API" (Application Programming Interface) - A set of protocols and tools for building software applications that defines how different components should interact.
"Binding Corporate Rules" - Internal rules adopted by multinational company groups to allow multinational corporations to transfer personal data from the UAE to their affiliates located outside the UAE.
"Cookies" - Small text files placed on a user's device that contain information about their browsing behavior and preferences.
"Encryption" - The process of converting information or data into a code to prevent unauthorized access.
"IP Address" - A unique string of numbers separated by periods that identifies each computer using the Internet Protocol to communicate over a network.
"SSL" (Secure Sockets Layer) - A standard security technology for establishing an encrypted link between a web server and a browser.
13.2. Data Protection Terms
"Automated Decision Making" - Any form of decision making which is carried out solely by automated means without any human involvement.
"Data Controller" - Ambienza Home Design LLC, being the entity that determines the purposes and means of processing personal data.
"Data Processor" - A natural or legal person who processes personal data on behalf of the Data Controller.
"Data Protection Officer" - The designated individual responsible for overseeing data protection strategy and implementation.
"Data Subject" - An identified or identifiable natural person to whom the personal data relates.
"Personal Data" - Any information relating to an identified or identifiable natural person.
"Processing" - Any operation performed on personal data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
"Profiling" - Any form of automated processing of personal data to evaluate certain personal aspects relating to a natural person.
13.3. Legal and Compliance Terms
"Consent" - Any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they signify agreement to the processing of personal data relating to them.
"Data Protection Laws" - Includes UAE Federal Decree Law No. 45 of 2021, DIFC Data Protection Law No. 5 of 2020, and other applicable data protection regulations.
"Legitimate Interest" - The interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience.
"Standard Contractual Clauses" - Standard contract terms approved by the UAE Data Protection Authority for ensuring adequate safeguards for international data transfers.
13.4. Business Terms
"Services" - All interior design services, consultations, products, and related offerings provided by Ambienza Home Design LLC.
"User" - Any individual who accesses or uses our website, applications, or services.
"Website" - The official website of Ambienza Home Design LLC and all associated web pages.
13.5. Interpretation Rules
13.5.1. In this Privacy Policy, unless the context requires otherwise:
- Words importing the singular include the plural and vice versa
- References to "including" or similar terms shall be construed as illustrative and shall not limit the sense of the description preceding those terms
- References to any law or regulation include amendments, consolidations, re-enactments, or replacements of such law or regulation
13.5.2. Headings are for convenience only and do not affect interpretation.
13.5.3. If any provision of this Privacy Policy is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Privacy Policy shall otherwise remain in full force and effect and enforceable.
13.5.4. This Privacy Policy has been drafted in English. If this Privacy Policy is translated into any other language, the English version shall prevail in case of inconsistency.
13.6. Updates to Definitions
These definitions may be updated from time to time to reflect:
- Changes in applicable laws and regulations
- New technical developments
- Evolution of industry standards and best practices
- Changes in our services and business operations
The most current version of these definitions will always be available upon request from our Data Protection Officer.
This Privacy Policy was last updated on 2024-11-15 and supersedes all previous versions.
END OF PRIVACY POLICY