Privacy Policy

1. Introduction
 This Privacy Policy (“Policy”) describes how Lunixes (“we”, “us”, “our”) collects, uses, stores, shares, transfers and otherwise processes personal data relating to individuals (“you”, “your”) in connection with our website, services and products (the “Services”). Lunixes is a company incorporated under the laws of the United Arab Emirates (UAE) in the International Free Zone Authority (IFZA) free zone, and this Policy is governed by and construed in accordance with the laws of the UAE, including in particular Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (the “PDPL”) and any implementing regulations.
By accessing or using our Services or providing us with your personal data, you acknowledge that you have read, understood and accepted the terms of this Policy. If you do not accept this Policy, please do not use our Services or provide personal data to us.

2. Scope and Roles
 2.1 This Policy applies to personal data that we collect when you visit our website, use our Services, register as a user, or interact with us otherwise.
2.2 We may act as a “data controller” when we determine the purposes and means of processing your personal data, and may act as a “data processor” when processing personal data on behalf of our clients under a separate agreement.
2.3 Where our clients use our Services and provide us with personal data of their end-users, those clients are the data controllers and Lunixes acts as processor (unless otherwise agreed). Our obligations in such circumstances are governed by the applicable Service Terms, Data Processing Addendum and this Policy.

3. Data We Collect
 We collect or may collect personal data as follows, depending on the context of our interactions:
– Contact and identity information (such as name, job title, company name, address, telephone number, email address, username, password).
– Account, login and authentication data (such as user ID, password hash, two-factor authentication status, device identifiers, IP address, login timestamps).
– Usage, activity and service-interaction data (such as session logs, system event logs, error logs, support tickets, service usage statistics).
– Payment and billing information (where applicable): billing name, address, payment method, transaction history.
– Customer-provided data: when using our Services, our clients may input data (which may contain personal data) stored on our servers or on client-specified servers or cloud infrastructure — for clarity, such data input by clients is processed pursuant to the client’s instructions.
– Other data you provide voluntarily (for example, in correspondence, surveys, or support requests).
We may also collect data from other sources (such as publicly available information or trusted third-party providers) where permitted by law.

4. Legal Basis for Processing
 We process your personal data only to the extent necessary, and on one or more of the following lawful bases:
– Performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract.
– Compliance with a legal obligation to which we are subject under UAE law (including PDPL and related regulations).
– Legitimate interests pursued by us, provided such interests are not overridden by your rights and freedoms (for example, maintaining the security of our Services, fraud prevention, improving user experience).
– Your consent, where required or obtained (for example, marketing communications, optional surveys, special categories of personal data if applicable).

5. Purpose of Processing
 We process personal data for one or more of the following purposes (including, but not limited to):
– To provide, administer and maintain our Services (including account creation, authentication, user management, support services).
– To enable you to access and use our website, mobile app or other service interfaces.
– To operate, monitor, analyse and improve our Services, including usage analytics, performance enhancement, product development and innovation.
– To ensure information security, undertake auditing, detect and prevent misuse, fraud, security threats and other malicious activity.
– To fulfil contractual obligations (such as billing, payment processing, subscription management).
– To communicate with you regarding your account, our Services, updates, service announcements, and administrative information (these are transactional and not optional).
– To provide you with marketing communications (subject to your consent or where otherwise lawful) and to manage our business relationship and prospects.
– To comply with legal and regulatory obligations, respond to requests from governmental or regulatory authorities, and to defend our rights in disputes.
– To manage data retention, archival, deletion or anonymisation in accordance with our retention policy and applicable law.

6. Data Storage, Hosting & Location
 6.1 We operate a flexible hosting model: we store personal data either (i) on our cloud-based servers, or (ii) on infrastructure designated by the client (for example on-premises or client-specified cloud location) as per our contractual arrangement.
6.2 Where hosting is undertaken by us, we maintain industry-standard security measures (including encryption at rest and in transit, access controls, network segmentation, intrusion detection, logging and monitoring).
6.3 Where clients specify hosting location or infrastructure, we act in accordance with the client’s instructions and the hosting location becomes the agreed processing environment. We will continue to apply our security obligations and will ensure adherence to applicable contractual and legal commitments.
6.4 We may transfer or replicate personal data outside the UAE (and allow client-specified jurisdictions) only if one or more of the following apply: (a) the transfer is necessary for the performance of a contract; (b) we have implemented appropriate safeguards (contractual, organisational or technical) consistent with the PDPL and any applicable regulation; (c) you have provided your explicit consent; or (d) required by law.
6.5 We retain personal data for no longer than necessary for the purposes described in Section 5, and consistent with our data retention and deletion policy. After expiry of applicable retention periods, we delete, anonymise or de-identify personal data.

7. Account Security and Two-Factor Authentication
 7.1 We recognise the importance of protecting your account and personal data. Accordingly, we require the use of strong authentication mechanisms. You are required to enable two-factor authentication (“2FA”) on your account when accessing our Services, unless otherwise agreed in writing. 2FA may include time-based one-time passcodes (TOTP), SMS or authenticator apps, or other equivalent second-factor mechanisms.
7.2 We implement organisational, technical and physical security measures designed to protect personal data against accidental, unauthorised or unlawful processing, loss, alteration or destruction, including but not limited to encryption, role-based access controls, secure backups, incident-response protocols and periodic security testing.
7.3 Despite the foregoing, no system is completely secure. We request that you keep your authentication credentials confidential, restrict access to your account, and immediately notify us if you become aware of unauthorised access.

8. Sharing, Disclosure and Third-Party Processors
 8.1 We may share or disclose your personal data with:
(a) our service providers, subcontractors or processors who perform services on our behalf (e.g., hosting, IT infrastructure, customer support, analytics, billing) under written contracts that include appropriate data-protection obligations;
(b) our affiliates or group companies for purposes consistent with this Policy and the Services;
(c) clients with whom you are affiliated (for example where your employer is our client) to enable them to manage their users and provision services;
(d) governmental, judicial or regulatory authorities if required by law, court order or legitimate request; (e) third parties in relation to corporate transactions (such as merger, acquisition or sale of assets) in which case we will use reasonable efforts to notify you of the change in control or data-controller status.
8.2 We do not sell your personal data for profit.
8.3 Where we engage third-party processors, we require that they maintain data-security standards equivalent to our own, restrict the use of the data to the specified purpose, and notify us of any actual or suspected data breach. We remain responsible for compliance with applicable legal obligations where we act as controller.

9. Data Subject Rights
 Under the PDPL, you have certain rights in relation to your personal data. Subject to applicable legal exceptions, you have the right to:
– Access and obtain a copy of your personal data processed by us.
– Request correction or update of inaccurate or incomplete personal data.
– Request erasure or deletion of your personal data, if processing is no longer necessary or lawful.
– Request restriction of processing of your personal data.
– Object to the processing of your personal data (where lawful basis permits).
– Where applicable, request portability of your personal data to another controller.
– Withdraw your consent (where processing is based on consent), without affecting the lawfulness of processing prior to withdrawal.
– Lodge a complaint with the competent supervisory authority if you believe your rights have been infringed.
To exercise any of these rights, please contact our Data Protection Officer (or privacy team) using the contact details in Section 14. We will respond to your request in accordance with UAE law.

10. Children and Minors
 Our Services are not directed to children under the age of [ 16 ] (or such lower age as applicable under local law). We do not knowingly collect personal data from children unless consent of a parent or guardian is obtained or processing is necessary under applicable law. If you believe we have collected personal data of a minor without appropriate consent, please contact us and we will take steps to delete the data where required by law.

11. Cookies and Tracking Technologies
 We use cookies, web beacons, pixels and similar technologies to collect usage data, improve your experience, deliver content and for analytics and marketing purposes. You may manage your cookie preferences in your browser settings. For detailed information on our use of cookies and tracking, please refer to our Cookie Policy [link].

12. International Transfers and Cross-Border Processing
 We may transfer, store or process personal data outside the UAE where necessary for our Services or where a client has instructed us to do so (as per Section 6.4). We will ensure that such transfers are made in compliance with the PDPL and any relevant implementing regulations, by putting in place appropriate safeguards (such as contractual commitments, encryption, anonymisation or consent). We will not transfer your personal data outside the UAE unless we are satisfied that appropriate protections are in place.

13. Retention and Deletion
 We retain personal data only for as long as necessary for the purposes set out in Section 5 and in accordance with our internal retention schedules and any legal or regulatory requirements. Once personal data is no longer required, we will delete, anonymise or securely archive the data. Where deletion is not feasible, we will isolate the data and prevent further processing.

14. Changes to This Policy
 We reserve the right to modify, amend or update this Policy at any time. If we make material changes we will provide notice via our website or by other appropriate means before the changes take effect. The “Last Updated” date above will be revised. Your continued use of our Services after the effective date of the updated Policy constitutes your acknowledgement and acceptance of the updated terms.

15. Contact and Data Protection Officer
 If you have questions, concerns or wish to exercise your rights under this Policy or the PDPL, you may contact us as follows:

Data Protection Officer

Lunixes

15th Floor, Wework Hub 71, Al Khatem Tower, Abu Dhabi, UAE

Email:

Telephone: +971 

You also have the right to lodge a complaint with the UAE Data Office or other competent supervisory authority if you believe your personal data has been processed in violation of the PDPL.

16. Governing Law and Jurisdiction
 This Policy and your use of our Services shall be governed by and construed in accordance with the laws of the United Arab Emirates. Any disputes arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the competent courts of the UAE.

Cart (0 items)

Create your account

Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Image
  • SKU
  • Rating
  • Price
  • Stock
  • Availability
  • Add to cart
  • Description
  • Content
  • Weight
  • Dimensions
  • Additional information
Click outside to hide the comparison bar
Compare