Data Deletion Policy

Data Deletion & Erasure 

1. Purpose

This Data Deletion & Erasure Policy (the “Policy”) sets out the principles, procedures and controls governing how Lunixes FZCO (“Lunixes“, “we“, “us“) responds to requests for deletion, erasure or restriction of personal data and client data processed in connection with its products and services (the “Services”).

This Policy is designed to ensure compliance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and applicable contractual obligations, while maintaining system integrity, security and lawful record-keeping.

2. Scope

2.1 This Policy applies to:

  • personal data relating to individual users and retail clients;
  • personal data processed on behalf of corporate or institutional clients;
  • client-generated data stored, processed or hosted by Lunixes;
  • deletion requests received through any authorised communication channel.

2.2 This Policy applies whether Lunixes acts as a data controller or a data processor, subject to the role applicable in each case.

3. Definitions

For the purposes of this Policy:

  • Personal Data means any data relating to an identified or identifiable natural person.
  • Client Data means data uploaded, generated or otherwise processed through the Services by or on behalf of a client.
  • Deletion / Erasure means the permanent removal or irreversible anonymisation of data such that it can no longer be reconstructed.
  • Authorised Signatory means an individual with documented authority to legally bind a corporate client.

4. Right to Request Deletion

4.1 Subject to applicable law, individuals and clients have the right to request the deletion or erasure of personal data where:

  • the data is no longer necessary for the purpose for which it was collected;
  • consent has been withdrawn and no other lawful basis applies;
  • the processing is unlawful; or
  • deletion is otherwise required under applicable law.

4.2 Lunixes may refuse or delay deletion where retention is required by law, regulation, contractual obligation, or for the establishment, exercise or defence of legal claims.

5. Submission of Deletion Requests

5.1 Corporate / Entity Clients

Where the client is a legal entity, deletion requests must:

  • be submitted by an authorised signatory of the entity;
  • be sent from the entity’s official corporate email domain or accompanied by verifiable proof of authority; and
  • clearly identify the scope of data requested for deletion.

Requests submitted by non-authorised personnel may be rejected or returned for clarification.

5.2 Retail / Individual Clients

Where the client is an individual, deletion requests must:

  • be submitted from the official email address registered with Lunixes; or
  • be verified through reasonable authentication measures determined by Lunixes.

6. Verification and Validation

6.1 Lunixes reserves the right to verify the identity and authority of the requester before acting on any deletion request.

6.2 Additional information may be requested where necessary to prevent unauthorised, fraudulent or malicious deletion.

6.3 No deletion action will be taken until verification is satisfactorily completed.

7. Assessment and Execution

7.1 Upon receipt of a valid request, Lunixes will:

  • assess the request against legal, regulatory and contractual requirements;
  • determine whether immediate deletion, delayed deletion or restriction of processing is appropriate;
  • notify the requester of the outcome.

7.2 Where Lunixes acts as a data processor, deletion will be carried out in accordance with the client’s documented instructions and applicable agreements.

7.3 Deletion will be performed using secure methods appropriate to the nature of the data and the systems involved.

8. Retention Overrides and Legal Holds

8.1 Data subject to statutory retention periods, regulatory requirements, audit obligations or legal holds will not be deleted until such obligations expire.

8.2 In such cases, the data will be:

  • isolated;
  • access-restricted; and
  • protected from further processing beyond what is legally required.

9. Backups and Disaster Recovery

9.1 Deleted data may persist temporarily in encrypted backups for disaster-recovery purposes.

9.2 Backup data is:

  • not actively processed;
  • access-restricted; and
  • overwritten or permanently deleted in accordance with backup retention cycles.

10. Logging and Audit

10.1 All deletion requests and actions are logged for audit, security and compliance purposes.

10.2 Logs may include request metadata but will not retain deleted personal data beyond what is legally required.

11. Response Timeframes

Lunixes will respond to deletion requests within reasonable timeframes prescribed by applicable law. Complex requests may require additional time, in which case the requester will be informed.

12. Policy Updates

This Policy may be amended periodically to reflect legal, regulatory or operational changes. Updated versions will be made available through appropriate channels.

13. Contact

All data deletion and erasure requests should be directed to:

Data Protection Officer
Lunixes FZCO
United Arab Emirates
Email: info@lunixes.com

14. Governing Law

This Policy is governed by and construed in accordance with the laws of the United Arab Emirates. Any disputes arising in connection with this Policy shall be subject to the jurisdiction of the competent courts of the UAE.

Cart (0 items)

Create your account

Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Image
  • SKU
  • Rating
  • Price
  • Stock
  • Availability
  • Add to cart
  • Description
  • Content
  • Weight
  • Dimensions
  • Additional information
Click outside to hide the comparison bar
Compare