Privacy Policy

Effective date: 6 November 2025
Who we are: i3RL FZCO (“i3RL”, “we”, “our”, “us”), a company incorporated in the United Arab Emirates.
Website: https://i3rl.ae/

This Privacy Policy explains how we collect, use, disclose, and protect personal data when you use our website or otherwise interact with us. It is designed to meet the requirements of the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021, “PDPL”) and guidance from UAE authorities. The PDPL has applied since 2 January 2022 and establishes rights for data subjects in the UAE and obligations for controllers and processors.

If you are established in, or target, financial free zones (e.g., DIFC or ADGM), their data-protection regimes may additionally apply; in case of conflict, the more protective rules will govern. (This Policy focuses on the federal PDPL.)

1) Scope

This Policy covers personal data processed about:

• Website visitors and users (e.g., via contact forms, “Estimate Project” requests, careers submissions).
  
  
• Business contacts (customers, suppliers, partners).
  
  
• Job applicants.
  
  

It does not cover information relating to legal entities that is not linked to an identifiable individual.

2) What we collect

We collect personal data in the following ways:

1. a) Data you provide directly

• Contact details (name, email, phone), company and job title.
  
  
• Content of messages or files you submit (e.g., project brief, CV/resume, cover letter).
  
  
• Account/application information if we offer sign-ups or portals.
  
  

1. b) Data collected automatically

• Technical data from your device/browser: IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, approximate location, and timestamps.
  
  
• Cookies and similar technologies (see Cookies below).
  
  

1. c) Data from third parties

• Public professional profiles (e.g., LinkedIn) or referrals.
  
  
• Providers that help us with fraud prevention, analytics, or recruitment.
  
  

We do not intentionally collect special categories of personal data unless you choose to provide them (e.g., in a CV). Please avoid submitting sensitive data unless necessary.

3) Legal bases for processing (PDPL)

We process personal data on one or more of these legal bases:

• Consent (e.g., marketing subscriptions, optional cookies).
  
  
• Contractual necessity (e.g., to respond to inquiries or deliver requested services).
  
  
• Legitimate interests (e.g., to secure our website, improve services, prevent fraud), balanced against your rights and expectations.
  
  
• Compliance with legal obligations (e.g., record-keeping, responding to lawful requests).
  Under the PDPL, controllers must implement appropriate safeguards and respect data-subject rights (see Your rights below).

4) How we use personal data

• Provide and operate our website and services, respond to contact/estimate requests, and manage customer relationships.
  
  
• Recruitment, to assess candidates and communicate about roles.
  
  
• Improve, analyze, and secure our website and services (including troubleshooting, analytics, and security monitoring).
  
  
• Marketing and communications with your consent or as permitted by law (you can opt out anytime).
  
  
• Legal/compliance purposes, including enforcing terms, preventing fraud, and responding to lawful requests.
  
  

We do not sell personal data.

5) Cookies & analytics

We use cookies and similar technologies to:

• Operate core site features;
  
  
• Understand how the site is used (aggregated statistics);
  
  
• Remember your preferences.
  
  

Where required, we will request consent through a banner. You can manage cookies via your browser settings. If we use third-party analytics (e.g., Google Analytics 4) or embedded services (e.g., maps, video), those providers may set their own cookies and act as independent controllers—review their policies for details.

6) Sharing your information

We may share personal data with:

• Service providers / processors: hosting, security, analytics, CRM, email, applicant-tracking, and professional advisers—only as needed to provide services and under contractual confidentiality and security obligations.
  
  
• Business transfers: in connection with mergers, acquisitions, or reorganization (we will require continued protection of your data).
  
  
• Legal and compliance: to comply with law or protect rights, safety, and security.
  
  

We do not permit our processors to use your data for their own marketing.

7) International transfers

Your data may be processed outside the UAE. Where we transfer personal data internationally, we implement appropriate safeguards consistent with the PDPL (e.g., ensuring the recipient jurisdiction provides an adequate level of protection or using contractual protections and technical measures). The PDPL provides for transfer mechanisms and oversight by the UAE Data Office.

8) Data retention

We keep personal data only as long as necessary for the purposes described above, including to comply with legal, regulatory, tax, accounting, or reporting requirements, and to establish or defend legal claims. Typical examples:

• Website inquiry records: 12–24 months after last interaction.
  
  
• Customer, supplier, and contract records: up to 6–10 years (or as required by law).
  
  
• Recruitment data: 12 months (longer with your consent).
  
  

When no longer needed, we will delete or irreversibly anonymize the data.

9) Your rights (PDPL)

Subject to conditions and lawful exceptions under the PDPL, you may have the right to:

• Access your personal data and obtain information about how it is processed.
  
  
• Correct inaccurate or incomplete data.
  
  
• Delete personal data in certain circumstances.
  
  
• Object to or restrict processing in certain cases.
  
  
• Withdraw consent where processing is based on consent (this does not affect prior processing).
  
  
• Data portability where technically feasible.
  You may also lodge a complaint with the UAE Data Office if you believe your rights have been infringed.

To exercise your rights, contact us using the details in Contact us below. We may ask for information to verify your identity and will respond within the timelines prescribed by law.

10) Children’s privacy

Our website is not directed to children under 13 (or the age defined by applicable law). We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us and we will take appropriate action.

11) Security

We implement administrative, technical, and physical safeguards designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. No method of transmission or storage is 100% secure; we work to continuously improve our controls.

12) Links to third-party sites

Our website may contain links or integrations to third-party websites, platforms, or services. Their privacy practices are governed by their own policies; we encourage you to review them.

13) Changes to this Policy

We may update this Policy from time to time. The “Effective date” above shows when it was last updated. Significant changes will be highlighted on this page.

14) Contact us / Data Protection Contact

i3RL FZCO
[Registered address: e.g., [Free Zone & Unit No., Emirate, UAE]]
Email: [privacy@i3rl.ae]
Phone: [+971-…]
Data Protection Officer / Contact: [Name/Title, if appointed]

If you are located in the European Union, UK, or other jurisdictions with specific privacy requirements, you may also contact us at the same details to inquire about any additional rights available to you under local law.