Privacy Policy

Privacy Policy

This Privacy Policy has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation or GDPR). It covers the information that Dubai Net Solutions (or “DNS”, or “Us”) collects about you when you use our products or services, or interact with us. This policy is meant to express DNS commitment to the privacy of our customers’ data, and to explain the means used for their privacy.

DNS is a website registered under the company ZIA Advertising Agency LLC (or ZIA), based in Dubai, United Arab Emirates.

This policy relates solely to DNS and ZIA, if not stated otherwise within this document.

Glossary

User (or You)
The person or company using DNS website, services and business solutions.

Personal Data (or Data)
Any information with a direct or indirect correlation with the User that can identify the User.

Metric Data
Any sort of Information collected automatically through DNS (or third-party services used in DNS), including: IP addresses or domain names of the computers utilised by the Users who use DNS, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilised to submit the request to the server, the size of the file received in response, country of origin, information inherent to browser and Operating System used to access the data inherent to pages visiting times, and other parameters about the device’s operating system and/or the User’s network.

Data Subject
The natural subject to whom the Personal Data refers.

Data Controller (or Owner)
The subject or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security and encryption measures concerning the operation and use of DNS.

Service
The set of services provided by DNS as described in the relative terms (when available) and on this website.

European Union (or EU) and European Economic Area (or EEA)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Cookies
Cookies are small pieces of data stored in the User’s device.

Data Controller

Dubai Net Solutions (under legal authorisation of ZIA Advertising Agency LLC )

Owner contact email:
legal [at] dubainetsolutions [.] com
legal [at] ziaad [.] com

Data Collected

DNS collects various types of data, directly or indirectly, including the name, email address, phone number, cookies, Metric Data, Data communicated during use of the service among other types of Data.

The full details of each type of Personal Data collected are available in the specific sections of this document or in the specific privacy policy texts provided by any third party resources. 

Personal Data may be freely provided by the User or, in the case of Metric Data, collected automatically by the User’s internal or third party technologies. Unless otherwise stated, the entire set of Data required is mandatory and the User understands that any omission could result in a malfunction or total inability to provide the Service.

In cases where DNS expressly declares that certain sets of Data are not mandatory or strictly necessary for the operation, Users may deliberately choose not to declare them, without having any consequence or limitation in the use of the Service.

The specific use of Cookies – or other similar tracking tools – by DNS or third party resources employed by DNS is to provide the Service or task requested by You, in addition to other additional purposes stated in the specific Cookies Policy, if applicable.

You are responsible for any Third Party Personal Data obtained, posted or shared through DNS and confirm that you have the consent of a third party to provide this same Data to the Owner.

Methods and place of Data Processing

Methods of processing

The Data Controller shall adopt specific security measures to prevent any unauthorised access by third parties, disclosure of data, modification or destruction of the Data. Data processing is carried out exclusively by means of computer and telematic supports, for the purposes described. 

Data sets may be accessible to other types of Data Processors involved in DNS’ business operations, such as administration, sales, marketing, and legal departments. At other times, the data sets may be provided to external parties such as third-party providers, freight forwarders, domain registrars, and hosting providers.

Legal basis of processing

The Data Controller may process Personal Data relating to Users if one or more of the following applies:

  • Users have given their consent for one or more specific purposes. Note: Under some legislations the Data Controller may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
  • provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
  • processing is necessary for compliance with a legal obligation to which the Owner is subject;
  • processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
  • processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.

However, the Data Controller will be available to help in clarifying the specific legal basis applied and, in particular, whether the provision of the set of Personal Data is a legal or contractual obligation.

Place of Processing

The Data will be processed at the Owner’s operating headquarters and in any other place where the subjects involved in the processing are located. The Data can also be stored in servers located in various regions of the world depending on the nature of the Service subscribed by the User.

Data transfers, depending on the jurisdiction and location of the User, may result in a different data transfer from the User’s country. The User has the right to know the legal basis for the transfer, in particular whether it will be outside the EEA or outside countries where international law does not apply.

Retention time of processed Data

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for. Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
  • Personal Data is retained in order to comply with tax or legal requirements under which the Data Controller operates.

The purposes of data processing

The entire set of User Data is collected to allow the Data Controller to provide their Services, as well as for the following purposes:

  • Contacting the User,
  • Metric Analysis,
  • Interaction with live chat platforms,
  • Remarketing and behavioural targeting,
  • Interaction with external social networks and platforms,
  • Platform services and hosting
  • Data transfer outside the EU.

Users may find further detailed information about such processing purposes and the specific Personal Data used for such purposes in the respective sections of this document.

Detailed information on the processing and collection of Personal Data

Personal Data is collected and used for the following purposes and by the following services:

Analytics
The services contained in this section enable the Owner to monitor and analyse web traffic and can be used to keep track of User behaviour.

  • Google Analytics (Google Inc.)
    Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilises the Data collected to track and examine the use of DNS, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualise and personalise the ads of its own advertising network.
    Personal Data collected: Cookies and Usage Data.
    Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.
  • Google Analytics with anonymised IP (Google Inc.)
    Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilises the Data collected to track and examine the use of DNS, to prepare reports on its activities and share them with other Google services.
    Google may use the Data collected to contextualise and personalise the ads of its own advertising network.
    This integration of Google Analytics anonymises your IP address. It works by shortening Users’ IP addresses within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server and shortened within the US.
    Personal Data collected: Cookies and Usage Data.
    Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.
  • Analytics collected directly (DNS)
    DNS uses an internal analytics system that does not involve third parties.
    Personal Data collected: Cookies and Usage Data.

Contacting the User

  • Mailing Listings
    A Mailing List subscription usually takes place when the User subscribes using the adequate form, or when placing an order or when contacting the Owner. The User may receive e-mail important security announcements or other messages containing information of a commercial, promotional or opportunity nature regarding DNS or services involved. DNS uses MailChimp, a third-party newsletter management system to collect and manage the User’s data. The same platform is used to send newsletters whenever needed to the Users that have opted-in to receive such notifications.
    Place of processing: United States – Privacy Policy.
    Personal Data collected: name, email address and phone number.
  • Contact form
    By filling out the contact forms with your Data (for which, it is the User’s exclusive responsibility to ensure that it is correct and intact), the User authorises DNS to use such data to respond to requests for information, quotes or any other type of request, as indicated in the heading of the form.
    Personal Data collected: name, email address, phone number, interested services, information regarding the required services.

Interaction with external social networks and platforms
This set of services provided by third parties allows and facilitates user accessing and interacting with social networks or other external platforms directly connected to DNS. The information collected in this manner is subject to the individual privacy policies of third parties and not directly from this legal document.

  • Facebook Like button and social widgets (Facebook, Inc.)
    The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.
    Personal Data collected: Cookies and Usage Data.
    Place of processing: United States – Privacy Policy. Privacy Shield participant.
  • Twitter Tweet button and social widgets (Twitter, Inc.)
    The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.
    Personal Data collected: Cookies and Usage Data.
    Place of processing: United States – Privacy Policy. Privacy Shield participant.

Interaction with live chat platforms
This third party service allows the User to interact with live chat platforms directly connected to DNS to contact and be contacted by DNS and its customer support service. These services may collect navigation and metric data on the pages where they are installed, even if Users do not actively use the service. In addition, live chat conversations can be recorded and saved for training and quality purposes.

  • Tawk.to Widget (tawk.to ltd.)
    The Tawk.to Widget is a service to interacting with the Tawk.to live chat platform provided by tawk.to ltd.
    Personal Data collected: Cookies, Data communicated while using the service and Usage Data.
    Place of processing: United Kingdom – Privacy Policy.

Platform services and hosting
These third party services have the prerogative of hosting and managing some key components of DNS, allowing an optimal supply of the service through a unique and optimised solution. These platforms provide a wide range of tools, such as analysis, user registration, comments, database management, e-commerce, payment processing, which involve the collection and processing of Personal Data.

Remarketing and behavioural targeting
These services enable DNS (and its partners) to inform, streamline and deliver advertising content based on your past use of DNS. This activity is performed by monitoring Data and using Cookies, information that is transferred to the partners who manage the activity of remarketing and behavioural targeting.
In addition to any opt out offered by any of the services below, the User may opt out of a third-party service’s use of cookies by visiting the Network Advertising Initiative opt-out page.

  • AdWords Remarketing (Google Inc.)
    AdWords Remarketing is a remarketing and behavioural targeting service provided by Google Inc. that connects the activity of DNS with the Adwords advertising network and the Doubleclick Cookie.
    Personal Data collected: Cookies and Usage Data.
    Place of processing: United States – Privacy Policy – Opt Out.

Data Transfer

Data transfer outside the EU
The Owner is allowed to transfer Personal Data collected within the EU and EEA to third countries (i.e. any country not part of the EEA) only pursuant to a specific legal basis. Any such Data transfer is based on one of the legal bases described below. Users can inquire with the Owner to learn which legal basis applies to which specific service.

Other legal basis for Data transfer abroad (DNS)
If no other legal basis applies, Personal Data shall be transferred from the EEA to third states and jurisdictions only if at least one of the following conditions is met:

  • the transfer is indispensable for the performance of a contract between the User and the Data Controller;
  • the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the User between the Data Controller;
  • the transfer is strictly necessary for important reasons of public interest;
  • the transfer is indispensable for establishment, exercise or defence of legal claims, legal procedures and processes;
  • the transfer is necessary in order to protect the vital interests of the data subject or other persons, where the data subject is physically or legally incapable of giving consent

Data transfer to countries that guarantee European standards
If this is the legal basis, the transfer of Personal Data from the EU to third countries is carried out according to an adequacy decision of the European Commission. The European Commission takes adequacy decisions for specific countries whenever it considers that they have and provide adequate standards of protection for the processing of personal data comparable to those set forth by the EU legislation. Users can find an updated list of all adequacy decisions published on the European Commission’s website.

Data transfer abroad based on consent
If this is the legal basis, Users’ personal data will only be transferred from the EU to third countries if the User has explicitly agreed – after having been informed of the possible risks due to the absence of an adequacy decision and adequate safeguards – to such a transfer. In such cases, the Owner will properly inform Users and collect their explicit consent through DNS. If no confirmation is received from the User within twenty days from the notice, the Owner may proceed with the data transfer as the if the User expressed consent to do so.

Further information about Personal Data

  • Disclosure of Data by the Domain Registration Purchasing
    We currently need to share the data collected inherently to the client with our partners (Registrars) who will effectively register the domain name requested by the User. This data may be divided by three different strategic partners based in the US, EU and Australia.
  • Selling goods and services online
    The Personal Data collected is used to provide services and to process payments to the User. The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or any other means of payment envisaged. The kind of Data collected by DNS depends on the payment system used. DNS does not collect or store any credit card data. Only the transaction reference number is recorded to match it with an invoice in our billing system. The name, address and credit card details are sent directly to our credit card processor: 2Checkout.
    Place of processing: United States – Privacy Policy
  • Analysis and predictions based on the User’s Data (“profiling”)
    The Data Controller may use the Personal and Usage Data collected through DNS to create or update User profiles. This type of Data processing allows the Owner to evaluate User choices, preferences and behaviour for the purposes outlined in the respective section of this document. User profiles can also be created through the use of automated tools like algorithms, which can also be provided by third parties. To find out more, about the profiling activities performed, Users can check the relevant sections of this document. The User always has the right to object to this kind of profiling activity. To find out more about the User’s rights and how to exercise them, the User is invited to consult the section of this document outlining the rights of the User.
  • Personal Data collected through sources different than User
    The Data Controller may have legitimately collected Personal Data relating to Users without their knowledge by reusing or sourcing them from third parties on the grounds mentioned in the section specifying the legal basis of processing. Where the Owner has collected Personal Data in such a manner, Users may find specific information regarding the source within the relevant sections of this document or by contacting the Owner.
  • The Service is not directed to children under the age of 13
    Users declare themselves to be adult according to their applicable legislation. Minors may use DNS only with the assistance of a parent or guardian. If you are under 13 please do not share any information with us. Under no circumstance persons under the age of 13 may use our services.

The rights of Users under the GDPR

Users may exercise certain rights regarding their Data processed by the Data Controller. In particular, Users have the right to:

  • Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given to the processing of their Personal Data.
  • Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
  • Access their Data. Users have the right to learn if Data is being processed by the Data Controller, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected which can always be done by the User in a dedicated platform for that purpose, provided by the Owner.
  • Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Data Controller will not process their Data for any purpose other than storing it.
  • Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to have all their Data erased from the Data Controller.
  • Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
  • Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.

Details about the right to object to processing
In the case of data processing in the public interest, in the exercise of the official power of the Data Controller, the User may object to such processing by providing a valid ground for objection. In the event of objections to treatment for direct marketing purposes, the User may object to such treatment without any justification.

How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and within one month.

Cookies Policy

DNS uses Cookies. To learn more and for a detailed cookie notice, the User may consult the Cookies Policy for more detailed information.

Additional information about Data collection and processing

Legal action
The User’s Personal Data may be used for legal purposes by the Data Controller in any Court or in the legal places leading to possible legal action arising from improper use of DNS or associated Services. The User declares to be aware that the Owner may be required to reveal personal data upon request from the concerned authorities.

Additional information about User’s Personal Data
In addition to the above mentioned sections, DNS may provide additional and contextual information regarding particular services and the collection/processing of personal data upon request.

System logs and maintenance
For operation and maintenance purposes, DNS and any third-party services may collect files that record interaction with DNS (System logs) use other Personal Data (such as the IP Address) for this purpose.

How “Do Not Track” requests are handled
DNS does support “Do Not Track” requests directly from the Website. The User can control and manage what kind of third-party services is being collected or not. Please check the Cookies Policy for more information.

Changes to this privacy policy
The Data Controller reserves the right to make changes and improvements to this document at any time by notifying the Users on this page and/or in the Owner’s website. Depending on the nature of these changes, a notice to the Users may also be sent by email. It is strongly recommended that you check this page frequently, referring to the date of the last change listed below.

If the changes concern processing activities carried out on the basis of the User’s consent, the Data Controller will collect new consent from the User, where necessary.

Latest update: June 3, 2018