Privacy Policy

Company Information

• Legal Entity: AJL Gulf Group LLC
• Registration: Sharjah, SHAMS Free Zone, United Arab Emirates
• Website:https://www.nearbyvouchers.com
• Email:privacy@nearbyvouchers.com

1. Information We Collect

1.1 Personal Information You Provide to Us

Account Registration Data:When you create an account on our platform, we collect:

• Full Name
• Email Address
• Phone Number
• Date of Birth
• Country of Residence (COR)
• Nationality
• Password (stored in encrypted format)

Transaction and Payment Information:

• Billing address and delivery information
• Payment method details (processed securely through Stripe)
• Purchase history and transaction records
• Voucher usage and redemption data
• Refund and cancellation requests

Communication Data

• Messages sent through our customer support system
• Feedback, reviews, and ratings you provide
• Survey responses and user-generated content
• Newsletter and marketing preference selections

1.2 Information We Collect Automatically

Technical and Usage Data:

• IP address and approximate location data
• Device information (type, model, operating system)
• Browser type, version, and language settings
• Website navigation patterns and page interactions
• Session duration and frequency of visits
• Referral sources and search terms used

Cookies and Tracking Technologies:

• Session cookies (expire after 2 hours of inactivity)
• Persistent cookies for user preferences
• Analytics cookies for performance optimization
• Marketing cookies for personalized advertising (with consent)

1.3 Information from Third Parties

Vendor and Partner Data:

• Information from approved vendors for order fulfillment
• Data from marketing partners and affiliates
• Social media information (if you connect social accounts)
• Public databases for identity verification when required

2. How We Use Your Information

2.1 Primary Service Functions

Account Management:

• Creating and maintaining your user account
• Authenticating your identity and securing your account
• Managing session timeouts (2-hour automatic logout)
• Providing personalized account dashboard

Transaction Processing:

• Processing voucher purchases and payments via Stripe
• Sending purchase confirmations and digital vouchers
• Facilitating voucher redemption with partner vendors
• Managing refunds, exchanges, and customer disputes

Communication Services:

• Sending essential transactional emails (confirmations, receipts, account updates)
• Providing customer support and technical assistance
• Responding to inquiries and resolving issues
• Delivering vouchers and important service notifications

2.2 Marketing and Personalization

Targeted Marketing (with your consent):

• Sending promotional emails about deals and offers
• Customizing website content based on your preferences
• Creating personalized voucher recommendations
• Conducting market research and customer satisfaction surveys

Analytics and Improvement:

• Analyzing user behavior to improve platform functionality
• Optimizing website performance and user experience
• Developing new features and services
• Measuring marketing campaign effectiveness

2.3 Legal and Security Purposes

Fraud Prevention and Security:

• Detecting and preventing fraudulent transactions
• Monitoring for suspicious account activity
• Implementing security measures and access controls
• Protecting against cyber threats and data breaches

Legal Compliance:

• Complying with UAE federal and emirate regulations
• Meeting tax and financial reporting requirements
• Responding to legal requests and court orders
• Maintaining records as required by law

3.Information Sharing and Disclosure

3.1 Approved Vendors and Service Providers

Vendor Partners:We share minimal necessary information with our approved vendors to facilitate service delivery:

• Customer name and contact details for voucher redemption
• Purchase details and voucher specifications
• Special requirements or preferences you've indicated

Essential Service Providers:

• Stripe:Payment processing and transaction security
• Cloud Hosting Services:Secure data storage and platform hosting
• Email Service Providers:Transactional and marketing communications
• Analytics Providers:Website performance and user behavior analysis

3.2 Marketing and Affiliate Partners

Limited Data Sharing:We may share aggregated, non-personally identifiable information with:

• Affiliate partners for commission tracking
• Advertising networks for targeted marketing campaigns
• Market research companies for industry analysis
• Business intelligence providers for performance metrics

3.3 Legal and Regulatory Disclosure

Mandatory Disclosure:We may disclose your personal information when required by:

• UAE federal laws and regulations
• Emirate-specific legal requirements
• Court orders, subpoenas, or legal processes
• Government agencies for regulatory compliance
• Law enforcement for investigation purposes

Business Transfers:In the event of a merger, acquisition, or sale of business assets, your information may be transferred to the new entity, subject to the same privacy protections.

4. Data Security and Protection

4.1 Technical Safeguards

Encryption and Security:

• SSL/TLS encryption for all data transmission
• Advanced encryption for stored sensitive data
• Secure API connections with all third-party services
• Regular security audits and vulnerability assessments
• Multi-factor authentication for administrative access

Access Controls:

• Role-based access restrictions to personal data
• Regular access reviews and permission updates
• Secure employee authentication systems
• Audit logs for all data access activities

4.2 Operational Security

Data Handling Procedures:

• Staff training on privacy and data protection
• Confidentiality agreements with all employees
• Incident response procedures for data breaches
• Regular backup and disaster recovery protocols
• Secure disposal of outdated equipment and data

Session Management:

• Automatic session timeout after 2 hours of inactivity
• Secure session token generation and management
• Protection against session hijacking and fixation
• Regular session security monitoring

5. Data Retention and Deletion

5.1 Retention Periods

Active Accounts:

• Account information: Retained while account is active
• Transaction history: Retained for 7 years for financial compliance
• Communication records: Retained for 3 years
• Technical logs: Retained for 1 year

Closed Accounts:

• Essential data: Retained for 7 years for legal compliance
• Marketing data: Deleted within 30 days of account closure
• Technical data: Anonymized after 1 year
• Backup data: Permanently deleted within 12 months

5.2 Data Deletion

Automatic Deletion:

• Inactive accounts after 3 years of no activity
• Marketing data upon opt-out request
• Session data after timeout expiration
• Regular backup and disaster recovery protocols
• Temporary files after processing completion

6. Your Privacy Rights and Choices

6.1 Access and Control Rights

Data Subject Rights:

• Access: Request copies of your personal information
• Rectification:Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a structured format
• Restriction: Limit processing of your personal data
• Objection: Object to certain types of data processing

How to Exercise Your Rights: Submit requests through:

• Account settings dashboard
• Email to privacy@nearbyvouchers.com
• Online privacy request form

6.2 Marketing and Communication Preferences

Email Marketing:

• Opt-in required for promotional communications
• Easy unsubscribe option in every marketing email
• Granular control over types of communications
• Immediate processing of opt-out requests

Essential Communications: You cannot opt out of:

• Transaction confirmations and receipts
• Account security notifications
• Important service updates
• Legal notices and policy changes

6.3 Cookie Management

Cookie Controls:

• Browser settings for cookie preferences
• Website cookie consent management tool
• Opt-out options for advertising cookies
• Session cookie automatic expiration (2 hours)

7. International Data Transfers

7.1 Transfer Safeguards

When transferring your data outside the UAE, we ensure:

• Adequacy Decisions:Transfers only to countries with adequate protection
• Standard Contractual Clauses: Legal agreements with international partners
• Binding Corporate Rules: Internal policies for data protection
• Your Consent: Explicit consent for specific transfers when required

7.2 Third-Party Processors

International Services:

• Stripe: Payment processing (complies with international standards)
• Cloud Providers: Data hosting with UAE presence or adequate safeguards
• Analytics Services: Anonymized data processing only
• Marketing Platforms:Consent-based data processing

8. Special Provisions

8.1 Minors' Privacy

Age Restrictions:

• Platform not intended for users under 18 years
• Active monitoring for underage account creation
• Immediate deletion of identified minor accounts
• Parental notification procedures when applicable

8.2 Sensitive Data

Special Categories:We do not intentionally collect:

• Religious or philosophical beliefs
• Political opinions
• Health or medical information
• Biometric or genetic data

If such data is inadvertently collected, it will be deleted immediately upon identification.

9. Cookies and Tracking Policy

9.1 Types of Cookies We Use

Essential Cookies (Always Active):

• Authentication and security cookies
• Session management cookies (2-hour timeout)
• Load balancing and performance cookies
• Shopping cart and transaction cookies

Analytics Cookies (Consent Required):

• Google Analytics for website usage statistics
• Performance monitoring cookies
• Error tracking and debugging cookies
• User experience optimization cookies

Marketing Cookies (Consent Required):

• Advertising personalization cookies
• Conversion tracking cookiess
• Social media integration cookies
• Remarketing and retargeting cookies

9.2 Cookie Management

Your Choices:

• Accept all cookies for full functionality
• Accept only essential cookies
• Customize cookie preferences by category
• Withdraw consent at any time through settings

10. Third-Party Services and Links

10.1 External Links

Our website may contain links to third-party websites. We are not responsible for:

• Privacy practices of external websites
• Content or services provided by third parties
• Data collection by linked websites
• Security of third-party platforms

Recommendation:Review privacy policies of any external websites before providing personal information.

10.2 Social Media Integration

Social Features:

• Social media sharing buttons
• Social login options (if available)
• Customer review integration
• Community features and forums

Data Sharing: We only share data with social media platforms based on your explicit actions and consent.

11. Data Breach Notification

11.1 Breach Response Procedures

Immediate Response:

• Immediate investigation and containment
• Assessment of breach scope and impact
• Implementation of corrective measures
• Documentation of incident details

Notification Timeline:

• Regulatory notification within 72 hours (if required)
• User notification without undue delay for high-risk breaches
• Public disclosure if legally mandated
• Regular updates on remediation progress

11.2 User Protection Measures

Breach Support:

• Credit monitoring services (if applicable)
• Password reset requirements
• Enhanced security recommendations
• Dedicated support for affected users

12. Compliance and Legal Framework

12.1 UAE Data Protection Laws

Primary Legislation:

• UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection
• UAE Cybercrime Law (Federal Decree-Law No. 5 of 2012)
• UAE Consumer Protection Law
• UAE Electronic Transactions Law

Emirate-Specific Regulations:

• Dubai Data Protection Law (where applicable)
• Abu Dhabi Data Protection Regulations (where applicable)
• Free Zone specific data protection requirements

12.2 International Standards

Compliance Framework:

• ISO 27001 Information Security Management
• Payment Card Industry (PCI) compliance through Stripe
• General Data Protection Regulation (GDPR) principles
• Industry best practices for data protection

13. Updates and Changes

13.1 Policy Updates

Website-Only Notification:

• Privacy policy updates will be communicated exclusively through our website
• Prominent banner notification on website homepage for 30 days
• Updated effective date clearly displayed on privacy policy page
• Archive of previous policy versions available on our website
• No email, phone, or other external notifications will be sent

Policy Review Requirement:

• Users must review and accept the updated privacy policy before proceeding with transactions
• Account creation process requires visiting and accepting the current privacy policy
• Existing users will be prompted to review policy updates during their next login or transaction attempt

Significant Changes:

• 30-day advance website notice for material changes
• Option to close account if you disagree with changes
• Continued use implies acceptance of updates after mandatory review
• Right to withdraw consent for new processing purposes

13.2 Regular Reviews

Policy Maintenance:

• Annual comprehensive policy review
• Quarterly compliance assessments
• Regular updates based on legal changes
• User feedback incorporation

14. Contact Information and Support

14.1 Privacy Inquiries

Data Protection Officer:

• Email:privacy@nearbyvouchers.com
• Response Time: Within 3 business days
• Languages: English only
• Business Hours: Sunday to Thursday, 9 AM to 6 PM UAE Time

14.2 General Support

Customer Service:

• Email:support@nearbyvouchers.com
• Website:https://www.nearbyvouchers.com/contact
• Response Time: Within 24 hours
• Languages: English only

14.3 Regulatory Contacts

UAE Regulatory Authority:

• Telecommunications and Digital Government Regulatory Authority (TDRA)
• UAE Central Bank (for payment-related matters)
• Ministry of Economy (for consumer protection)

Complaints Process:

1. Contact our Data Protection Officer first
2. Allow 30 days for internal resolution
3. Escalate to relevant regulatory authority if unsatisfied
4. Seek legal advice for unresolved disputes

15. Final Provisions

15.1 Interpretation

Policy Interpretation:

• This policy is written in English only
• Legal terms have their standard meanings under UAE law
• Headings are for convenience and do not affect interpretation
• Individual provisions remain valid even if others are invalid

15.2 Effective Date and Acknowledgment

Mandatory Policy Review:Before creating an account or making any transaction on our platform, you must:

• Visit and read this Privacy Policy in full
• Explicitly acknowledge that you have reviewed the policy
• Accept the terms of data collection and processing described herein
• Confirm your understanding of your rights and our practices

Acceptance: By completing account creation or transaction processes, you acknowledge that you have:

• Read and understood this Privacy Policy by visiting this page
• Reviewed the current version dated June 4, 2025
• Agree to the collection and use of your information as described
• Understood your rights and how to exercise them
• Agreed to receive essential transactional communications

Policy Update Compliance:

• You agree to check this privacy policy page for updates
• Website-only notifications will be provided for policy changes
• You must review and accept updated policies before proceeding with new transactions
• Failure to accept updated policies will restrict access to certain services

Contact for Clarification: If any part of this policy is unclear, please contact us at privacy@nearbyvouchers.com before using our services.