Privacy Policy

For Global | For Middle East

Introduction

This Privacy Policy explains how Quixy Technologies LLC (“Quixy”, “we”, “our”) collects, uses, shares and protects personal data when you visit any .quixy.ae site or use the Quixy low-code no-code platform that is hosted entirely in the AWS Middle East (UAE) Region. It supplements the global Quixy Privacy Policy and applies to users and customers located in, or contracting under, UAE law.

Our practices follow the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and its executive regulations, while maintaining compatibility with widely recognised international privacy standards.

Who we are

Legal entity	Quixy Technologies LLC, Dubai, UAE
Registered office (all notices)	Office 41, 21st Floor, Conrad Business Tower, Sheikh Zayed Road (opposite DWTC), P.O. Box 124 844, Dubai, United Arab Emirates
Data Protection Officer (DPO)	[email protected]

Quixy Technologies LLC is the controller for all processing described below. VividMinds Technologies Pvt Ltd (India) supports the UAE instance remotely and therefore acts as our processor under an intra-company Data Processing Addendum (DPA).

Scope of this Policy

This Policy applies when you:

browse or register on .quixy.ae ;
create or use an account on the UAE-hosted Quixy platform;
interact with our UAE sales, events or support teams; or
receive electronic communications that link to this Policy.

It does not cover Quixy services delivered from other regions (e.g., .quixy.com).

Information we collect

Category	Typical items	Source	Main purpose
Account & contact	name, business e-mail, phone, job title	sign-up forms, event registrations	create and secure your workspace
Usage & log	IP address, browser data, feature clicks, error logs	automatic	run, secure and improve the platform
Support content	screenshots, ticket notes, call recordings	you / your admin	troubleshoot issues
Marketing preferences	opt-in flag, campaign interactions	consent banner, e-mail	send product news you request
Billing	company name, TRN, address, masked card digits	your finance team / payment provider	invoicing & VAT compliance

We do not knowingly collect information about anyone under 18 years old.

How and why we use your data

Purpose	PDPL lawful basis	Examples
Provide and administer the service	Contract	user authentication, workspace provisioning
Improve security and performance	Legitimate interest	log analysis, anomaly detection
Comply with legal duties	Legal obligation	tax & accounting records, regulatory notices
Send optional marketing	Consent	newsletters, event invitations

Where we rely on legitimate interest we conduct a balancing test to ensure your rights are not overridden.

Cookies & similar technologies

Essential cookies load automatically to keep the service running. Analytics or advertising cookies load only after you click “Accept” on our banner and can be disabled at any time via the banner or your browser settings.

Data residency in the UAE

All production data—and encrypted backups—are stored in the **AWS Middle East (UAE) Region, distributed across multiple local Availability Zones.

Who can access or receive your data

Recipient	Reason	Safeguard
Quixy UAE staff	hosting operations, customer success	UAE employment NDAs
Quixy India support team	24 × 7 remote support	intra-group DPA + Standard Contractual Clauses
Sub-processors	cloud infrastructure, ticketing, e-mail	PDPL-compliant contracts;
Public authorities	if required by UAE or DIFC law	request verified & logged
Business transferee	merger or asset sale	successor bound by this Policy

We never sell or rent personal data.

Cross-border transfers & remote access

Because some engineers operate from India or South Africa, restricted remote access may occur. We rely on:

PDPL Article 23(1)(c) – transfer necessary for contract performance;
2021 EU Standard Contractual Clauses plus encryption and strict access controls; and
our intra-group Binding Corporate Rules (currently under UAE Data Office review).

No customer database is stored permanently outside the UAE.

Security measures

We maintain an ISO 27001- and ISO 27701-aligned programme that includes encryption in transit and at rest, multi-factor authentication, quarterly penetration tests, secure SDLC practices and 24 × 7 SOC monitoring. If a breach that may pose high risk occurs, we notify the UAE Data Office and affected users within the timelines required by the PDPL.

Retention

We keep personal data only as long as needed for its purpose plus any statutory period (typically five years for VAT and commercial records). After that we erase or irreversibly anonymise the data.

Your rights under UAE PDPL

You may access, correct, erase, restrict, port your data or object to processing at any time. Send requests to [email protected] and we will respond within 30 days (extendable once if the request is complex). If unsatisfied, you may lodge a complaint with the UAE Data Office.

Marketing choices

We send marketing only if you opted in. Every marketing e-mail includes an Unsubscribe link. Mandatory service or security messages are not subject to opt-out.

Third-party links

Our sites may link to external pages (e.g., partners, social-media sites). We are not responsible for their privacy practices—please review their notices before sharing data.

Children

The Quixy UAE platform targets business users. We do not knowingly process data of children under 18. Contact us if you believe a child has provided data so we can delete it promptly.

Changes to this Policy

We may amend this Policy from time to time. Material changes will be posted here and e-mailed to account administrators five days before they take effect. Continued use after that date constitutes acceptance.

Contact

Data Protection Officer
Quixy Technologies LLC
Office 41, 21 st Floor, Conrad Business Tower, Sheikh Zayed Road, Dubai
P.O. Box 124 844 – United Arab Emirates
E-mail: [email protected]

By accessing or using any Quixy UAE site or service you acknowledge that you have read this Privacy Policy and agree to the processing of your personal data as set out above.