Home / Privacy Policy

Privacy Policy

This Privacy Policy describes how KOODO TECHNOLOGY L.L.C-FZ collects, uses, processes, and protects your personal data in compliance with UAE Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data (PDPL).

Last Updated: June 2026

1. Introduction

KOODO TECHNOLOGY L.L.C-FZ (hereinafter "KOODO TECHNOLOGY," "we," "us," or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at koodo.tech (the "Site"), use our services, or interact with us in any manner. We operate under Dubai trade license number 2649263.01 and are headquartered at Meydan Grandstand, 6th Floor, Meydan Road, Nad Al Sheba, Dubai, United Arab Emirates.

This policy is designed to comply with UAE Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data (PDPL) and other applicable data protection regulations. Please read this Privacy Policy carefully to understand our practices regarding your personal data. By accessing or using our Site and services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller responsible for your personal data is KOODO TECHNOLOGY L.L.C-FZ. If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: hello@koodo.tech
Address: Meydan Grandstand, 6th Floor, Meydan Road, Nad Al Sheba, Dubai, United Arab Emirates
License: 2649263.01

3. Information We Collect

We may collect the following categories of personal data when you interact with our Site or services:

3.1 Information You Provide Directly

  • Contact Information: Your full name, email address, phone number, company name, and job title when you fill out our contact form, request a quote, or subscribe to our communications.
  • Project Information: Details about your project requirements, business needs, technical specifications, and any other information you share with us during consultation and project scoping.
  • Communications: Records of your correspondence with us, including emails, chat messages, and call recordings (where permitted by law and with your consent).
  • Account Information: If you create an account on our platforms, we collect your username, password, and profile information.

3.2 Information Collected Automatically

  • Usage Data: Information about how you use our Site, including pages visited, time spent on pages, referral URLs, and navigation patterns.
  • Device Information: IP address, browser type and version, operating system, device type, screen resolution, and language preferences.
  • Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to enhance your browsing experience and analyze Site usage. For detailed information about our use of cookies, please see our Cookie Policy below.

3.3 Information from Third Parties

We may receive personal data about you from third parties, including business partners, analytics providers (such as Google Analytics), advertising networks, and social media platforms (when you interact with our social media pages or use social login features).

4. How We Use Your Information

We use your personal data for the following purposes:

  • Service Delivery: To provide, maintain, and improve our e-commerce platform development and computer programming services, including project management, technical support, and client communication.
  • Communication: To respond to your inquiries, send you information about our services, provide project updates, and send administrative messages.
  • Business Development: To process and respond to quote requests, proposals, and business inquiries.
  • Website Improvement: To analyze usage patterns, troubleshoot technical issues, and enhance the functionality and user experience of our Site.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes, including those under UAE PDPL and Dubai International Financial Centre (DIFC) regulations where applicable.
  • Security: To protect the security and integrity of our systems, prevent fraud, and enforce our terms of service.
  • Marketing (with consent): To send you marketing communications about our services, industry insights, and events, where we have obtained your consent or where permitted by applicable law.

5. Legal Basis for Processing

Under UAE PDPL and applicable regulations, we process your personal data based on the following legal grounds:

  • Consent: Where you have given explicit consent for specific processing purposes (e.g., marketing communications, cookie preferences).
  • Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract (e.g., providing our services).
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
  • Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include improving our services, ensuring network and information security, and direct marketing to existing clients.

6. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Service Providers: Third-party vendors who provide services on our behalf, including cloud hosting providers (AWS, Google Cloud), analytics services, email communication platforms, and project management tools. These providers are contractually obligated to protect your data and process it only in accordance with our instructions.
  • Business Partners: With your consent, we may share your information with trusted business partners for joint offerings or collaborative projects.
  • Legal Authorities: When required by law, court order, or governmental regulation, we may disclose your personal data to regulatory authorities, law enforcement agencies, or other legal bodies.
  • Professional Advisors: Our legal, financial, and other professional advisors acting as processors or joint controllers.
  • Business Transfers: In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal data may be transferred as part of the transaction.

We do not sell your personal data to third parties for their own marketing purposes.

7. International Data Transfers

As a Dubai-based company serving clients globally, your personal data may be transferred to and processed in countries outside the UAE, including countries that may not have data protection laws equivalent to those in the UAE. When we transfer your data internationally, we implement appropriate safeguards, including:

  • Standard contractual clauses approved by relevant data protection authorities.
  • Binding corporate rules for transfers within our corporate group.
  • Transfer to countries that have been recognized as providing adequate levels of data protection.

Our primary data storage and processing facilities are located in the UAE and the European Economic Area (EEA). By providing your personal data, you consent to such transfers in accordance with this Privacy Policy.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention period depends on:

  • The nature of the data and the purpose for which it was collected.
  • Legal and regulatory requirements for data retention (e.g., UAE commercial laws, tax laws).
  • Whether the data is required for the establishment, exercise, or defense of legal claims.

Typically, we retain client data for the duration of our business relationship plus a reasonable period afterward (generally 5 years) to comply with legal obligations and address any post-service matters. Marketing data is retained until you withdraw consent or opt out. When data is no longer required, we securely delete or anonymize it.

9. Your Rights

Under UAE PDPL and applicable data protection laws, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request confirmation of whether we process your personal data and, if so, to access that data and obtain a copy.
  • Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Right to be Forgotten): You have the right to request deletion of your personal data where there is no compelling reason for its continued processing.
  • Right to Restrict Processing: You have the right to request restriction of processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.
  • Right to Object: You have the right to object to processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with the UAE data protection authority if you believe we have violated your data protection rights.

To exercise any of these rights, please contact us at hello@koodo.tech. We will respond to your request within the timeframe required by applicable law (typically 30 days). We may need to verify your identity before processing your request.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: Data transmitted between your browser and our servers is encrypted using TLS/SSL protocols. Sensitive data is encrypted at rest using industry-standard encryption algorithms.
  • Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis, with strict access controls and authentication mechanisms.
  • Regular Audits: We conduct regular security assessments, vulnerability scans, and penetration testing of our systems.
  • Security Policies: We maintain comprehensive information security policies and procedures, including incident response plans, data breach notification procedures, and employee training programs.
  • Third-Party Oversight: We require our service providers to implement appropriate security measures through contractual obligations and regular audits.

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify you and relevant authorities in the event of a data breach as required by applicable law.

11. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and understand where our visitors come from. Cookies are small text files stored on your device by your web browser.

Types of cookies we use:

  • Essential Cookies: Required for the basic functionality of our website, such as maintaining session state and enabling secure navigation.
  • Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymized information about page visits, time on site, and navigation patterns.
  • Functional Cookies: Remember your preferences and settings to provide enhanced, personalized features.
  • Marketing Cookies (with consent): Used to deliver relevant advertisements and measure the effectiveness of our marketing campaigns.

You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. For more information about our cookie practices, please contact us.

12. Third-Party Links

Our website may contain links to third-party websites, plugins, and applications, including social media platforms, payment processors, and partner sites. Clicking on these links or enabling these connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read the privacy policies of every website you visit.

13. Children's Privacy

Our services are not directed to individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to delete that information. If you believe we might have any information from or about a child, please contact us at hello@koodo.tech.

14. Automated Decision Making and Profiling

KOODO TECHNOLOGY does not use automated decision-making or profiling processes that produce legal effects concerning you or similarly significantly affect you, unless we have obtained your explicit consent, the processing is necessary for entering into or performing a contract with you, or is otherwise authorized by applicable law.

If we do use automated decision-making in the future, we will inform you about the logic involved and the significance and envisaged consequences of such processing, implement appropriate safeguards to protect your rights including the right to obtain human intervention, and provide you with the ability to express your point of view and contest the decision. We do not engage in any form of profiling that could lead to discriminatory outcomes or decisions based on sensitive personal data without your explicit consent.

15. How to Exercise Your Rights

To exercise any of your data protection rights described in this Privacy Policy, please submit a written request to hello@koodo.tech. To ensure the security of your personal data, we may need to verify your identity before processing your request. We may request additional information from you to confirm your identity, particularly when you request access to or deletion of your personal data.

We will respond to your request within thirty (30) calendar days of receiving a complete request. If we require additional time (up to an additional 60 days), we will inform you of the reason for the extension. We may charge a reasonable fee for processing repeat or manifestly unfounded or excessive requests, or we may refuse to act on the request in accordance with applicable law. In the event that we cannot fulfill your request, we will explain the reasons for our decision and inform you of your right to lodge a complaint with the relevant supervisory authority.

16. Data Breach Notification

KOODO TECHNOLOGY has implemented procedures to detect, investigate, and respond to personal data breaches in accordance with UAE PDPL requirements. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant data protection authority within the timeframe required by applicable law, communicate the breach to affected data subjects without undue delay providing information about the nature of the breach and the categories of data affected, and document all data breaches including the facts relating to the breach, its effects, and the remedial action taken.

Our data breach response plan includes immediate containment, assessment of risk, notification to relevant parties, and implementation of measures to prevent future occurrences. We maintain comprehensive incident response documentation and regularly test our breach response procedures.

17. Data Protection Officer

KOODO TECHNOLOGY has appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and implementation, ensuring compliance with UAE PDPL requirements, and serving as a point of contact for data subjects and regulatory authorities. If you wish to contact our DPO directly regarding any data protection matters, please email hello@koodo.tech with the subject line "FAO: Data Protection Officer."

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technological developments. When we make material changes, we will notify you by posting the updated policy on our website with a revised "Last Updated" date and, where appropriate, by sending you an email notification. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data.

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Email: hello@koodo.tech
Address: KOODO TECHNOLOGY L.L.C-FZ
Meydan Grandstand, 6th Floor
Meydan Road, Nad Al Sheba
Dubai, United Arab Emirates
License: 2649263.01

Data Protection Inquiry: For all privacy-related matters, please contact us at hello@koodo.tech. We will respond to your inquiry within 30 days of receipt.