Website Privacy Policy
Introdution
MYTAXICRM - FZCO (“we”, “us”, “our”, “MyTaxiCRM”, “Company”) is a company that operates this Website https://mytaxicrm.com (the “Website”)
We respect your privacy. This Privacy Policy (“Policy”) explains how we collect, process, and use your personal data when you visit our Website and engage with it in any manner. Please keep reading to learn more about the categories of personal data we collect and process, the purposes of data collection, how we use and store your personal data, what technical and organizational measures are in place to protect your data, to whom we may disclose your data, your privacy rights, etc.
Please review this Policy thoroughly before using our Website. If you disagree with any of the terms outlined below, do not use our Website. If you need further clarification on any provisions of this Policy, please contact us using the provided options.
You can be a website visitor, a potential customer or a customer in our relations with you:
- You are a website visitor (“Visitor”) when you merely browse the Website and provide us with your data via cookies or other tracking technologies;
- You are a potential customer (“Potential Customer”) when you contact us via email, phone, , other messengers (Telegram, WhatsApp), fill out online forms on the Website, contact us in person, by mail, or via other available means of communication, or when you voluntarily share your data with us.
- You are a customer (“Customer”) when you sign up with us to use our MyTaxi CRM (“Platform”). Please note that our relations with Customers in the context of collecting and processing their personal data are outlined in a separate Privacy Policy for the Platform.
Defenitions
We use the following definitions in this Privacy Policy:
- “GDPR” means the European Union’s General Data Protection Regulation.
- “PDPL” means the UAE’s Federal Decree-Law No. 45/2021 on the Protection of Personal Data.
- “personal data” means any information relating to you and helping identify you (directly or indirectly), such as a name, email, address, etc.
- “data subject” is an identified or identifiable natural person about whom we hold personal data.
- “controller” means the natural or legal person who (either alone or jointly with others) determines the purposes and means of the processing of personal data.
- “processor” means a natural or legal person who processes personal data on behalf of the controller.
- “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Our identity and contact details
When processing your personal data as outlined in this Privacy Policy, we act as a controller under the GDPR and PDPL.
Data collection
We collect your personal data when you:
- visit our Website;
- contact us via email, phone or any other available means of communication;
- fill out online forms on the Website;
- voluntarily provide your data, including any other instances on the Website where you knowingly choose to share your personal data.
The table below describes different types of data we may collect and process about Visitors and Potential Customers in connection with our Website:
| Type of data | Description | Collected personal data |
|---|---|---|
| Visitor data | ||
| Type of data | Description | Collected personal data |
| (a) Cookies Information | We use cookies on our Website for analytics and marketing activities, to remember your preferences, to ensure the functionality of our Website and for other purposes. | In particular, we can collect usage information (pages you have viewed on our Website, search terms and search results, and other information regarding your use of the Website) for analytics purposes. We also use necessary, preferential and marketing cookies. To learn more about our use of cookies, please read our Cookies Policy. |
| (c) Potential Customer Information | When you contact us via email, phone call,, messengers (Telegram, WhatsApp), fill out online forms on the Website, or voluntarily share your data with us, we may collect some information about you. We may process this information to promote our products and services and communicate with potential customers. | It may include your name, email, phone number, and any other information contained in communications between you and us. |
| Potential Customer data | ||
| (c) Potential Customer Information | When you contact us via email, phone call,, messengers (Telegram, WhatsApp), fill out online forms on the Website, or voluntarily share your data with us, we may collect some information about you. We may process this information to promote our products and services and communicate with potential customers. | It may include your name, email, phone number, and any other information contained in communications between you and us. |
When we act as a data controller:
- we DO NOT collect or process your sensitive data;
- we DO NOT use automated decision-making, including profiling, which produces legal effects concerning a data subject or similarly significantly affects a data subject.
- we DO NOT sell your data.
Legal bases for processing
We process your personal data in accordance with the GDPR and PDPL. The GDPR provides an exhaustive list of lawful bases for processing. We rely only on four of them:
Article 6.1(a): consent
We process the personal data you choose to provide us with your consent. You may withdraw your consent at any time.
Please remember that withdrawing consent does NOT automatically mean that the processing before the withdrawal is unlawful. You may withdraw your consent by emailing us at [email protected] or contacting us in any other convenient way.
Article 6.1(f): legitimate interest
We process your personal data to protect our legitimate interests, such as:
- preventing fraud;
- ensuring the security and functionality of our Website.
We only collect and use the data necessary to achieve these purposes and do not override your fundamental rights and freedoms.
Article 6.1(b): performance of a contract
When you provide us with personal data during communication about the details of our services, terms of use of the Platform, etc., to potentially become our Customer, this can be considered as a request to form a contract or to perform a contract between you and us.
Article 6.1(c): legal obligation
We process your personal data to fulfill our legal obligations, such as complying with tax or regulatory requirements.
If you send us a request to exercise your rights under the GDPR, we may ask you for some personal data we already have to identify you and comply with the applicable law.
Use your personal data
As a data controller, we use your personal data for the purposes listed in the table below. The table also details the type of personal data processed and the legal bases we rely on to do so.
| Purpose of processing | Type of personal data | Legal grounds | Third parties recipients | Source |
|---|---|---|---|---|
| Communication with Potential Customers (including responding to queries and requests, assisting with product or service selection) | (c) Potential Customer Information | Performance of a contract (Article 6(1)(b)) Your consent (Article 6(1)(a)) | Google Workspace, AWS, Contractors | Potential Customer |
| Analytics & Developing & Maintenance of the Website | (a) Cookies Information (b) Automatically Collected Information | Your consent (Article 6(1)(a)) Our legitimate interest (Article 6(1)(f)) | AWS, Contractors | Visitor |
| Marketing activities | (a) Cookies Information (c) Potential Customer Information | Your consent (Article 6(1)(a)) | Contractors | Visitor Potential Customer |
| Security and fraud prevention | (a) Cookies Information (b) Automatically Collected Information | Our legitimate interest (Article 6(1)(f)) | AWS, Contractors | Visitor Potential Customer |
| Complying with the law or legal process | (a) Cookies Information (b) Automatically Collected Information (c) Potential Customer Information | Legal obligation (Article 6(1)(c)) | Contractors | Visitor Potential Customer |
DATA SHARING AND DISCLOSURE
We may share your personal data as a data controller with other controllers and data processors.
To ensure the functionality of our Website and provide you with a pleasant user experience, we rely on the support of third-party service providers (“service providers”) for certain essential features, to effectively manage risks, seek professional advice, and deliver services. Service providers operate as data processors on our behalf in accordance with our instructions.
We may share and disclose your personal data to our service providers:
- AWS (Amazon Web Services, Inc., USA): for data storage. You may read its privacy policy here;
- Google Workspace (Google LLC, USA): for collecting, storing, structuring, and using personal data, and contacting you. You may read its privacy policy here;
As part of our business operations, we may engage specialists who may receive your personal data, including technical, sales, legal and marketing professionals, to provide you with better service and ensure the accuracy and transparency of our business. These specialists, together with partner websites, are referred to as Contractors.
Links to Third-Party Websites
This Privacy Policy applies only to this Website. We strongly recommend reviewing the privacy documents of any websites you may reach by following the hyperlinks presented on our Website. We have no control over other websites' content and data practices and are not responsible for their actions.
Social Media Accounts and Messengers
We also use messengers such as [Telegram, WhatsApp] to communicate with you. We may collect information for marketing purposes when you interact with us through our social media accounts by following our official pages, posting comments, or reacting to our content. Additionally, we may communicate with you via direct messaging services available on these social media platforms.
Please note that we are not responsible for social media and messengers’ data practices and advise checking their privacy documents regarding the collection of your personal data on their side.
Data sharing and disclosure
We may share your personal data as a data controller with other controllers and data processors.
To ensure the functionality of our Website and provide you with a pleasant user experience, we rely on the support of third-party service providers (“service providers”) for certain essential features, to effectively manage risks, seek professional advice, and deliver services. Service providers operate as data processors on our behalf in accordance with our instructions.
We may share and disclose your personal data to our service providers:
- AWS (Amazon Web Services, Inc., USA): for data storage. You may read its privacy policy here;
- Google Workspace (Google LLC, USA): for collecting, storing, structuring, and using personal data, and contacting you. You may read its privacy policy here;
As part of our business operations, we may engage specialists who may receive your personal data, including technical, sales, legal and marketing professionals, to provide you with better service and ensure the accuracy and transparency of our business. These specialists, together with partner websites, are referred to as Contractors.
Links to Third-Party Websites
This Privacy Policy applies only to this Website. We strongly recommend reviewing the privacy documents of any websites you may reach by following the hyperlinks presented on our Website. We have no control over other websites' content and data practices and are not responsible for their actions.
Social Media Accounts and Messengers
We also use messengers such as [Telegram, WhatsApp] to communicate with you. We may collect information for marketing purposes when you interact with us through our social media accounts by following our official pages, posting comments, or reacting to our content. Additionally, we may communicate with you via direct messaging services available on these social media platforms.
Please note that we are not responsible for social media and messengers’ data practices and advise checking their privacy documents regarding the collection of your personal data on their side.
Data transfer to third countries
We may transfer your personal data to countries outside the European Union (EU) and the European Economic Area (EEA) that are not deemed to provide an adequate level of data protection under Article 45 of the GDPR (adequacy decision), as well as outside the UAE.
In such cases, we will ensure that appropriate safeguards are implemented in accordance with the GDPR to protect your personal data, in particular, the standard contractual clauses adopted by the European Commission. Where possible, we always enter into Data Processing Agreements (DPAs) and Non-Disclosure Agreements (NDAs) with these third parties to ensure that your personal data is adequately protected.
Please note that in 2023, the European Commission recognized the commercial organizations of the United States participating in the EU-US Data Privacy Framework as providing adequate protection.
We implement supplementary technical and organizational measures when transferring data, such as prior assessment of the service provider’s reliability and personal data protection practices, encryption of the transferred personal data, prompt reaction to any threats to confidentiality, integrity, and availability of the personal data, etc.
Data retention
As a data controller, we store and process your personal data until we do not need it for any of the purposes defined in this Privacy Policy unless a longer retention period is required or expressly permitted by law. We may not delete or anonymize your data if we are required to retain it to comply with the law or legal process
Certain categories of data may have shorter storage periods; for instance, cookies expire within a few days, weeks, or months as per their programmed settings (or sooner if you clear your browser’s cache). Cookies Information retention periods are specified in our Cookies Policy.
To exercise your right to erasure, you may contact us at [email protected] or in any other convenient way.
Security and integrity of the data
We have implemented appropriate organizational, technical, administrative, and physical security measures to ensure the ongoing confidentiality, integrity, availability, and resiliency of systems and services that process personal data and will restore the availability and access to information on time in case of a physical or technical incident.
We also use a 256-bit SSL encryption method and store data using secure cloud service providers to keep your information secure.
Data subject age
We do not knowingly collect personal data from persons under 16. By providing us with your personal data, you confirm that you are at least 16 years old and, according to the law of your country, you have all rights to consent to the processing of your personal data.
If you have any reason to believe that a child under 16 has provided his/her personal data to us, please contact us at [email protected].
Your rights under GDPR
You may exercise the following rights by submitting a data subject request at [email protected].
Please note that we may need to confirm your identity to process your requests to exercise your rights under the GDPR. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.
| Right under the GDPR | Description | How to exercise it |
|---|---|---|
| Right to withdraw consent (Art. 7) | You can withdraw your consent for data processing at any time. | You can submit a request. |
| Right to be informed (Art. 13, 14) | You have the right to be informed about the collection and use of your personal data. | All information about our collection and use of your personal data is described in this Privacy Policy, the Cookies Policy, and the Terms of Use. |
| Right of Access (Art. 15) | You have the right to confirm whether your personal data is being processed by us and access such data, along with specific information. | You can submit a request. |
| Right to rectification(Art. 16) | You have the right to correct inaccurate personal data about you and to have incomplete personal data completed. | You can submit a request |
| Right to erasure (‘right to be forgotten’) (Art.17) | You have the right to have your personal data deleted without undue delay where one of the following grounds applies:
| You can submit a request. |
| Right to restriction of processing (Art. 18) | You can limit the way in which we use your data where one of the following applies:
| You can submit a request. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it:
|
| Right to data portability (Art. 20) | You have the right to receive your personal data in a structured, commonly accepted, and machine-readable format and have the right to request that we transmit this data directly to another controller to the extent that the legal basis for our processing of your personal data is your consent or performance of a contract and the processing is carried out by automated means. | You can submit a request. |
| Right to object (Art. 21) | You have the right to object to our processing of your personal data at any time to the extent that the processing is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. Also, you have the right to object to our processing of your personal data for direct marketing purposes (including profiling). | You can submit a request. |
| Right not to be subject to a decision based solely on automated processing, including profiling (Art. 22) | This right restricts us from making solely automated decisions, including those based on profiling, which produce legal or other significant effects for data subjects. | We DO NOT use automated decision-making and profiling. |
| Right to lodge a complaint (Art. 77) | You have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data violates the requirements of the GDPR. | You can submit the complaint in the EU member state of your place of habitual residence or to the data protection authority stated in this Privacy Policy. |
| Right to compensation (Art. 82) | Any person who has suffered material or moral damage as a result of a violation of GDPR requirements has the right to receive compensation from the controller or processor for the caused damage. | Court proceedings for exercising the right to receive compensation shall be brought before the courts competent under the law of the EU Member State referred to in Article 79(2). |
Data protection authority under GDPR
We encourage you to reach out to us initially with any concerns you may have regarding the processing of your personal data. You may use the following email to address your concerns: [email protected].
In some cases, you have the right to lodge a complaint about our use of your personal data with a data protection authority. For more information, please contact your national data protection authority. We will cooperate with the appropriate governmental authorities to resolve any privacy-related complaints that cannot be amicably resolved between you and us. You can find a full list of EU supervisory authorities through this link.
Your rights under PDPL
Under the PDPL, UAE residents have the following rights concerning their personal data (Articles 13-18):
| Right | Description |
|---|---|
| Right of Access to Information | You have the right to obtain information on the categories of personal data being processed, the purpose of the processing, the decisions made upon automated processing, entities with whom the personal data is shared. |
| Right to Request Personal Data Portability | You have the right to receive your personal data in a structured and machine-readable format. |
| Right to Rectification or Erasure of Personal Data | You have the right to rectify inaccurate personal data and the right to delete your personal data and be forgotten. |
| Right to Restriction of Processing | You have the right to restrict and stop the processing of your data where it is inaccurate, or you object to the purpose of the processing. |
| Right to Stop Processing | You have the right to object to the processing of your personal data and stop the processing where it is processed for direct marketing or statistical survey purposes or in contraversion of the personal data protection controls. |
| Right of Processing and Automated Processing | You have the right to object to automated decisions made by automated processing of your personal data. We do not do automated processing of your personal data. |
You can find a detailed description of the personal information that we may collect from you above in the “DATA COLLECTION” section of this Policy.
The purposes of the collection and/or use of personal information are stated in the “USE OF YOUR PERSONAL DATA” section of this Policy.
You can review the categories of third parties with whom we may share your personal information in the “DATA SHARING AND DISCLOSURE” section of this Policy.
We encourage you to contact us initially with any concerns you may have regarding the processing of your personal data. You may use the following email to address your concerns: [email protected].
Please note that we may need to confirm your identity to process your requests to exercise your rights. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.
You also have the right to file a complaint with the UAE Data Office, a federal data regulator (once it is established), if you believe that the processing of your personal data infringes PDPL.
Complaints
If you have any complaints regarding our processing of your personal data, please contact us using the contact details provided below. If you are not satisfied with our response to your complaint, depending on the place of your residence, you may have the right to appeal our decision by contacting us or lodge your complaint with your local data protection authority.
Amedments
We may periodically update our Privacy Policy to reflect new updates, technologies, legal requirements, or for other reasons. Any changes will be communicated by posting a revised version of the Policy on our Website. Such changes will be effective immediately upon posting them.
We encourage you to review this Privacy Policy periodically. Your continued use of our Website after the revised Privacy Policy has become effective constitutes your acceptance of the new terms of the Privacy Policy. If the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change.
How to contact us
For questions regarding the processing of your personal data, please contact us:
MYTAXICRM - FZCO