Privacy Policy

1. Introduction

UAE E-Invoice Pro ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.

This Privacy Policy is compliant with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data ("PDPL") and other applicable data protection laws and regulations in the United Arab Emirates.

By using the Platform, you consent to the data practices described in this policy.

2. Data Controller Information

3. Information We Collect

3.1 Information You Provide

• Account Information: Name, email address, phone number, password;
• Business Information: Company name, Trade License number, TRN, business address, bank details for invoicing;
• Invoice Data: Customer information, product/service descriptions, prices, tax calculations, payment terms;
• Communication Data: Correspondence with our support team, feedback, and survey responses;
• Payment Information: Billing address and payment method details (processed securely by Stripe).

3.2 Information Collected Automatically

• Device Information: IP address, browser type, operating system, device identifiers;
• Usage Data: Pages visited, features used, time spent, click patterns;
• Log Data: Access times, error logs, referring URLs;
• Cookies and Tracking: Session cookies, analytics cookies, preference cookies.

3.3 Information from Third Parties

• Payment Processors: Transaction confirmations and payment status;
• ASP Partners: Invoice transmission status and confirmations;
• Authentication Services: Verification data from identity providers.

4. How We Use Your Information

We process your personal data for the following purposes and legal bases:

4.1 Service Delivery (Contractual Necessity)

• Providing e-invoicing services;
• Processing and validating invoices;
• Transmitting invoices to ASPs;
• Managing your Account;
• Processing payments and subscriptions.

4.2 Legal Compliance (Legal Obligation)

• Complying with FTA regulations;
• Meeting tax record retention requirements;
• Responding to legal requests from authorities;
• Fraud prevention and detection.

4.3 Legitimate Interests

• Improving and optimizing the Platform;
• Analytics and performance monitoring;
• Customer support and communication;
• Security and fraud prevention.

4.4 With Your Consent

• Marketing communications;
• Optional analytics and cookies;
• Participation in surveys and research.

5. Data Sharing and Disclosure

We may share your information with:

5.1 Service Providers

• Cloud Infrastructure: Amazon Web Services (AWS) for hosting and storage;
• Payment Processing: Stripe for secure payment handling;
• ASP Partners: Accredited Service Providers for invoice transmission;
• Analytics: Service providers for platform analytics;
• Communication: Email service providers for transactional emails.

5.2 Legal Requirements

We may disclose information when required by:

• UAE Federal Tax Authority (FTA);
• Law enforcement or government authorities;
• Court orders or legal proceedings;
• Protection of rights, property, or safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. You will be notified of any such change.

6. International Data Transfers

Your data may be processed in countries outside the UAE. We ensure appropriate safeguards are in place, including:

• Data processing agreements with standard contractual clauses;
• Selection of service providers in jurisdictions with adequate data protection;
• Implementation of appropriate security measures;
• Compliance with UAE PDPL requirements for cross-border transfers.

7. Data Retention

We retain your data for the following periods:

8. Your Data Protection Rights

Under UAE PDPL and applicable laws, you have the following rights:

• Right of Access: Request a copy of your personal data;
• Right to Rectification: Request correction of inaccurate data;
• Right to Erasure: Request deletion of your data (subject to legal retention requirements);
• Right to Restrict Processing: Limit how we use your data;
• Right to Data Portability: Receive your data in a structured, machine-readable format;
• Right to Object: Object to processing based on legitimate interests;
• Right to Withdraw Consent: Withdraw consent at any time for consent-based processing;
• Right to Lodge a Complaint: File a complaint with the UAE Data Office if you believe your rights have been violated.

To exercise these rights, contact us at privacy@uae-einvoice.ae. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption: TLS 1.3 for data in transit, AES-256 for data at rest;
• Access Controls: Role-based access with multi-factor authentication;
• Infrastructure Security: AWS security controls, firewalls, intrusion detection;
• Monitoring: Continuous security monitoring and logging;
• Incident Response: Documented incident response procedures;
• Employee Training: Regular security awareness training;
• Audits: Regular security assessments and penetration testing.

10. Cookies and Tracking Technologies

We use cookies and similar technologies for:

You can manage cookie preferences through your browser settings or our cookie consent tool.

11. Children's Privacy

The Platform is intended for business use and not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will take steps to delete the information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or Platform notification at least 30 days before taking effect. The "Last Updated" date at the top indicates when the policy was last revised.

13. Contact Us

For privacy-related inquiries or to exercise your rights: