Privacy Policy

Effective Date: May 22, 2025

1. Introduction and Scope

This Privacy Policy describes how AMDICO-FZCO (referred to as "Amdico", "we", "us", or "our") collects, uses, processes, and discloses your information, including personal data, in conjunction with your access to and use of our website www.amdico-fzco.com (the "Website") and our services. The protection of your personal data is of paramount importance to us.

This policy applies to personal data collected through our Website, contact forms, email communications, and any other interactions you may have with Amdico. By using our Website and services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller responsible for the processing of your personal data in accordance with applicable data protection laws, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and, where applicable, the EU General Data Protection Regulation (GDPR), is:

3. Definitions

Key terms used in this Privacy Policy are defined as follows:

• Personal Data: Any information relating to an identified or identifiable natural person ('data subject'). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• Controller: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
• Processor: A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller.
• Data Subject: The identified or identifiable natural person to whom the Personal Data relates.
• Consent: Any freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her.
• PDPL: The UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.
• GDPR: The EU General Data Protection Regulation 2016/679.

4. Information We Collect and How We Use It

We collect Personal Data in various ways, depending on your interaction with us:

a) Information You Provide Directly

• Contact Form & Email Communications: When you contact us via our contact form, email, or other direct communication channels, we collect the information you provide, such as your full name, email address, phone number (optional), company name (optional), service interest, and the content of your message.
  Purpose and Legal Basis: We process this data to respond to your inquiries, provide requested information or services, and manage our client relationships. The legal basis for this processing is our legitimate interest in communicating with you and addressing your requests (Art. 6(1)(f) GDPR, if applicable; or analogous provisions under PDPL), or for the performance of a contract or to take steps at your request prior to entering into a contract (Art. 6(1)(b) GDPR, if applicable; or analogous provisions under PDPL). If we request specific consent, then consent (Art. 6(1)(a) GDPR, if applicable; or PDPL equivalent) will be the legal basis.

b) Information Collected Automatically (Technical Data)

When you visit our Website, our servers automatically record information that your browser sends ("Log Data" or "Server Log Files"). This Log Data may include:

• Your device's Internet Protocol (IP) address
• Browser type and version
• Operating system and platform
• The full Uniform Resource Locators (URL) clickstream to, through, and from our Website (including date and time)
• Referrer URL (the website you came from)
• Pages you viewed or searched for on our Website
• Date and time of access, and time zone setting
• Language preferences

Purpose and Legal Basis: This data is technically necessary for us to display our Website to you, to ensure its stability, security, and functionality, and to optimize our services. The legal basis for processing this Log Data is our legitimate interest (Art. 6(1)(f) GDPR, if applicable; or analogous provisions under PDPL) in the proper administration and security of our Website.

c) Cookies and Similar Technologies

Our Website uses cookies and may use similar tracking technologies to enhance your user experience, analyze site traffic, and for other operational purposes. Cookies are small text files stored on your device. We categorize cookies as follows:

• Strictly Necessary Cookies: These are essential for the Website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms. The legal basis is our legitimate interest (Art. 6(1)(f) GDPR, if applicable; or PDPL equivalent) or as permitted by applicable law for essential operations.
• Performance/Analytical Cookies: We use Matomo to understand how visitors interact with our Website. Matomo is a web analytics service that collects information anonymously, such as the number of visitors to the site, where visitors have come to the site from, and the pages they visited. This helps us to improve our Website.
  Legal Basis: Your explicit consent (Art. 6(1)(a) GDPR, if applicable; or PDPL equivalent), which we obtain through our cookie consent management tool.
  Opt-out: You can manage your consent preferences for Matomo and other non-essential cookies through our cookie consent management tool.
• Functional Cookies: We currently do not use specific functional cookies beyond those that might be strictly necessary for basic site operations. If this changes, we will update this policy and request your consent as appropriate.
• Targeting/Advertising Cookies: We do not use targeting or advertising cookies on our Website.

Your Consent and Cookie Management: For all cookies that are not strictly necessary, we will obtain your explicit consent before placing them on your device. This is typically managed through a cookie consent banner and management tool presented to you when you first visit our Website. You can review and change your cookie preferences at any time through this tool or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality of the Website.

5. Purposes and Legal Bases for Processing

We process your Personal Data for the following purposes and based on the following legal grounds:

• To provide and maintain our Website and Services: Legitimate interest (Art. 6(1)(f) GDPR; PDPL equivalent) or performance of a contract (Art. 6(1)(b) GDPR; PDPL equivalent).
• To respond to your inquiries and provide customer support: Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR; PDPL equivalent), or legitimate interest (Art. 6(1)(f) GDPR; PDPL equivalent).
• To improve our Website and Services (including through analytics like Matomo): Your consent for specific features/cookies (Art. 6(1)(a) GDPR; PDPL equivalent), or our legitimate interest for general improvements not reliant on consent-based tracking (Art. 6(1)(f) GDPR; PDPL equivalent).
• For security and fraud prevention: Legitimate interest (Art. 6(1)(f) GDPR; PDPL equivalent) and to comply with legal obligations (Art. 6(1)(c) GDPR; PDPL equivalent).
• To comply with legal and regulatory obligations: Compliance with a legal obligation (Art. 6(1)(c) GDPR; PDPL equivalent).
• For marketing communications (with your consent): Consent (Art. 6(1)(a) GDPR; PDPL equivalent). You can opt-out at any time by contacting us at amdico.fzco@gmail.com or by using the unsubscribe link provided in such communications.

6. Data Sharing and Disclosure

We do not sell your Personal Data. We may share your Personal Data with third parties only in the following circumstances:

• Service Providers (Processors): We may share Personal Data with third-party service providers who perform services on our behalf, such as website hosting (e.g., Hostinger), IT support, email delivery services (for our operational emails, not necessarily marketing), analytics providers (e.g., if Matomo is cloud-hosted, though often self-hosted), and potentially other specialized agencies. These providers are contractually obligated to protect your data and may only use it for the purposes we specify. We ensure Data Processing Agreements (DPAs) are in place where required by law.
  Our hosting provider is Hostinger International Ltd., 61 Lordou Vironos Street, 6023 Larnaca, Cyprus. Data processed by them includes server log files as described above.
• Legal Obligations and Rights: We may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation or government request; (ii) protect and defend our rights or property; (iii) prevent or investigate possible wrongdoing in connection with the Service; (iv) protect the personal safety of users of the Service or the public; or (v) protect against legal liability.
• Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different privacy policy.
• With Your Consent: We may disclose your Personal Data for any other purpose with your explicit consent.

7. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction (e.g., the UAE or the EU/EEA).

If we transfer Personal Data outside the UAE, we will ensure that such transfers are compliant with the PDPL requirements for cross-border data transfers (e.g., to countries deemed adequate by the UAE Data Office, or by implementing appropriate safeguards such as data transfer agreements based on PDPL requirements). If we transfer Personal Data from the European Economic Area (EEA) to countries outside the EEA that are not deemed adequate by the European Commission, we will ensure that appropriate safeguards are in place to protect your Personal Data, such as by relying on Standard Contractual Clauses (SCCs) approved by the European Commission, or other legally permitted transfer mechanisms.

8. Data Retention

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). For example:

• Server log files are typically retained for 30 days for security and operational purposes.
• Data from contact form inquiries will be retained for as long as necessary to process your request and for any follow-up, and thereafter in accordance with our internal retention policies or legal obligations.
• Personal Data processed based on your consent (e.g., for Matomo analytics) will be retained until you withdraw your consent or as specified at the time of consent.

When we no longer have a legitimate business need to process your Personal Data, we will either delete or anonymize it, or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

9. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any Personal Data we process. These measures aim to protect your data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. For example, our Website uses SSL/TLS encryption to protect data transmitted to and from the site.

However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your Personal Data, transmission of Personal Data to and from our Website is at your own risk. You should only access the Website within a secure environment.

10. Your Data Protection Rights

Depending on your location and applicable data protection laws (such as PDPL in the UAE or GDPR in the EU/EEA), you may have the following rights regarding your Personal Data:

• Right of Access: You may have the right to request access to the Personal Data we hold about you.
• Right to Rectification: You may have the right to request correction of any inaccurate or incomplete Personal Data.
• Right to Erasure ('Right to be Forgotten'): You may have the right to request the deletion of your Personal Data under certain conditions.
• Right to Restriction of Processing: You may have the right to request that we restrict the processing of your Personal Data under certain conditions.
• Right to Data Portability: You may have the right to receive your Personal Data in a structured, commonly used, and machine-readable format and to transmit those data to another controller.
• Right to Object: You may have the right to object to our processing of your Personal Data where we are relying on a legitimate interest as the legal basis for our processing, or for direct marketing purposes.
• Right to Withdraw Consent: If we are processing your Personal Data based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a competent data protection supervisory authority.
  In the UAE, the relevant authority is the UAE Data Office (https://u.ae/en/about-the-uae/digital-uae/data/data-protection-laws).

To exercise any of these rights, please contact us using the contact details provided in Section 2. We will respond to your request in accordance with applicable data protection laws. We may need to verify your identity before processing your request.

11. Data of Minors

Our Website and services are not directed to individuals under the age of 18 (or the age of legal majority in their jurisdiction of residence, e.g., 21 in the UAE for certain contractual matters). We do not knowingly collect Personal Data from minors. If you are a parent or guardian and believe that your child has provided us with Personal Data without your consent, please contact us. If we become aware that we have collected Personal Data from a minor without verification of parental consent, we will take steps to remove that information from our servers.

12. Links to Other Websites

Our Website may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make (e.g., by posting the revised policy on our Website with a new effective date, or by other means if changes are material). We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.

You can see when this Privacy Policy was last updated by checking the "Effective Date" at the top of this Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your Personal Data, please contact us at: