Phone: +971 54 776 7606
DA design
Personal Data Processing Policy
Privacy Policy
- General Provisions
1.1. The Operator considers the protection of human and civil rights and freedoms in the processing of personal data as one of its primary goals and essential conditions for conducting its activities, including the protection of the right to privacy, personal, and family secrets.
1.2. This policy regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may collect about visitors to the website https://dadesignworks.com.
2. Basic Concepts Used in the Policy
2.1. Automated Processing of Personal Data — Processing of personal data using computer technology.
2.2. Blocking of Personal Data — Temporary suspension of the processing of personal data (except in cases where processing is necessary to clarify personal data).
2.3. Website — A set of graphic and informational materials, as well as computer programs and databases, that ensure their availability on the Internet at the network address https://dadesignworks.com.
2.4. Personal Data Information System — A set of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Depersonalization of Personal Data — Actions that result in the inability to determine, without using additional information, the identity of personal data with a specific User or other subject of personal data.
2.6. Processing of Personal Data — Any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — A governmental body, municipal body, legal entity, or individual, independently or jointly with other persons, that organizes and/or processes personal data, as well as determines the purposes of processing personal data, the composition of personal data to be processed, and the actions (operations) performed with personal data.
2.8. Personal Data — Any information related directly or indirectly to a specific or identifiable User of the website https://dadesignworks.com.
2.9. Personal Data Authorized by the Subject of Personal Data for Dissemination — Personal data that is made accessible to an unlimited number of persons by the subject of personal data by giving consent to the processing of personal data authorized for dissemination in accordance with the relevant laws and regulations.
2.10. User — Any visitor to the website https://dadesignworks.com.
2.11. Provision of Personal Data — Actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Dissemination of Personal Data — Any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or making personal data available to an unlimited number of persons, including disclosure of personal data in the media, posting on information and telecommunications networks, or providing access to personal data in any other way.
2.13. Cross-Border Transfer of Personal Data — The transfer of personal data to the territory of a foreign state, to a foreign state authority, a foreign individual, or a foreign legal entity.
2.14. Destruction of Personal Data — Any actions resulting in the permanent destruction of personal data, making it impossible to restore the content of personal data in the personal data information system and/or destroying the material carriers of personal data.
2.1. Automated Processing of Personal Data — Processing of personal data using computer technology.
2.2. Blocking of Personal Data — Temporary suspension of the processing of personal data (except in cases where processing is necessary to clarify personal data).
2.3. Website — A set of graphic and informational materials, as well as computer programs and databases, that ensure their availability on the Internet at the network address https://dadesignworks.com.
2.4. Personal Data Information System — A set of personal data contained in databases and information technologies and technical means that ensure their processing.
2.5. Depersonalization of Personal Data — Actions that result in the inability to determine, without using additional information, the identity of personal data with a specific User or other subject of personal data.
2.6. Processing of Personal Data — Any action (operation) or set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, and destruction of personal data.
2.7. Operator — A governmental body, municipal body, legal entity, or individual, independently or jointly with other persons, that organizes and/or processes personal data, as well as determines the purposes of processing personal data, the composition of personal data to be processed, and the actions (operations) performed with personal data.
2.8. Personal Data — Any information related directly or indirectly to a specific or identifiable User of the website https://dadesignworks.com.
2.9. Personal Data Authorized by the Subject of Personal Data for Dissemination — Personal data that is made accessible to an unlimited number of persons by the subject of personal data by giving consent to the processing of personal data authorized for dissemination in accordance with the relevant laws and regulations.
2.10. User — Any visitor to the website https://dadesignworks.com.
2.11. Provision of Personal Data — Actions aimed at disclosing personal data to a specific person or a specific group of persons.
2.12. Dissemination of Personal Data — Any actions aimed at disclosing personal data to an indefinite number of persons (transfer of personal data) or making personal data available to an unlimited number of persons, including disclosure of personal data in the media, posting on information and telecommunications networks, or providing access to personal data in any other way.
2.13. Cross-Border Transfer of Personal Data — The transfer of personal data to the territory of a foreign state, to a foreign state authority, a foreign individual, or a foreign legal entity.
2.14. Destruction of Personal Data — Any actions resulting in the permanent destruction of personal data, making it impossible to restore the content of personal data in the personal data information system and/or destroying the material carriers of personal data.
3. Basic Rights and Obligations of the Operator
3.1. The Operator has the right to:
- Receive accurate information and/or documents containing personal data from the subject of personal data.
- Continue processing personal data without the consent of the personal data subject if there are legal grounds specified in the relevant data protection laws, even if the subject withdraws consent or requests termination of processing.
- Independently determine the necessary and sufficient measures to ensure compliance with the obligations set forth by the relevant data protection laws and associated regulatory legal acts, unless otherwise provided by applicable law.
3.2. The Operator is obliged to:
- Provide the subject of personal data, upon their request, with information regarding the processing of their personal data.
- Organize the processing of personal data in accordance with the current legislation of the United Arab Emirates.
- Respond to requests from personal data subjects and their legal representatives in accordance with the requirements of applicable data protection laws.
- Inform the relevant authority responsible for the protection of personal data rights, providing the necessary information within 10 days of receiving such a request.
- Publish or otherwise make this Policy on the processing of personal data readily accessible.
- Implement legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, dissemination, or any other unlawful actions concerning personal data.
- Cease the transfer, distribution, provision, or access to personal data, stop processing, and destroy personal data in the manner and cases provided for by the relevant data protection laws.
- Fulfill other obligations as required by applicable data protection laws.
3.1. The Operator has the right to:
- Receive accurate information and/or documents containing personal data from the subject of personal data.
- Continue processing personal data without the consent of the personal data subject if there are legal grounds specified in the relevant data protection laws, even if the subject withdraws consent or requests termination of processing.
- Independently determine the necessary and sufficient measures to ensure compliance with the obligations set forth by the relevant data protection laws and associated regulatory legal acts, unless otherwise provided by applicable law.
3.2. The Operator is obliged to:
- Provide the subject of personal data, upon their request, with information regarding the processing of their personal data.
- Organize the processing of personal data in accordance with the current legislation of the United Arab Emirates.
- Respond to requests from personal data subjects and their legal representatives in accordance with the requirements of applicable data protection laws.
- Inform the relevant authority responsible for the protection of personal data rights, providing the necessary information within 10 days of receiving such a request.
- Publish or otherwise make this Policy on the processing of personal data readily accessible.
- Implement legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, dissemination, or any other unlawful actions concerning personal data.
- Cease the transfer, distribution, provision, or access to personal data, stop processing, and destroy personal data in the manner and cases provided for by the relevant data protection laws.
- Fulfill other obligations as required by applicable data protection laws.
4. Basic Rights and Obligations of Personal Data Subjects
4.1. Personal Data Subjects have the right to:
- Receive information regarding the processing of their personal data, except in cases provided for by applicable laws. The information is provided by the Operator in an accessible form and should not include personal data related to other individuals unless there are legitimate grounds for such disclosure. The list of information and the procedure for obtaining it are established by the relevant data protection laws.
- Request that the Operator correct, block, or destroy their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing. They may also take legal measures to protect their rights.
- Require prior consent when processing their personal data for the purpose of marketing goods, services, and works.
- Withdraw consent to the processing of personal data and request the termination of such processing.
- Appeal to the authorized body for the protection of personal data rights or to a court against unlawful actions or inactions by the Operator during the processing of their personal data.
- Exercise other rights provided for by the legislation of the United Arab Emirates.
4.2. Personal Data Subjects are obliged to:
- Provide the Operator with accurate and truthful data about themselves.
- Inform the Operator of any updates or changes to their personal data.
4.3. Liability:
Persons who provide the Operator with false information about themselves or provide information about another individual without that individual's consent are liable in accordance with the relevant legislation.
4.1. Personal Data Subjects have the right to:
- Receive information regarding the processing of their personal data, except in cases provided for by applicable laws. The information is provided by the Operator in an accessible form and should not include personal data related to other individuals unless there are legitimate grounds for such disclosure. The list of information and the procedure for obtaining it are established by the relevant data protection laws.
- Request that the Operator correct, block, or destroy their personal data if it is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the stated purpose of processing. They may also take legal measures to protect their rights.
- Require prior consent when processing their personal data for the purpose of marketing goods, services, and works.
- Withdraw consent to the processing of personal data and request the termination of such processing.
- Appeal to the authorized body for the protection of personal data rights or to a court against unlawful actions or inactions by the Operator during the processing of their personal data.
- Exercise other rights provided for by the legislation of the United Arab Emirates.
4.2. Personal Data Subjects are obliged to:
- Provide the Operator with accurate and truthful data about themselves.
- Inform the Operator of any updates or changes to their personal data.
4.3. Liability:
Persons who provide the Operator with false information about themselves or provide information about another individual without that individual's consent are liable in accordance with the relevant legislation.
5. Principles of Personal Data Processing
5.1. Lawfulness and Fairness
The processing of personal data is conducted on a lawful and fair basis.
5.2. Purpose Limitation
The processing of personal data is restricted to achieving specific, predetermined, and legitimate purposes. Processing that is incompatible with the purposes for which the personal data was originally collected is not permitted.
5.3. Data Segregation
It is prohibited to combine databases containing personal data if the purposes of processing are incompatible with each other.
5.4. Relevance to Purpose
Only personal data that are relevant and necessary for achieving the purposes of their processing are subject to processing.
5.5. Data Minimization
The content and volume of personal data being processed must correspond to the stated purposes. The processing of excessive personal data in relation to these purposes is not allowed.
5.6. Data Accuracy and Timeliness
When processing personal data, accuracy, sufficiency, and relevance to the purposes of processing are ensured. The Operator takes necessary measures, or ensures such measures are taken, to delete or correct any incomplete or inaccurate data.
5.7. Storage Limitation
Personal data is stored in a form that allows identifying the data subject for no longer than is necessary for the purposes of processing, unless a longer storage period is required by applicable law or by an agreement to which the data subject is a party, beneficiary, or guarantor. Once the purposes of processing have been achieved, or if the need to achieve these purposes is lost, the processed personal data must be destroyed or anonymized, unless otherwise required by applicable law.
5.1. Lawfulness and Fairness
The processing of personal data is conducted on a lawful and fair basis.
5.2. Purpose Limitation
The processing of personal data is restricted to achieving specific, predetermined, and legitimate purposes. Processing that is incompatible with the purposes for which the personal data was originally collected is not permitted.
5.3. Data Segregation
It is prohibited to combine databases containing personal data if the purposes of processing are incompatible with each other.
5.4. Relevance to Purpose
Only personal data that are relevant and necessary for achieving the purposes of their processing are subject to processing.
5.5. Data Minimization
The content and volume of personal data being processed must correspond to the stated purposes. The processing of excessive personal data in relation to these purposes is not allowed.
5.6. Data Accuracy and Timeliness
When processing personal data, accuracy, sufficiency, and relevance to the purposes of processing are ensured. The Operator takes necessary measures, or ensures such measures are taken, to delete or correct any incomplete or inaccurate data.
5.7. Storage Limitation
Personal data is stored in a form that allows identifying the data subject for no longer than is necessary for the purposes of processing, unless a longer storage period is required by applicable law or by an agreement to which the data subject is a party, beneficiary, or guarantor. Once the purposes of processing have been achieved, or if the need to achieve these purposes is lost, the processed personal data must be destroyed or anonymized, unless otherwise required by applicable law.
6.Purposes of Personal Data Processing
- Purpose of Processing:
Providing the User with access to services, information, and/or materials available on the website.
- Personal Data:
- Last name, first name, and patronymic (if applicable)
- Email address
- Phone numbers
- Legal Grounds:
- The Operator's charter (founding) documents
- Types of Personal Data Processing:
- Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data.
- Purpose of Processing:
Providing the User with access to services, information, and/or materials available on the website.
- Personal Data:
- Last name, first name, and patronymic (if applicable)
- Email address
- Phone numbers
- Legal Grounds:
- The Operator's charter (founding) documents
- Types of Personal Data Processing:
- Collection, recording, systematization, accumulation, storage, destruction, and anonymization of personal data.
7. Conditions for Personal Data Processing
7.1. Consent-Based Processing
Personal data processing is carried out with the consent of the data subject for the processing of their personal data.
7.2. Legal Requirements
Personal data processing is necessary for achieving purposes defined by international treaties to which the United Arab Emirates is a party, or by law, in order to fulfill functions, powers, and obligations imposed by UAE legislation on the Operator.
7.3. Judicial and Legal Compliance
Personal data processing is necessary for the administration of justice, execution of a judicial act, or the act of another authority or official that must be executed in accordance with UAE enforcement legislation.
7.4. Contractual Obligations
Personal data processing is necessary for the performance of a contract where the data subject is a party, beneficiary, or guarantor, or for entering into a contract at the request of the data subject, or a contract where the data subject will act as a beneficiary or guarantor.
7.5. Legitimate Interests and Public Goals
Personal data processing is necessary for the exercise of the Operator’s or third parties’ rights and legitimate interests, or to achieve public objectives, provided that such processing does not violate the rights and freedoms of the data subject.
7.6. Publicly Accessible Data
Personal data processing includes data for which access has been granted to an unlimited number of persons by the data subject or upon their request (hereinafter referred to as publicly accessible personal data).
7.7. Mandatory Disclosure
Personal data processing is carried out for data that must be published or disclosed in accordance with federal law.
7.1. Consent-Based Processing
Personal data processing is carried out with the consent of the data subject for the processing of their personal data.
7.2. Legal Requirements
Personal data processing is necessary for achieving purposes defined by international treaties to which the United Arab Emirates is a party, or by law, in order to fulfill functions, powers, and obligations imposed by UAE legislation on the Operator.
7.3. Judicial and Legal Compliance
Personal data processing is necessary for the administration of justice, execution of a judicial act, or the act of another authority or official that must be executed in accordance with UAE enforcement legislation.
7.4. Contractual Obligations
Personal data processing is necessary for the performance of a contract where the data subject is a party, beneficiary, or guarantor, or for entering into a contract at the request of the data subject, or a contract where the data subject will act as a beneficiary or guarantor.
7.5. Legitimate Interests and Public Goals
Personal data processing is necessary for the exercise of the Operator’s or third parties’ rights and legitimate interests, or to achieve public objectives, provided that such processing does not violate the rights and freedoms of the data subject.
7.6. Publicly Accessible Data
Personal data processing includes data for which access has been granted to an unlimited number of persons by the data subject or upon their request (hereinafter referred to as publicly accessible personal data).
7.7. Mandatory Disclosure
Personal data processing is carried out for data that must be published or disclosed in accordance with federal law.
8. Procedure for Collection, Storage, Transfer, and Other Types of Personal Data Processing
The security of personal data processed by the Operator is ensured through the implementation of legal, organizational, and technical measures necessary to fully comply with the requirements of applicable data protection laws.
8.1. Data Security
The Operator ensures the protection of personal data and takes all possible measures to prevent unauthorized access to personal data by third parties.
8.2. Data Sharing
Personal data of Users will not be transferred to third parties under any circumstances, except in cases required by applicable laws or if the data subject has given consent to the Operator for the transfer of data to a third party for the performance of obligations under a civil-law contract.
8.3. Data Accuracy
If inaccuracies are identified in personal data, the User can update their data independently by sending a notification to the Operator at dellalimov@gmail.com with the subject line "Personal Data Update."
8.4. Data Retention
The period for processing personal data is determined by the achievement of the purposes for which the personal data was collected, unless a different period is specified by a contract or applicable legislation. The User may withdraw their consent for the processing of personal data at any time by sending a notification to the Operator via email at dellalimov@gmail.com with the subject line "Withdrawal of Consent for Data Processing."
8.5. Third-Party Services
Any information collected by third-party services, including payment systems, communication tools, and other service providers, is stored and processed by these parties (Operators) in accordance with their User Agreements and Privacy Policies. The data subject should review these documents. The Operator is not responsible for the actions of third parties, including the service providers mentioned in this section.
8.6. Restrictions on Data Transmission
Restrictions set by the data subject on the transfer (except for providing access) and processing or conditions of processing (except for access) of personal data authorized for dissemination do not apply in cases of processing personal data in governmental, public, and other public interests as defined by UAE legislation.
8.7. Confidentiality
The Operator ensures the confidentiality of personal data during processing.
8.8. Data Storage
Personal data is stored in a form that allows the identification of the data subject for no longer than necessary to achieve the purposes of processing, unless the storage period is specified by federal law, or a contract to which the data subject is a party, beneficiary, or guarantor.
8.9. Termination of Data Processing
Processing of personal data may be terminated upon the achievement of processing purposes, expiration of consent, withdrawal of consent by the data subject, or upon discovery of unlawful processing of personal data.
The security of personal data processed by the Operator is ensured through the implementation of legal, organizational, and technical measures necessary to fully comply with the requirements of applicable data protection laws.
8.1. Data Security
The Operator ensures the protection of personal data and takes all possible measures to prevent unauthorized access to personal data by third parties.
8.2. Data Sharing
Personal data of Users will not be transferred to third parties under any circumstances, except in cases required by applicable laws or if the data subject has given consent to the Operator for the transfer of data to a third party for the performance of obligations under a civil-law contract.
8.3. Data Accuracy
If inaccuracies are identified in personal data, the User can update their data independently by sending a notification to the Operator at dellalimov@gmail.com with the subject line "Personal Data Update."
8.4. Data Retention
The period for processing personal data is determined by the achievement of the purposes for which the personal data was collected, unless a different period is specified by a contract or applicable legislation. The User may withdraw their consent for the processing of personal data at any time by sending a notification to the Operator via email at dellalimov@gmail.com with the subject line "Withdrawal of Consent for Data Processing."
8.5. Third-Party Services
Any information collected by third-party services, including payment systems, communication tools, and other service providers, is stored and processed by these parties (Operators) in accordance with their User Agreements and Privacy Policies. The data subject should review these documents. The Operator is not responsible for the actions of third parties, including the service providers mentioned in this section.
8.6. Restrictions on Data Transmission
Restrictions set by the data subject on the transfer (except for providing access) and processing or conditions of processing (except for access) of personal data authorized for dissemination do not apply in cases of processing personal data in governmental, public, and other public interests as defined by UAE legislation.
8.7. Confidentiality
The Operator ensures the confidentiality of personal data during processing.
8.8. Data Storage
Personal data is stored in a form that allows the identification of the data subject for no longer than necessary to achieve the purposes of processing, unless the storage period is specified by federal law, or a contract to which the data subject is a party, beneficiary, or guarantor.
8.9. Termination of Data Processing
Processing of personal data may be terminated upon the achievement of processing purposes, expiration of consent, withdrawal of consent by the data subject, or upon discovery of unlawful processing of personal data.
9. Actions Performed by the Operator with Collected Personal Data
9.1. Data Handling
The Operator performs the following actions with the collected personal data:
The Operator carries out automated processing of personal data, which may include the receipt and/or transfer of the obtained information via information and telecommunication networks or without such networks.
9.1. Data Handling
The Operator performs the following actions with the collected personal data:
- Collection
- Recording
- Systematization
- Accumulation
- Storage
- Clarification (including updating and modification)
- Extraction
- Use
- Transfer (including dissemination, provision, and access)
- Anonymization
- Blocking
- Deletion
- Destruction
The Operator carries out automated processing of personal data, which may include the receipt and/or transfer of the obtained information via information and telecommunication networks or without such networks.
10. Cross-Border Transfer of Personal Data
10.1. Notification Requirement
Before commencing cross-border transfer of personal data, the Operator must notify the authorized body responsible for protecting personal data rights of their intention to carry out such transfers. This notification must be submitted separately from any notifications related to the intention to process personal data.
10.2. Pre-Notification Obligations
Prior to submitting the aforementioned notification, the Operator must obtain relevant information from the foreign authorities, foreign individuals, or foreign legal entities to which the personal data will be transferred.
10.1. Notification Requirement
Before commencing cross-border transfer of personal data, the Operator must notify the authorized body responsible for protecting personal data rights of their intention to carry out such transfers. This notification must be submitted separately from any notifications related to the intention to process personal data.
10.2. Pre-Notification Obligations
Prior to submitting the aforementioned notification, the Operator must obtain relevant information from the foreign authorities, foreign individuals, or foreign legal entities to which the personal data will be transferred.
11. Confidentiality of Personal Data
The Operator, as well as any other individuals who gain access to personal data, are obligated to maintain the confidentiality of such data. They must not disclose or distribute personal data to third parties without the consent of the data subject, except as required by applicable federal laws.
The Operator, as well as any other individuals who gain access to personal data, are obligated to maintain the confidentiality of such data. They must not disclose or distribute personal data to third parties without the consent of the data subject, except as required by applicable federal laws.
12. Final Provisions
12.1. Inquiries and Clarifications
Users may obtain any clarifications regarding the processing of their personal data by contacting the Operator via email at info@dadesignworks.com .
12.2. Policy Updates
This document will reflect any changes to the Operator's personal data processing policy. The policy is effective indefinitely until replaced by a new version.
12.3. Access to the Policy
The current version of the Policy is available online at https://dadesignworks.com/privacy.
12.1. Inquiries and Clarifications
Users may obtain any clarifications regarding the processing of their personal data by contacting the Operator via email at info@dadesignworks.com .
12.2. Policy Updates
This document will reflect any changes to the Operator's personal data processing policy. The policy is effective indefinitely until replaced by a new version.
12.3. Access to the Policy
The current version of the Policy is available online at https://dadesignworks.com/privacy.