Privacy Policy.
Important Information
Information that SAV Collects
Your legal rights
SAV’s Use of the information
How SAV shares Users personal information
Extraterritorial data storage and data transfers
How to update your information
SAV’s use of Cookies and Persistent Local Data
Security precautions exercised by SAV
Contacting Us
Important Information
- This Privacy Policy, as amended or otherwise changed from time to time, explains the manner in which Sav Technologies Limited(including any subsidiaries and/or any affiliated entities: hereinafter collectively referred to as “SAV”, “we”, “us”, “our” or “SAV entity”) collects, uses, maintains, stores, transfers and discloses User information obtained through the SAV websites, mobile application and platforms or portals (all collectively termed “SAV Facilities”, “Facilities”, or “Services” for purposes of this Privacy Policy). This Privacy Policy should be read and interpreted together with the Terms and Conditions of SAV Facilities.
- We respect your privacy and aim to promote trust and confidence on the internet. As such, we feel it is necessary to disclose to you what data our Facilities collect and track, and further, what we do with the data that we collect or receive.
- Terms which are not defined in this Privacy Policy shall have the meanings ascribed to them in the Terms and Conditions of SAV Facilities.
- a. User Consent: refers to when you the visitor (hereinafter referred to as “User”, “you”, “your”) access and use any facility or content we own or operate in reference to the SAV Facilities, which is owned, operated, maintained or mandated under service by SAV, you as the User consent to the data practices prescribed in this Privacy Policy. This is further supported in your application for the creation of a User account, if applicable.
- b. Data Subject: means any person whose confidential and personally identifiable User data is being collected, processed, used, maintained, stored, transferred, disclosed, erased, or destroyed. For ease of understanding: You, as the User of the Facilities are the Data Subject.
- Since your Personal Data may also be processed from within the DIFC, be advised that you have the right to make a complaint at any time to the Commissioner of Data Protection at DIFC, in respect of an alleged infringement of the Data Protection law and/or your rights as a Data Subject under the Data Protection Law, however, we would appreciate the opportunity to address your concerns before you approach any such Authority (as appropriate), and so, please contact us in the first instance so that we may try to resolve your complaint amicably.
- Changes to this Privacy Policy: From time to time, SAV may revise, amend or supplement this Privacy Policy to reflect necessary changes, i.e. changes in law, our Personal Data collection and usage practices, the features of SAV Facilities, or certain advances in technology. If any material changes are made to this Privacy Policy, the changes will be prominently posted on the relevant SAV Facilities. SAV, however, requires that you (the User) occasionally familiarize yourself with the contents of this Privacy Agreement, for your own information. Changes to this Privacy Policy shall be communicated to you through a plain language summary 60 (sixty) days prior to their enforcement. If you disagree with any of the changes thereof, we suggest that you stop using the Facilities immediately.
- Please be advised that this Privacy Policy does not convey any information that we may receive about you through channels external to SAV’s Facilities, communication and data infrastructures, networks and/or systems.
- Please be advised that, Users data collected and processed through the DIFC, is done so in accordance with the relevant data minimization and purpose limitation principles, among others of the applicable laws and regulations.
- Please further be advised that, User data processed through the DIFC, is done so fairly, lawfully, securely, accurately, transparently, with the data being retained for no longer than is necessary and being processed only in accordance with your rights.
Information that SAV Collects
- SAV collects Personal Data and Anonymous Data of Data Subjects; and only in a manner as described below.
- a. Personal Data means data that allows someone to identify or contact you, including, for example: your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.
- b. Anonymous Data means data that is not associated with or linked to your Personal Data. Anonymous Data (i.e. encrypted data) does not, by itself, permit the identification of individual persons.
- c. Please note that: You will, generally, not be required to pay a fee to access your Personal Data (or to exercise any of the other rights), however, that we may charge a reasonable fee (determined at our sole discretion and which is payable by you, the User and/or Data Subject) if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under the aforementioned circumstances.
- d. Information which may be further required from you: We may need to request specific information from you to help us to confirm and verify your identity, so as to ensure that your rights to access your Personal Data or to exercise any of your other rights, as determined by contract, the law or otherwise. This is a security measure to ensure that Personal Data is not disclosed to any authorised person, who has no right to receive it. We may also contact you to ask you for further information in relation to your request, in order to speed up our response to any request received from you, when you exercise your rights.
- e. Information about criminal convictions or activities: When you register for or otherwise use our Services or facilities, we may receive information about your criminal convictions, when we perform certain necessary verification or compliance checks. We carry out these checks in order to detect and/or prevent any unlawful or fraudulent acts, as well as to comply with our legal obligations. Also, in the event of a violation of our Terms and Conditions in the use of our Facilities, or a violation of any restrictions on use of materials and information provided in or through our Facilities, we may disclose personal user information to our affected members and business partners, affected service agents, other affected third parties or legal authorities.
- f. If you fail, neglect and/or refuse to provide us with your Personal Data: Where we need to collect Personal Data by law, or under SAV’s Terms and Conditions, in contracting with you and if you fail to provide that data when requested, we may not be able to perform the services. In this case, SAV shall have the right to discontinue the User Services and/or may close your User account, however, we will notify you if this is the case at the time.
- Be advised that in usage of our Facilities, you consent to the following:
- a. We may collect Personal Data from you, such as your first and last name, e-mail and mailing addresses, date of birth, government issued identification, (including but not limited to address, employment, etc.
- b. We may also collect other Personal Data supplied by third-party entities (including Governmental authorised or mandated entities) and service providers / agents in the outsourcing of services, including, but not limited to third party identity verification services.
- c. If you tell us where you are (i.e. by allowing any of your devices, mobile device or computer to send us your geo-location), we may store that information.
- d. Certain services, such as two-factor authentication may require collection, use, processing, transfer and storage of your phone number and possibly other data. We may associate that phone number to your mobile device identification information.
- e. If you provide us feedback or contact us, we will collect your name and e-mail address, as well as any other content included in form in which it was received (i.e. the details and content of an email), in order to send you a reply or in to contact you.
- f. We also collect other types of Personal Data that you voluntarily provide to us when contacting us – i.e. in seeking support services via email, or calling us via the contact center, support chat room, or other information provided to support services staff.
- g. We may collect other data, including but not limited to referral Uniform Resource Locators (URLs), your location and analytics information related to the usage of our Facilities.
- h. Some information is collected automatically by our Facilities, including, but not limited to our websites, application, platform, networks and servers:
- h. Some information is collected automatically by our Facilities, including, but not limited to our websites, application, platform, networks and servers:
- i. Our servers (which may be hosted by a third-party service provider) collect information from you automatically, including your browser type, Internet service provider (ISP), referring/exit pages, operating system, Internet Protocol (IP) address, domain name, and/or a date and time stamp for your visit to our Facilities, as well as clickstream data.
- ii. We use Cookies to collect information. Cookies are selected pieces of information that a website or platform (included as our Facilities) sends to your device or computer’s hard drive, while you are viewing or using our Facilities.
- iii. We retain information on your behalf, including customer data, transactional data and other session data, linked to your User account.
Your legal rights
Your legal rights (User rights) and information that SAV collects.
- Under the Office of the Commissioner of Data Protection of the DIFC, responsible for administering the DIFC Data Protection Law, each Data Subject (in so far as these laws have application) broadly has the following rights:
- a. Right to be informed: This means that any DIFC registered company processing your Personal Data must make clear what they are processing, why, and who else the data may be passed/transferred to or shared with. You have the right to know who, why and how your Personal Data is processed or shared.
- b. Right to withdraw consent: If you wish for a DIFC registered company to stop processing your Personal Data, it is your right to withdraw consent, preventing the DIFC registered company from further processing the same Personal Data.
- c. Right to rectification: If you have provided your Personal Data to a DIFC registered company you have the right to request that the company corrects, rectifies or erases your personal information at any time.
- d. Right of access: this is your right to see what data is held about you by a DIFC registered company. You have the right to see what kind of data is held by us.
- e. Right to erasure: this is your right, under certain circumstances, whereby you can ask for your Personal Data to be deleted. This is also referred to ‘the Right to be Forgotten’. This would apply if the Personal Data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been expressly withdrawn, or where Personal Data has been unlawfully processed. Your right to ask for your Personal Data to be deleted, only under certain circumstances, especially if that data is no longer required by us for the purposes it was collected for processing the data you had expressly withdrawn or if the DIFC registered company has unlawfully processed your Personal Data.
- f. Right to object to processing: this is your right to object to the further processing of your data which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation and direct marketing.
- g. Right to restrict processing: this is your right to ask for a temporary halt or pause in processing of Personal Data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected. You right to request temporary halt or pause in processing of Personal Data, such as in the case where a dispute or legal case has to be concluded or the data has to be corrected.
- h. Right to data portability: this is your right to ask for any of your Personal Data supplied directly to the Data Controller to be provided to you in a structured, commonly used, and machine-readable or electronic format. Your right to request any of your Personal Data collected by us, in a structured, commonly used and machine-readable or electronic format.
- i. Rights in relation to automated decision making and profiling: Your right not to be subject to a decision based solely on automated processing.
- j. Right not to be discriminated against: This right refers to your right not to be discriminated against by Us. This right ensures that your Personal Data will not influence or affect Us and you are not denied any of our Services, charged a different rate for the Services, provided with a different quality of Service simply because of your Personal Data.
If you wish to exercise any of the rights set out above or any other laws concerning Personal Data (in so far as same is applicable), please contact us at contact@Sav.com
- Automated decisions: You may contest any automated decision made about you where this has a legal or similar significant effect and ask for it to be reconsidered.
- Time limit to respond to User requests in exercising the aforementioned rights: We aim respond to all legitimate requests without undue delay and within one (1) month calendar of receipt of any request from you. Occasionally it may take us longer than one (1) month if your request is particularly complex, or if you have made duplicated or numerous requests, but it shall in no scenario take us more than three (3) calendar months to respond to your legitimate data access requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).
- Children’s Privacy: If you’re under the age required to manage your own User account, you must have your parent or legal guardian’s permission to use a User account. Please have your parent or legal guardian read this Privacy Policy, together with the Terms and Conditions with you.
- a. If you’re a parent or legal guardian, and you allow your child to use the SAV services or access the SAV Facilities, then this Privacy Policy, together with the Terms and Conditions applies to you and you’re responsible for your child’s activity on the Facilities and/or Services.
- b. Be advised: Some of SAV’s Facilities and services will have additional age requirements and will not be available to minors. This will be specified in respect of each such service or Facility in SAV’s procedure of obtaining the required consent and permissions from Users. SAV does not and will not knowingly solicit or collect information from anyone who is not of legal age. Should we retrospectively become aware that a minor has provided us with personal information where such Services and / or Facilities are unavailable to minors, we will erase such information it immediately and close the related User account.
SAV’s Use of the information
- We will only use your Personal Data when and how the applicable laws allow us to. Most commonly, we will use your Personal Data in the following circumstances:
- a. Where we need to perform the services applicable under this Privacy Policy and Terms and Conditions;
- b. Where it is necessary for our legitimate interests but where such interests do not override your fundamental rights; and/or
- c. Where we need to comply with a legal or regulatory obligation.
- Marketing: We provide you with choices regarding the Personal Data that SAV uses, particularly concerning marketing and advertising. We have established the following Personal Data control mechanisms:
- a. Promotional offers from SAV: We may use your Personal Data to determine what may be of interest to you. This is how we decide which products, services, and offers may be relevant and of interest to you. By using our Facilities, using our services, registering a User account, in contacting us, in requesting information from us, you expressly opt-in to receive marketing communications from SAV.
- b. Right to be informed and to object: Please note, prior to disclosing such Personal Data to third parties for the purposes of marketing and advertising, we shall inform you and offer you the right to object to such disclosures.
- c. You can ask us to stop sending you marketing related material and/or communications at any time by following the opt-out links on any marketing message sent to you or by contacting us, at help@sav.com
- SAV may be compelled to surrender User information to legal authorities without express User consent, if presented with a Court Order or similar legal or administrative Order, or as required or permitted by the laws, rules, and regulations of any nation, state, or other applicable jurisdiction.
- Please be advised that we may process your Personal Data without your knowledge or consent where this is required or permitted by law. In general, the Personal Data which you submit to us is used either to respond to requests that you make, or to aid our service to you, the User.
- Please be advised that we may store and process your Personal Data for a period as required for you to be able to avail our Services, and for a reasonable period of time thereafter.
- We use your Personal Data in the following ways:
- a. To facilitate the creation of and to secure your User account on SAV Facilities and integrated facilities (where applicable).
- b. To prudently identify you and perform the necessary identity verification through our own efforts or through our partners or service providers.
- c. To provide improved administration of our Facilities.
- d. To improve the quality of your User experience when you interact with SAV Facilities.
- e. To send you a one-time password (OTP) to verify ownership of the e-mail address or the mobile number provided when your User account is created.
- f. To send you administrative notifications or other communications: i.e. User activity, security, support and maintenance or other advisory services, sent via In-App, Mobile SMS and/or Email.
- g. To identify, prevent, and report potentially suspicious, fraudulent, or illegal activities.
- h. To notify you about important changes or updates to SAV Facilities, and to respond to your inquiries or other requests received.
- All data collected automatically will be used to administer or improve our services, including the following:
- a. All automated data collected is used for administration purposes, as well as to improve services and user experience.
- b. We use IP address information to make our Facilities and Services more useful to you, and to perform identity verification.
- c. We use information from log files to analyse trends; operate, administer and maintain the Facilities; track Users’ movements and activity around and within the Facilities, gather demographic information about our User base as a whole, and better tailor our Services to our Users’ needs. Except as noted in this Privacy Policy, we do not link this automatically collected data to Personal Data.
- d. We use your Emirates ID Information provided and the data available on your Emirates Chip to verify your identity in your submitted form of identification during the onboarding and User registration or User account creation process. This technology collects information from your biometric data, and it shares this information with us. We use that information to verify your identity. We will store your biometric data for as long as is necessary to perform the services, and as long as the User account exists and will comply with applicable law relating hereto. By using the SAV Facilities and/or services you agree that SAV may collect your biometric data to perform identity verification.
- e. We may use both session / transient Cookies (which expire once you close your device web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on and in using our Facilities. This type of information is collected to make our Facilities more useful to you and to tailor the experience with us to meet your special interests and needs. Please further refer to our Cookies Policy.
- Data Retention: SAV adheres to all applicable legislative provisions and Data Protection laws of each jurisdiction it operates in; hence SAV shall retain and store a written Record of Processing Activities (“ROPA”) of how it processes all User specific data as recommended by the regulations. Such a ROPA shall include the purpose of our processing, what data types we process, the different parties who are recipients of such Personal Data, time limits of retention of Personal Data and a description of our security measures. Should any further information be required, please contact us at contact@sav.com
- Data protection impact assessment: In adhering to all applicable legislative provisions and data protection laws of each jurisdiction it operates in, SAV may carry out an assessment of the impact of the proposed processing operations on the protection of User Personal Data, considering the risks to your rights (“DPIA”). In accounting for the protection of commercial interests we shall seek a User’s input on the intended processing, if and where applicable. The outcome of such DPIA’s may result in the alteration and update of this Privacy Policy, at which point, we shall notify you. Should any further information be required, please contact us at contact@sav.com.
How SAV shares Users personal information
- We disclose your Personal Data, as described in this Privacy Policy.
- It may be necessary to disclose your information to law enforcement agencies, regulators, government/public officials, or other relevant third parties to comply with any law, subpoenas, court orders, government requests, to defend against legal claims, investigate or bring legal action against illegal or suspected illegal activities, to enforce our Terms and Conditions, or to protect the rights, safety, and security of SAV, our Users, other persons or the public.
- We may share your Personal Data with third parties and/or service providers, in so far as it may be necessary and in order to provide you with the services that we offer you through our Facilities and to conduct quality assurance testing; to facilitate the creation of User accounts; to provide technical support, operational support and maintenance services; to verify your identity; and/or to provide other services to SAV and any Facilities of SAV. These third-party service providers are required not to use your Personal Data for any purpose, other than to provide the services mandated by us.
- We may use social plugins, widgets and other features (“social networks” or “social features”) that are made available by and/or accessed through third party social networks. These social features allow these social networks to place Cookies on your browser and to collect certain information, which may be associated with your name, personal details and personal social network account. These social features are operated solely by the respective social networks, and their service providers, and we recommend that you carefully read their privacy policies before you decide to use them. We have no control over or access to the information collected, stored or used by such social networks, and the information practices of such social networks are not covered by this Privacy Policy. If you do not wish to associate any information collected via the plugins, widgets and/or other features with your personal social network account information, you should refrain from using these social features and logout from your social network account before any visit to or use of our facilities, or using our services.
- We may share some or all of your Personal Data with third parties (i.e. if SAV is acquired by a new owner) in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset forming part of SAV’s good will. If another company acquires SAV, its business or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations held by SAV regarding your Personal Data, as described in this Privacy Policy.
- SAV’s facilities or communications may contain links to other third-party websites which are not owned or operated by SAV and too, which are regulated by their own privacy policies. If you click on a third-party link, you will be directed to that third party’s site. SAV strongly advises you to review the privacy policy of every site you visit. SAV is not responsible for the privacy policies of these third-party websites, regardless as to whether they were accessed using the links from our facilities. SAV has no control over and assumes no liability for the content, privacy policies or practices of any third-party sites or services.
- Be advised: Other than as stated in this Privacy Policy, SAV does not disclose any of your personal information to any third parties, unless required to do so by law enforcement, court order, or in compliance with legal reporting obligations.
Extraterritorial data storage and data transfers
-
- We disclose your Personal Data, as described in this Privacy Policy.
- User Personal Data is stored and transferred in compliance with the applicable legislation or regulations of every applicable jurisdiction.
- We store and process your Personal Data in data centers located within the country in which SAV operates, or where we have our premises, or wherefrom we provide services or where SAV’s service providers are located, and we comply with the data protection regulations of these jurisdictions insofar as they apply to SAV.
- We may share your Personal Data within the SAV group of associated companies which are based in various locations globally.
- If you are based in the United Arab Emirates (“UAE”), this may involve storing and transferring your data outside of the United Arab Emirates, with adherence to relevant legal requirements – where applicable.
- If you are based anywhere else globally, this may involve storing and transferring your data globally, with adherence to relevant legal requirements, wherever and however applicable.
- In addition, hereto, many of our external third parties are also based outside of the aforementioned geographical regions and globally, so, their processing of your Personal Data will involve the transfer and storage of data outside the aforementioned territories. We reiterate that you, as the User, accepts that through the application for the creation of a User account, the terms of their individual privacy policies, cookies policies, as well as terms and conditions, as third-party service providers to SAV. Further we will take your express consent before sharing your Personal Data with any Data Processor located outside the DIFC.
- Some of the countries to which your Personal Data may be transferred do not benefit from an appropriate protection regulation. For such international countries, we shall have specific data-protection clauses in our agreements and arrangements with them, which adhere to those as adopted by the Commissioner of Data Protection at DIFC or other appropriate regulators.
- Whenever we transfer your Personal Data outside of the DIFC, the UAE or any other territory, we will ensure that a suitable degree of protection is afforded to it by ensuring that at least one (1) of the below listed safeguards is implemented:
-
- a. We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data.
- b. In respect of the DIFC Data Protection Law and Regulations relating to the transfer of Personal Data, transfers will be conducted in accordance with the applicable provisions of such Law and Regulations.
- Please contact us at contact@sav.com if you want further information on the specific mechanism used by us when transferring your Personal Data.
How to update your information
- We disclose your Personal Data, as described in this Privacy Policy.
- Whenever possible, you can update your Personal Data directly within your User account settings section, subject to verification by SAV. If you are unable to change your Personal Data, please contact us to make the required changes.
- If you wish for SAV to update your information, please contact us in making such a request.
- We will retain your information for as long as may be needed to provide you access to your User account and or Services of SAV, or for a reasonable period after you close your User account with SAV.
- If you wish to close your User account, you can do so from your User account setting session or you can contact us. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our Terms and Conditions.
SAV’s use of Cookies and Persistent Local Data
- Data collected automatically includes, but is not limited to Cookies, webpage counters and other analytics tools.
- Cookies are small data files that are collected automatically and stored on your device / computer’s hard drive.
- SAV collects web browser Information in order to enhance your User experience on our Facilities, as well as to track how the Facilities and Services are being used.
- We further use Cookies to identify and prevent fraudulent or illegal activity. The information collected by us can include, but is not limited to: your IP address, referral URLs, the type of device you use, your operating system, the type of browser you use, your geographic location, and other session data.
- Cookies are not permanent and will expire after a short time period of inactivity. Data collected via technical means, such as Cookies, webpage counters and other analytics tools, are normally kept for a period of up to one (1) year from expiry of the Cookie.
- You may opt to deactivate your Cookies, but it is important to note that you may not be able to access or use some features of our Facilities, should you do so, as such Cookies may enable certain functions thereon.
- Please note that SAV is not responsible and will not be held liable for any loss resulting from your decision or inability to use Cookies.
- Do Not Track (DNT) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third-parties. At this time, we do not respond to DNT signals.
- For more information about the Cookies we use, please see our Cookie Policy.
Security precautions exercised by SAV
Security precautions exercised by SAV for protection of your data:.
- We take the protection of your personal information seriously and in so doing, we use industry-standard data encryption technology and have implemented restrictions related to the storage of and the ability to access your personal information.
- All your personal information and sensitive data is stored in servers located within the country.
- SAV’s facilities are scanned on a regular basis for security holes and known vulnerabilities, in order to best ensure its security.
- Your Personal Data is contained behind secured networks and is only accessible by a limited number of individuals who have special access rights to such systems and are required to keep the information confidential.
- Please note that no transmission over the Internet or any method of electronic storage can be guaranteed to be absolutely 100% secure, however, our best endeavours will be made to secure data and the ability to access your personal information.
- Without prejudice to our efforts on protection of your Personal Data, nothing contained in this Privacy Policy constitutes a warranty of security of the facilities, and you agree to transmit data at your own risk. Please note, that SAV and the facilities do not guarantee that your data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
- We would like to draw your attention on the fact that SAV will never send you email or SMS or call you to ask for financial or payment information, such as your credit card number, passcode, User account number or pin number, in an e-mail, text or any other communication that we send to you. Please, always check that any website on which you are asked for financial or payment information in relation to our reservations or services is in fact legitimately owned or operated by SAV. The risk of impersonating hackers exists and should be taken into account when using our Facilities and/or Services.
- If you do receive any suspicious communication of any kind or request, do not provide your information and report it us by contacting our offices immediately. Please also immediately notify us if you become aware of any unauthorised access to or use of your User account.
- Since we cannot guarantee against any loss, misuse, unauthorised acquisition, or alteration of your data, please accept that you play a vital role in protecting your own Personal Data, including the adoption of sufficient safety measures such as your choosing of an appropriate password of sufficient length and complexity and to not reveal this password to any third-parties.
- Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us, or receive from us by Internet or wireless connection, including: email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. You can contact us if you have reason to believe that your data is no longer secure.
- Lastly, please note that should the security of your Personal Data be breached and the security of your rights be at high risk, we shall promptly and immediately communicate to you the nature of the breach which has taken place, the likely consequences of such a breach and shall describe thoroughly the measures we have implemented to address the breach and to mitigate any and all adverse effects to you and your rights. In the unlikely event of a breach occurring, please reach out to our CONTACT at contact@sav.com for further information and for further advise on how to mitigate the potential adverse effects of such a breach.
Contacting Us
Contacting Us:.
- If you have any questions about our Privacy Policy as outlined above, or if you have any complaints, please contact us at help@sav.com.
Privacy Policy.
1. Important Information.
- This Privacy Policy, as amended or otherwise changed from time to time, explains the manner in which Sav Technologies Limited(including any subsidiaries and/or any affiliated entities: hereinafter collectively referred to as “SAV”, “we”, “us”, “our” or “SAV entity”) collects, uses, maintains, stores, transfers and discloses User information obtained through the SAV websites, mobile application and platforms or portals (all collectively termed “SAV Facilities”, “Facilities”, or “Services” for purposes of this Privacy Policy). This Privacy Policy should be read and interpreted together with the Terms and Conditions of SAV Facilities.
- We respect your privacy and aim to promote trust and confidence on the internet. As such, we feel it is necessary to disclose to you what data our Facilities collect and track, and further, what we do with the data that we collect or receive.
- Terms which are not defined in this Privacy Policy shall have the meanings ascribed to them in the Terms and Conditions of SAV Facilities.
- a. User Consent: refers to when you the visitor (hereinafter referred to as “User”, “you”, “your”) access and use any facility or content we own or operate in reference to the SAV Facilities, which is owned, operated, maintained or mandated under service by SAV, you as the User consent to the data practices prescribed in this Privacy Policy. This is further supported in your application for the creation of a User account, if applicable.
- b. Data Subject: means any person whose confidential and personally identifiable User data is being collected, processed, used, maintained, stored, transferred, disclosed, erased, or destroyed. For ease of understanding: You, as the User of the Facilities are the Data Subject.
- Since your Personal Data may also be processed from within the DIFC, be advised that you have the right to make a complaint at any time to the Commissioner of Data Protection at DIFC, in respect of an alleged infringement of the Data Protection law and/or your rights as a Data Subject under the Data Protection Law, however, we would appreciate the opportunity to address your concerns before you approach any such Authority (as appropriate), and so, please contact us in the first instance so that we may try to resolve your complaint amicably.
- Changes to this Privacy Policy: From time to time, SAV may revise, amend or supplement this Privacy Policy to reflect necessary changes, i.e. changes in law, our Personal Data collection and usage practices, the features of SAV Facilities, or certain advances in technology. If any material changes are made to this Privacy Policy, the changes will be prominently posted on the relevant SAV Facilities. SAV, however, requires that you (the User) occasionally familiarize yourself with the contents of this Privacy Agreement, for your own information. Changes to this Privacy Policy shall be communicated to you through a plain language summary 60 (sixty) days prior to their enforcement. If you disagree with any of the changes thereof, we suggest that you stop using the Facilities immediately.
- Please be advised that this Privacy Policy does not convey any information that we may receive about you through channels external to SAV’s Facilities, communication and data infrastructures, networks and/or systems.
- Please be advised that, Users data collected and processed through the DIFC, is done so in accordance with the relevant data minimization and purpose limitation principles, among others of the applicable laws and regulations.
- Please further be advised that, User data processed through the DIFC, is done so fairly, lawfully, securely, accurately, transparently, with the data being retained for no longer than is necessary and being processed only in accordance with your rights.
2. Information that SAV Collects.
- SAV collects Personal Data and Anonymous Data of Data Subjects; and only in a manner as described below.
- a. Personal Data means data that allows someone to identify or contact you, including, for example: your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.
- b. Anonymous Data means data that is not associated with or linked to your Personal Data. Anonymous Data (i.e. encrypted data) does not, by itself, permit the identification of individual persons.
- c. Please note that: You will, generally, not be required to pay a fee to access your Personal Data (or to exercise any of the other rights), however, that we may charge a reasonable fee (determined at our sole discretion and which is payable by you, the User and/or Data Subject) if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under the aforementioned circumstances.
- d. Information which may be further required from you: We may need to request specific information from you to help us to confirm and verify your identity, so as to ensure that your rights to access your Personal Data or to exercise any of your other rights, as determined by contract, the law or otherwise. This is a security measure to ensure that Personal Data is not disclosed to any authorised person, who has no right to receive it. We may also contact you to ask you for further information in relation to your request, in order to speed up our response to any request received from you, when you exercise your rights.
- e. Information about criminal convictions or activities: When you register for or otherwise use our Services or facilities, we may receive information about your criminal convictions, when we perform certain necessary verification or compliance checks. We carry out these checks in order to detect and/or prevent any unlawful or fraudulent acts, as well as to comply with our legal obligations. Also, in the event of a violation of our Terms and Conditions in the use of our Facilities, or a violation of any restrictions on use of materials and information provided in or through our Facilities, we may disclose personal user information to our affected members and business partners, affected service agents, other affected third parties or legal authorities.
- f. If you fail, neglect and/or refuse to provide us with your Personal Data: Where we need to collect Personal Data by law, or under SAV’s Terms and Conditions, in contracting with you and if you fail to provide that data when requested, we may not be able to perform the services. In this case, SAV shall have the right to discontinue the User Services and/or may close your User account, however, we will notify you if this is the case at the time.
- Be advised that in usage of our Facilities, you consent to the following:
- a. We may collect Personal Data from you, such as your first and last name, e-mail and mailing addresses, date of birth, government issued identification, (including but not limited to address, employment, etc.
- b. We may also collect other Personal Data supplied by third-party entities (including Governmental authorised or mandated entities) and service providers / agents in the outsourcing of services, including, but not limited to third party identity verification services.
- c. If you tell us where you are (i.e. by allowing any of your devices, mobile device or computer to send us your geo-location), we may store that information.
- d. Certain services, such as two-factor authentication may require collection, use, processing, transfer and storage of your phone number and possibly other data. We may associate that phone number to your mobile device identification information.
- e. If you provide us feedback or contact us, we will collect your name and e-mail address, as well as any other content included in form in which it was received (i.e. the details and content of an email), in order to send you a reply or in to contact you.
- f. We also collect other types of Personal Data that you voluntarily provide to us when contacting us – i.e. in seeking support services via email, or calling us via the contact center, support chat room, or other information provided to support services staff.
- g. We may collect other data, including but not limited to referral Uniform Resource Locators (URLs), your location and analytics information related to the usage of our Facilities.
- h. Some information is collected automatically by our Facilities, including, but not limited to our websites, application, platform, networks and servers:
- h. Some information is collected automatically by our Facilities, including, but not limited to our websites, application, platform, networks and servers:
- i. Our servers (which may be hosted by a third-party service provider) collect information from you automatically, including your browser type, Internet service provider (ISP), referring/exit pages, operating system, Internet Protocol (IP) address, domain name, and/or a date and time stamp for your visit to our Facilities, as well as clickstream data.
- ii. We use Cookies to collect information. Cookies are selected pieces of information that a website or platform (included as our Facilities) sends to your device or computer’s hard drive, while you are viewing or using our Facilities.
- iii. We retain information on your behalf, including customer data, transactional data and other session data, linked to your User account.
3. Your legal rights (User rights) and information that SAV collects.
- Under the Office of the Commissioner of Data Protection of the DIFC, responsible for administering the DIFC Data Protection Law, each Data Subject (in so far as these laws have application) broadly has the following rights:
- a. Right to be informed: This means that any DIFC registered company processing your Personal Data must make clear what they are processing, why, and who else the data may be passed/transferred to or shared with. You have the right to know who, why and how your Personal Data is processed or shared.
- b. Right to withdraw consent: If you wish for a DIFC registered company to stop processing your Personal Data, it is your right to withdraw consent, preventing the DIFC registered company from further processing the same Personal Data.
- c. Right to rectification: If you have provided your Personal Data to a DIFC registered company you have the right to request that the company corrects, rectifies or erases your personal information at any time.
- d. Right of access: this is your right to see what data is held about you by a DIFC registered company. You have the right to see what kind of data is held by us.
- e. Right to erasure: this is your right, under certain circumstances, whereby you can ask for your Personal Data to be deleted. This is also referred to ‘the Right to be Forgotten’. This would apply if the Personal Data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been expressly withdrawn, or where Personal Data has been unlawfully processed. Your right to ask for your Personal Data to be deleted, only under certain circumstances, especially if that data is no longer required by us for the purposes it was collected for processing the data you had expressly withdrawn or if the DIFC registered company has unlawfully processed your Personal Data.
- f. Right to object to processing: this is your right to object to the further processing of your data which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation and direct marketing.
- g. Right to restrict processing: this is your right to ask for a temporary halt or pause in processing of Personal Data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected. You right to request temporary halt or pause in processing of Personal Data, such as in the case where a dispute or legal case has to be concluded or the data has to be corrected.
- h. Right to data portability: this is your right to ask for any of your Personal Data supplied directly to the Data Controller to be provided to you in a structured, commonly used, and machine-readable or electronic format. Your right to request any of your Personal Data collected by us, in a structured, commonly used and machine-readable or electronic format.
- i. Rights in relation to automated decision making and profiling: Your right not to be subject to a decision based solely on automated processing.
- j. Right not to be discriminated against: This right refers to your right not to be discriminated against by Us. This right ensures that your Personal Data will not influence or affect Us and you are not denied any of our Services, charged a different rate for the Services, provided with a different quality of Service simply because of your Personal Data.
If you wish to exercise any of the rights set out above or any other laws concerning Personal Data (in so far as same is applicable), please contact us at contact@Sav.com
- Automated decisions: You may contest any automated decision made about you where this has a legal or similar significant effect and ask for it to be reconsidered.
- Time limit to respond to User requests in exercising the aforementioned rights: We aim respond to all legitimate requests without undue delay and within one (1) month calendar of receipt of any request from you. Occasionally it may take us longer than one (1) month if your request is particularly complex, or if you have made duplicated or numerous requests, but it shall in no scenario take us more than three (3) calendar months to respond to your legitimate data access requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).
- Children’s Privacy: If you’re under the age required to manage your own User account, you must have your parent or legal guardian’s permission to use a User account. Please have your parent or legal guardian read this Privacy Policy, together with the Terms and Conditions with you.
- a. If you’re a parent or legal guardian, and you allow your child to use the SAV services or access the SAV Facilities, then this Privacy Policy, together with the Terms and Conditions applies to you and you’re responsible for your child’s activity on the Facilities and/or Services.
- b. Be advised: Some of SAV’s Facilities and services will have additional age requirements and will not be available to minors. This will be specified in respect of each such service or Facility in SAV’s procedure of obtaining the required consent and permissions from Users. SAV does not and will not knowingly solicit or collect information from anyone who is not of legal age. Should we retrospectively become aware that a minor has provided us with personal information where such Services and / or Facilities are unavailable to minors, we will erase such information it immediately and close the related User account.
4. SAV’s Use of the information it collects.
- We will only use your Personal Data when and how the applicable laws allow us to. Most commonly, we will use your Personal Data in the following circumstances:
- a. Where we need to perform the services applicable under this Privacy Policy and Terms and Conditions;
- b. Where it is necessary for our legitimate interests but where such interests do not override your fundamental rights; and/or
- c. Where we need to comply with a legal or regulatory obligation.
- Marketing: We provide you with choices regarding the Personal Data that SAV uses, particularly concerning marketing and advertising. We have established the following Personal Data control mechanisms:
- a. Promotional offers from SAV: We may use your Personal Data to determine what may be of interest to you. This is how we decide which products, services, and offers may be relevant and of interest to you. By using our Facilities, using our services, registering a User account, in contacting us, in requesting information from us, you expressly opt-in to receive marketing communications from SAV.
- b. Right to be informed and to object: Please note, prior to disclosing such Personal Data to third parties for the purposes of marketing and advertising, we shall inform you and offer you the right to object to such disclosures.
- c. You can ask us to stop sending you marketing related material and/or communications at any time by following the opt-out links on any marketing message sent to you or by contacting us, at help@sav.com
- SAV may be compelled to surrender User information to legal authorities without express User consent, if presented with a Court Order or similar legal or administrative Order, or as required or permitted by the laws, rules, and regulations of any nation, state, or other applicable jurisdiction.
- Please be advised that we may process your Personal Data without your knowledge or consent where this is required or permitted by law. In general, the Personal Data which you submit to us is used either to respond to requests that you make, or to aid our service to you, the User.
- Please be advised that we may store and process your Personal Data for a period as required for you to be able to avail our Services, and for a reasonable period of time thereafter.
- We use your Personal Data in the following ways:
- a. To facilitate the creation of and to secure your User account on SAV Facilities and integrated facilities (where applicable).
- b. To prudently identify you and perform the necessary identity verification through our own efforts or through our partners or service providers.
- c. To provide improved administration of our Facilities.
- d. To improve the quality of your User experience when you interact with SAV Facilities.
- e. To send you a one-time password (OTP) to verify ownership of the e-mail address or the mobile number provided when your User account is created.
- f. To send you administrative notifications or other communications: i.e. User activity, security, support and maintenance or other advisory services, sent via In-App, Mobile SMS and/or Email.
- g. To identify, prevent, and report potentially suspicious, fraudulent, or illegal activities.
- h. To notify you about important changes or updates to SAV Facilities, and to respond to your inquiries or other requests received.
- All data collected automatically will be used to administer or improve our services, including the following:
- a. All automated data collected is used for administration purposes, as well as to improve services and user experience.
- b. We use IP address information to make our Facilities and Services more useful to you, and to perform identity verification.
- c. We use information from log files to analyse trends; operate, administer and maintain the Facilities; track Users’ movements and activity around and within the Facilities, gather demographic information about our User base as a whole, and better tailor our Services to our Users’ needs. Except as noted in this Privacy Policy, we do not link this automatically collected data to Personal Data.
- d. We use your Emirates ID Information provided and the data available on your Emirates Chip to verify your identity in your submitted form of identification during the onboarding and User registration or User account creation process. This technology collects information from your biometric data, and it shares this information with us. We use that information to verify your identity. We will store your biometric data for as long as is necessary to perform the services, and as long as the User account exists and will comply with applicable law relating hereto. By using the SAV Facilities and/or services you agree that SAV may collect your biometric data to perform identity verification.
- e. We may use both session / transient Cookies (which expire once you close your device web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on and in using our Facilities. This type of information is collected to make our Facilities more useful to you and to tailor the experience with us to meet your special interests and needs. Please further refer to our Cookies Policy.
- Data Retention: SAV adheres to all applicable legislative provisions and Data Protection laws of each jurisdiction it operates in; hence SAV shall retain and store a written Record of Processing Activities (“ROPA”) of how it processes all User specific data as recommended by the regulations. Such a ROPA shall include the purpose of our processing, what data types we process, the different parties who are recipients of such Personal Data, time limits of retention of Personal Data and a description of our security measures. Should any further information be required, please contact us at contact@sav.com
- Data protection impact assessment: In adhering to all applicable legislative provisions and data protection laws of each jurisdiction it operates in, SAV may carry out an assessment of the impact of the proposed processing operations on the protection of User Personal Data, considering the risks to your rights (“DPIA”). In accounting for the protection of commercial interests we shall seek a User’s input on the intended processing, if and where applicable. The outcome of such DPIA’s may result in the alteration and update of this Privacy Policy, at which point, we shall notify you. Should any further information be required, please contact us at contact@sav.com.
5. How SAV shares Users’ personal information:.
- We disclose your Personal Data, as described in this Privacy Policy.
- It may be necessary to disclose your information to law enforcement agencies, regulators, government/public officials, or other relevant third parties to comply with any law, subpoenas, court orders, government requests, to defend against legal claims, investigate or bring legal action against illegal or suspected illegal activities, to enforce our Terms and Conditions, or to protect the rights, safety, and security of SAV, our Users, other persons or the public.
- We may share your Personal Data with third parties and/or service providers, in so far as it may be necessary and in order to provide you with the services that we offer you through our Facilities and to conduct quality assurance testing; to facilitate the creation of User accounts; to provide technical support, operational support and maintenance services; to verify your identity; and/or to provide other services to SAV and any Facilities of SAV. These third-party service providers are required not to use your Personal Data for any purpose, other than to provide the services mandated by us.
- We may use social plugins, widgets and other features (“social networks” or “social features”) that are made available by and/or accessed through third party social networks. These social features allow these social networks to place Cookies on your browser and to collect certain information, which may be associated with your name, personal details and personal social network account. These social features are operated solely by the respective social networks, and their service providers, and we recommend that you carefully read their privacy policies before you decide to use them. We have no control over or access to the information collected, stored or used by such social networks, and the information practices of such social networks are not covered by this Privacy Policy. If you do not wish to associate any information collected via the plugins, widgets and/or other features with your personal social network account information, you should refrain from using these social features and logout from your social network account before any visit to or use of our facilities, or using our services.
- We may share some or all of your Personal Data with third parties (i.e. if SAV is acquired by a new owner) in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset forming part of SAV’s good will. If another company acquires SAV, its business or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations held by SAV regarding your Personal Data, as described in this Privacy Policy.
- SAV’s facilities or communications may contain links to other third-party websites which are not owned or operated by SAV and too, which are regulated by their own privacy policies. If you click on a third-party link, you will be directed to that third party’s site. SAV strongly advises you to review the privacy policy of every site you visit. SAV is not responsible for the privacy policies of these third-party websites, regardless as to whether they were accessed using the links from our facilities. SAV has no control over and assumes no liability for the content, privacy policies or practices of any third-party sites or services.
- Be advised: Other than as stated in this Privacy Policy, SAV does not disclose any of your personal information to any third parties, unless required to do so by law enforcement, court order, or in compliance with legal reporting obligations.
6. Extraterritorial data storage and data transfers:.
- We disclose your Personal Data, as described in this Privacy Policy.
- User Personal Data is stored and transferred in compliance with the applicable legislation or regulations of every applicable jurisdiction.
- We store and process your Personal Data in data centers located within the country in which SAV operates, or where we have our premises, or wherefrom we provide services or where SAV’s service providers are located, and we comply with the data protection regulations of these jurisdictions insofar as they apply to SAV.
- We may share your Personal Data within the SAV group of associated companies which are based in various locations globally.
- If you are based in the United Arab Emirates (“UAE”), this may involve storing and transferring your data outside of the United Arab Emirates, with adherence to relevant legal requirements – where applicable.
- If you are based anywhere else globally, this may involve storing and transferring your data globally, with adherence to relevant legal requirements, wherever and however applicable.
- In addition, hereto, many of our external third parties are also based outside of the aforementioned geographical regions and globally, so, their processing of your Personal Data will involve the transfer and storage of data outside the aforementioned territories. We reiterate that you, as the User, accepts that through the application for the creation of a User account, the terms of their individual privacy policies, cookies policies, as well as terms and conditions, as third-party service providers to SAV. Further we will take your express consent before sharing your Personal Data with any Data Processor located outside the DIFC.
- Some of the countries to which your Personal Data may be transferred do not benefit from an appropriate protection regulation. For such international countries, we shall have specific data-protection clauses in our agreements and arrangements with them, which adhere to those as adopted by the Commissioner of Data Protection at DIFC or other appropriate regulators.
- Whenever we transfer your Personal Data outside of the DIFC, the UAE or any other territory, we will ensure that a suitable degree of protection is afforded to it by ensuring that at least one (1) of the below listed safeguards is implemented:
- a. We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data.
- b. In respect of the DIFC Data Protection Law and Regulations relating to the transfer of Personal Data, transfers will be conducted in accordance with the applicable provisions of such Law and Regulations.
- Please contact us at contact@sav.com if you want further information on the specific mechanism used by us when transferring your Personal Data.
7. How to update your information.
- We disclose your Personal Data, as described in this Privacy Policy.
- Whenever possible, you can update your Personal Data directly within your User account settings section, subject to verification by SAV. If you are unable to change your Personal Data, please contact us to make the required changes.
- If you wish for SAV to update your information, please contact us in making such a request.
- We will retain your information for as long as may be needed to provide you access to your User account and or Services of SAV, or for a reasonable period after you close your User account with SAV.
- If you wish to close your User account, you can do so from your User account setting session or you can contact us. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our Terms and Conditions.
8. SAV’s use of Cookies and Persistent Local Data:.
- Data collected automatically includes, but is not limited to Cookies, webpage counters and other analytics tools.
- Cookies are small data files that are collected automatically and stored on your device / computer’s hard drive.
- SAV collects web browser Information in order to enhance your User experience on our Facilities, as well as to track how the Facilities and Services are being used.
- We further use Cookies to identify and prevent fraudulent or illegal activity. The information collected by us can include, but is not limited to: your IP address, referral URLs, the type of device you use, your operating system, the type of browser you use, your geographic location, and other session data.
- Cookies are not permanent and will expire after a short time period of inactivity. Data collected via technical means, such as Cookies, webpage counters and other analytics tools, are normally kept for a period of up to one (1) year from expiry of the Cookie.
- You may opt to deactivate your Cookies, but it is important to note that you may not be able to access or use some features of our Facilities, should you do so, as such Cookies may enable certain functions thereon.
- Please note that SAV is not responsible and will not be held liable for any loss resulting from your decision or inability to use Cookies.
- Do Not Track (DNT) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third-parties. At this time, we do not respond to DNT signals.
- For more information about the Cookies we use, please see our Cookie Policy.
9. Security precautions exercised by SAV for protection of your data:.
- We take the protection of your personal information seriously and in so doing, we use industry-standard data encryption technology and have implemented restrictions related to the storage of and the ability to access your personal information.
- All your personal information and sensitive data is stored in servers located within the country.
- SAV’s facilities are scanned on a regular basis for security holes and known vulnerabilities, in order to best ensure its security.
- Your Personal Data is contained behind secured networks and is only accessible by a limited number of individuals who have special access rights to such systems and are required to keep the information confidential.
- Please note that no transmission over the Internet or any method of electronic storage can be guaranteed to be absolutely 100% secure, however, our best endeavours will be made to secure data and the ability to access your personal information.
- Without prejudice to our efforts on protection of your Personal Data, nothing contained in this Privacy Policy constitutes a warranty of security of the facilities, and you agree to transmit data at your own risk. Please note, that SAV and the facilities do not guarantee that your data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
- We would like to draw your attention on the fact that SAV will never send you email or SMS or call you to ask for financial or payment information, such as your credit card number, passcode, User account number or pin number, in an e-mail, text or any other communication that we send to you. Please, always check that any website on which you are asked for financial or payment information in relation to our reservations or services is in fact legitimately owned or operated by SAV. The risk of impersonating hackers exists and should be taken into account when using our Facilities and/or Services.
- If you do receive any suspicious communication of any kind or request, do not provide your information and report it us by contacting our offices immediately. Please also immediately notify us if you become aware of any unauthorised access to or use of your User account.
- Since we cannot guarantee against any loss, misuse, unauthorised acquisition, or alteration of your data, please accept that you play a vital role in protecting your own Personal Data, including the adoption of sufficient safety measures such as your choosing of an appropriate password of sufficient length and complexity and to not reveal this password to any third-parties.
- Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us, or receive from us by Internet or wireless connection, including: email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. You can contact us if you have reason to believe that your data is no longer secure.
- Lastly, please note that should the security of your Personal Data be breached and the security of your rights be at high risk, we shall promptly and immediately communicate to you the nature of the breach which has taken place, the likely consequences of such a breach and shall describe thoroughly the measures we have implemented to address the breach and to mitigate any and all adverse effects to you and your rights. In the unlikely event of a breach occurring, please reach out to our CONTACT at contact@sav.com for further information and for further advise on how to mitigate the potential adverse effects of such a breach.
10. Contacting Us:.
- If you have any questions about our Privacy Policy as outlined above, or if you have any complaints, please contact us at help@sav.com.