1. Who we are
Basha Technology Solutions LLC is a limited liability company registered in Sharjah Media City (Shams) Free Zone, Sharjah, United Arab Emirates, with Trade License 2324031.01, and acts as the data controller for personal data processed in connection with the Services.
Our registered address is: Sharjah Media City, Sharjah, UAE.
Contact email: [email protected] | [email protected]
2. Information we collect
We may collect and process the following categories of information, depending on how you interact with the Services:
Identification and contact information: name, email address, phone number, company name, job title.
Account and authentication data: username, hashed passwords, account settings.
Usage and technical data: IP address, device and browser information, log data, pages viewed, clickstream, timestamps, and interactions with features (including AI features).
Transaction and billing data: subscription details, invoicing information, partial payment details processed via our payment providers (we do not store full card numbers ourselves where we use a third‑party processor).
Communications: support requests, feedback, survey responses, and other correspondence.
Platform‑specific data (e.g., from Meta, Google, or other integrated platforms): data that you authorize us to access via APIs or connectors, such as ad account identifiers, campaign metrics, profile data and permissions, as permitted by those platforms’ terms.
We limit collection to what is necessary to provide and improve the Services and as permitted by applicable law and platform policies.
3. How we use your information
We process your information for the following purposes:
To provide, operate, and maintain the Services, including account creation, login, and core functionality.
To power AI‑driven features such as insights, recommendations, content generation, and workflow automation, and to help you manage and optimize your marketing activities.
To personalize your experience, for example by tailoring dashboards, suggestions, or content based on your usage.
To provide customer support and respond to your inquiries or requests.
To perform analytics, monitoring, testing, and improvement of the Services (including quality, performance, and security).
To comply with legal, regulatory, tax, and accounting obligations in the UAE and other applicable jurisdictions.
To enforce our terms, protect our rights, and prevent fraud or misuse.
We do not use your data to make decisions about eligibility for credit, employment, housing, or similar high‑risk outcomes, and we do not process data for unlawful or discriminatory profiling.
4. Legal bases for processing
Where required by law, we rely on one or more of the following legal bases:
Your consent (for example, certain marketing or when you connect third‑party platforms to our Services).
Performance of a contract (for example, providing and managing your subscription).
Compliance with legal obligations (for example, bookkeeping, responding to lawful requests).
Our legitimate interests (for example, improving our Services, ensuring security), provided that these interests are not overridden by your rights and freedoms.
Where we use AI or profiling in ways that may significantly affect individuals, we implement additional safeguards required under applicable data protection laws, which may include transparency measures, impact assessments, and options for human review.
5. AI features and automated processing
Our Services leverage artificial intelligence and machine‑learning technologies to help analyze data, generate content, and provide recommendations.
AI output is generated automatically and may sometimes be inaccurate, incomplete, or not appropriate for every context; you are responsible for reviewing and verifying AI outputs before relying on them.
AI features are intended to assist and augment human decision‑making, not replace it. You remain responsible for your campaigns, content, and business decisions.
Unless we clearly say otherwise, we do not train proprietary models in a way that allows other customers to see or infer your specific identifiable personal data. We may, however, use aggregated or de‑identified data to improve and develop the Services where permitted by law.
You should not use the Services to process highly sensitive data (such as health, detailed financial account data, or government ID numbers) unless we have expressly agreed in writing and implemented appropriate safeguards.
6. How we share your information
We may share personal data in the following circumstances:
Service providers and processors: with trusted third parties who host our infrastructure, provide analytics, payment processing, communications, customer support tools, or other operational services, under contracts requiring confidentiality and appropriate data protection.
Integrated platforms: with platforms like Meta, Google, or others when you connect or use integrations, in line with their terms and your permissions.
Professional advisers: with lawyers, auditors, and consultants, where necessary and subject to confidentiality obligations.
Legal and regulatory: where required to comply with laws, regulations, court orders, or lawful requests from competent authorities.
Business transfers: in connection with a merger, acquisition, sale of assets, or similar transaction, subject to appropriate safeguards.
We do not sell your personal data.
When we process “Platform Data” from third‑party platforms (such as Meta), we only use it as permitted by those platforms’ terms, this Policy, and applicable law, and we do not sell, license, or purchase such platform data.
7. International data transfers
Our infrastructure and service providers may be located in other countries. Where personal data is transferred outside the UAE, we take reasonable steps to ensure an adequate level of protection, using contractual safeguards and other measures consistent with UAE data protection requirements and, where applicable, GDPR‑style standards.
8. Data retention and deletion
We retain personal data only for as long as necessary to fulfill the purposes described in this Policy or as required by law (for example, accounting or regulatory retention periods).
When data is no longer needed, we will delete or de‑identify it in line with our retention practices, unless we must keep it longer to comply with legal or contractual obligations.
You can request deletion of certain personal data by contacting us (see section 11). We will honor such requests where required by law, taking into account our need to retain some data for legal, security, or operational reasons.
9. Your rights
Depending on your jurisdiction, and subject to applicable law, you may have some or all of the following rights:
Access: to request confirmation whether we process your personal data and to obtain a copy.
Rectification: to request correction of inaccurate or incomplete data.
Deletion: to request erasure of your data in certain circumstances.
Restriction: to request that we limit certain types of processing.
Objection: to object to processing based on legitimate interests, including certain profiling.
Consent withdrawal: where processing is based on consent, to withdraw that consent at any time (without affecting prior lawful processing).
To exercise these rights, contact us at {{support_email}}. We may ask you to verify your identity and will respond within a reasonable period in accordance with applicable law.
10. Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or destruction. These measures may include access controls, encryption in transit and at rest where feasible, audit logs, and regular security reviews for our cloud‑based infrastructure.
However, no system can be guaranteed fully secure. If we become aware of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify relevant authorities and, where required, affected users in accordance with applicable laws and platform obligations.
If you believe you have discovered a security vulnerability, please contact us at {{support_email}}.
11. Children’s privacy
Our Services are not intended for children under the age of 18, and we do not knowingly collect personal data from children under this age. If you believe a child has provided us with personal data, please contact us so we can take appropriate steps to delete such data where required by law.
12. Third‑party websites and services
The Services may contain links to or integrations with third‑party websites, apps, or services. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review their privacy policies before providing any personal data.
13. Changes to this Privacy Policy
We may update this Privacy Policy from time to time, for example to reflect changes in law, our practices, or the Services. We will post the updated version on this page with a revised “Last updated” date, and, where required by law, will notify you through the Services or by email.
Your continued use of the Services after an update becomes effective will mean that you accept the revised Policy.
14. Contact us
If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your data, you can contact us at:
Basha Technology Solutions LLC
Sharjah Media City (Shams) Free Zone
Sharjah Media City, Sharjah, UAE
Email: [email protected] | [email protected]