Privacy Policy

Introduction

Welcome to the privacy policy for ilia.ae/en (the “Website”). This Website is a personal site owned and operated by an individual (not a company) based in the United Arab Emirates (UAE), and it is primarily aimed at users in the UAE and the Commonwealth of Independent States (CIS) region. We value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit or interact with our Website, in compliance with UAE’s Federal Decree-Law No. 45 of 2021 (the UAE Personal Data Protection Law) (Data protection laws | The Official Portal of the UAE Government) and in alignment with international best practices such as the EU General Data Protection Regulation (GDPR) principles of transparency, data minimization, and respect for user rights. By accessing or using this Website, you acknowledge that you have read and understood this Privacy Policy.

Please read this policy carefully. If you do not agree with our practices, please discontinue use of the Website. We may update this Privacy Policy from time to time (see “Changes to this Privacy Policy” below), and your continued use of the Website after any changes indicates your acceptance of the revised policy.

Information We Collect and How We Use It

We do not collect personal data directly from you through our own forms or databases on this Website (for example, we have no user registration or comment forms that ask for your personal details). We do not actively ask for information like your name, email address, phone number, or any other personally identifiable information just for browsing our site. However, in order to provide certain features and services on the site, we integrate third-party services which may collect or process personal data about you on our behalf or for their own purposes. Below we explain the types of information that may be collected when you use our Website and how we use that information:

  • Voluntary Information You Provide: If you choose to interact with certain features (such as scheduling a meeting or contacting us), you may provide personal information voluntarily:
    • Scheduling Appointments (Calendly): We use Calendly to allow you to schedule meetings or consultations with us. If you decide to schedule an appointment, you will be asked to provide details like your name, email address, and any additional information relevant to the meeting. This information is collected directly by Calendly on our behalf. We (the site owner) receive these details from Calendly to know who is meeting with us and to coordinate the appointment. We will only use this information for scheduling and communicating with you about the appointment (for example, sending you meeting reminders or follow-ups). We do not store this data on our own servers (Calendly stores it for us), and we do not use it for any purpose other than scheduling the meeting you requested. Calendly processes your data in accordance with its own privacy policy and only as a service provider to us (they act as a data processor facilitating the scheduling service).
    • Contacting Us: If you contact us directly via email, phone, or any other means provided on the Website, you may provide personal data such as your name, email address, phone number, or other contact information. We will use such information solely to respond to your inquiry or provide the service or information you requested. For example, if you email us with a question, we will use your email address to reply and your name to address you properly. We will not use this information for marketing or any unrelated purposes.
  • Usage Data (Analytics): When you browse the Website, we automatically receive some data about your visit through our analytics tools. We use Google Analytics and Yandex Metrica to gather anonymous usage statistics. These analytics services use cookies and similar tracking technologies to collect information about how visitors use the site. The data collected may include:
    • Your device and browser information (e.g. device type, operating system, browser type and version).
    • Your IP address (which may be used to infer your approximate location, such as city or country).
    • The pages you visit on our Website, the time and duration of your visits, the referring page (which page or link you came from), and your navigation path through our pages.
    • Other technical information such as screen resolution, language setting, and whether you are a new or returning visitor.
    This usage data is collected by Google Analytics and Yandex Metrica, not by us directly. We receive it from those platforms in the form of aggregated reports and statistics that help us understand overall visitor behavior and improve our Website’s content, performance, and user experience. We do not use this data to identify you personally. In other words, the analytics information is typically viewed in aggregate (for example, total number of visitors in a month, which pages are most popular, which countries users are from) and is not tied to your name or identity. Where possible, we have enabled settings to enhance your privacy (such as IP anonymization in Google Analytics, which masks part of your IP address). The information collected by these analytics services is processed according to their own privacy practices (see “Third-Party Services” below), and may involve transferring data to their servers outside your country. You can learn more in the “Cookies and Tracking Technologies” section on how to opt out of or control analytics tracking if you wish.
  • Payment Information: We currently do not sell products or services directly through the Website, but we have the capability to accept payments using third-party payment processors Stripe and PayPal (for example, if in the future we offer a paid service or accept donations). If you choose to make a payment or transaction via our site, you will be redirected to either Stripe or PayPal to enter your payment details. Any financial information (such as your credit card number, expiration date, security code, billing address, or PayPal account details) is collected directly by the payment processor (Stripe or PayPal) on their secure payment forms. We do not see or store your full credit card or payment account information. The only information we receive from a payment processor is a confirmation that a payment was completed, along with basic details like the amount, date/time, and the name or email of the payer so we can recognize the transaction. We will use that information for record-keeping (e.g., for our bookkeeping and to confirm we received your payment) and to provide the service or product you paid for. Payment processors like Stripe and PayPal may collect additional data about you (for instance, they might record your IP address or device information as part of their fraud prevention measures). Any information you provide to them will be handled according to their own privacy policies and security standards (which adhere to industry security requirements for payment processing). We only partner with reputable payment providers to ensure your data is handled safely.

In summary, any personal data about you that is processed in connection with this Website is either information you voluntarily provide for a specific purpose (such as scheduling a meeting or contacting us), or information automatically collected by third-party services for analytics or payment processing. We limit this collection to what is necessary to fulfill the purposes described above (this reflects the principle of data minimization under GDPR). We do not collect any sensitive personal data (such as race, religion, health information, etc.), and we do not use any personal data to make automated decisions about you.

Third-Party Services

As mentioned, we rely on a few third-party services to operate certain features of our Website. These third parties may collect, use, or store your data when you interact with our site. Each of these providers has its own privacy policies and terms that govern their use of your data. We have no control over how these third-party services use your information outside of our arrangements with them, so we want to clearly inform you about their involvement. We do not share any more data with these services than is necessary, and in many cases you will be providing your data directly to them by using their integrated feature on our site. Here are the third-party services we use and what to know about each:

  • Google Analytics – This is a web analytics service provided by Google that we use to track and report website traffic. Google Analytics uses cookies (small text files stored on your browser) and similar technologies to collect data about your usage of our site (as described in “Usage Data” above, e.g. pages visited, time spent, device identifiers, and IP address). Google may process this information on servers in various countries (including the United States) and provides us with aggregated reports. Google Analytics helps us analyze how users use the site so we can improve functionality and content. Important: Google Analytics data is subject to Google’s own privacy policy and terms. Google does not give us information that personally identifies you; we only see collective trends. However, Google itself may use the collected data to contextualize and personalize ads on its advertising network, or for improving its analytics service. For more details on how Google collects and processes data, you can refer to the Google Privacy Policy and Google’s documentation on Analytics data practices. If you wish, you can opt out of Google Analytics (see “Your Rights and Choices” below for opt-out options).
  • Yandex Metrica – This is an analytics and user behavior tracking service provided by Yandex (a company operating out of Russia and other countries). We use Yandex Metrica in a similar way to Google Analytics, to gather insights on how users from the CIS region and elsewhere interact with our Website. Yandex Metrica may set cookies or use other techniques to collect usage data such as your page visits, session duration, interactions, and technical information about your device and browser. According to Yandex’s terms, the data collected should not include personally identifying information (and Yandex’s Metrica Terms of Use prohibit site owners from sending personal data like names or emails through the analytics feeds). The information Yandex Metrica collects is stored on Yandex servers and presented to us via an analytics dashboard. This helps us understand user engagement and improve the site (for example, seeing which content is most viewed by users from certain regions). As with Google, the analytics data is aggregate and we cannot identify individual users from it. Yandex will handle the data it collects in accordance with its own privacy policy (see Yandex’s Privacy Policy on their official website for details). If you prefer not to be included in Yandex Metrica analytics, you can opt out by disabling cookies or using a browser extension to block Yandex Metrica scripts (see “Your Rights and Choices”).
  • Calendly – This is a scheduling tool that allows you to book appointments or meetings with us online. We have integrated Calendly on our site to make it easy for users to set up a meeting time. When you use the Calendly scheduling widget or link on our Website, you are interacting directly with Calendly’s system. Calendly may collect personal data that you input to schedule the meeting, such as your name, email address, and the chosen time slot, and possibly other information you opt to provide (for example, you might leave a note about the meeting topic). This data is used to create the appointment in our calendar. Calendly operates as a service provider to us, meaning the information is collected on our behalf to facilitate the scheduling (as we described earlier). Calendly will send us the details of your appointment so we know when to meet you and how to contact you. Calendly may also send you confirmation and reminder emails about the appointment. Your information in Calendly is governed by Calendly’s Privacy Policy and Terms. Calendly is a U.S.-based company and may process data on servers outside your country; they claim to comply with GDPR and other privacy regulations for international users. We trust Calendly to keep your data secure (they implement encryption and other safeguards), and we will not use the information you provide through Calendly for any purpose other than to meet with you as requested. If you want to cancel or modify a scheduled meeting, you can do so through the Calendly links provided in your confirmation, or by contacting us, and your data will be updated or removed accordingly.
  • Stripe – Stripe is a popular payment processing platform that we might use to handle credit/debit card payments on the Website. If in the future we offer something for purchase or accept payments, and you choose to pay via Stripe, you will be interacting with a Stripe payment form. Any personal data and payment details you submit on that form are collected by Stripe directly. This can include your name, card number, billing address, email (for receipt), etc. Stripe will process your payment on our behalf and then provide us with the outcome (success or failure). Stripe may also share with us some basic information like your name, email, or billing country so we can recognize the transaction, but Stripe does not disclose your full credit card number or other sensitive financial info to us. Stripe’s handling of your data is covered by the Stripe Privacy Policy. Stripe is known for maintaining high security standards (they are PCI-DSS compliant, which is an industry standard for card security), so you can feel confident that your payment data is protected by Stripe. We only use the information Stripe gives us to fulfill your order or service and for our financial records. We do not store your payment details on our servers.
  • PayPal – PayPal is another payment option we may offer. If you choose to use PayPal for a transaction, you will be redirected to the PayPal platform (or a PayPal popup) to log into your account or enter payment details. As with Stripe, any information you provide on PayPal’s pages is collected and processed by PayPal directly. PayPal may share with us confirmation of payment and certain details needed for us to verify the transaction (such as your name, email, shipping address if applicable, and what you purchased or the amount paid). We will treat that information with confidentiality and use it only for record-keeping and delivering the product or service you paid for. PayPal’s systems and data processing are governed by the PayPal Privacy Statement. PayPal, like Stripe, is a well-established processor that uses encryption and other safeguards to protect your personal and financial data. We do not have access to your PayPal account credentials or full payment information at any time.

Important Note: Each of these third-party services has its own privacy policy and terms of service. While we have described them here for transparency, we encourage you to review their privacy policies (linked above) for more detailed information on how they handle your data. If you have questions or concerns about how any third-party service uses your information, you should consult their policies or contact them directly. By using these services through our Website, you are essentially consenting to their privacy practices as well. We only partner with reputable third parties that we believe align with strong privacy and security standards.

Cookies and Tracking Technologies

Our Website and the third-party services we use employ cookies and similar tracking technologies to provide functionality and collect usage data. Cookies are small text files placed on your device when you visit a website. They serve a variety of functions, such as keeping you logged in (if the site has accounts), remembering preferences, or in our case, gathering analytics information. Here is how we use cookies and what choices you have:

  • Analytics Cookies: The primary use of cookies on our site is for Google Analytics and Yandex Metrica, as described above. These cookies collect information about how visitors use our site (for example, which pages are visited, for how long, etc.). We use this information to compile reports and to help improve the site. The cookies used by these analytics services may uniquely identify your browser or device, but they do not directly reveal your identity to us. Google Analytics typically uses cookies like _ga, _gid, etc., and Yandex Metrica might use cookies like _ym or others, to distinguish users on each visit. The data from these cookies is sent to Google and Yandex respectively. We do not use analytics cookies to collect personal data for advertising or marketing purposes on our own site; their sole purpose is performance and usage analytics.
  • Calendly Cookies: If a Calendly scheduling widget is embedded on our site or if you click to schedule, Calendly may use cookies to remember your inputs while booking (for example, to keep the time slot you selected or preserve data if you navigate away and come back). These cookies ensure the scheduling process works smoothly. They might also use cookies to remember that you have booked with us before or to manage their widget loading.
  • Stripe/PayPal Cookies: If we include any inline payment forms or integration, Stripe or PayPal might set cookies for security (to detect fraud or recognize a device) or to facilitate the payment process. For example, PayPal might set cookies if you log into PayPal to complete a purchase, to maintain your session.
  • Other Functional Cookies: Our Website itself may use minimal cookies for basic functionality. For instance, since our site is multi-lingual (as indicated by the /en in the URL, implying an English version), a cookie might be used to remember your chosen language (English, Russian, etc.) so that the site remains in your preferred language as you navigate. Aside from that, we do not intentionally set any other cookies for advertising or profiling.

Your Choices: When you first visit our Website, you might see a notification about cookies (if we have enabled a cookie consent banner). If so, you can choose whether to allow or disable certain types of cookies. Even if no banner is present, you can control cookies through your browser settings:

  • You can set your browser to refuse all or some cookies, or to alert you when cookies are being set. Please note that if you disable all cookies, some features of the site (like scheduling or payments) may not function properly because those third-party integrations rely on cookies.
  • Google Analytics Opt-Out: Google provides an official Browser Add-on that you can install to opt out of Google Analytics tracking on all sites.
  • Yandex Metrica Opt-Out: Yandex offers an opt-out solution as well. You can use a browser extension or Yandex’s own blocker to stop data from being sent to Yandex Metrica. Instructions can be found on Yandex’s help pages.
  • Do Not Track: If your browser has a “Do Not Track” (DNT) feature and you enable it, we honor that preference for analytics. Our site’s analytics scripts will detect the DNT signal and not run Google Analytics or Yandex Metrica for your visit, to the extent that those services respect the DNT signals.

By using our site without disabling cookies, you consent to the use of cookies as described in this policy. You can change your cookie preferences at any time. For more details on cookies and how to manage or delete them, visit websites like AllAboutCookies.org which provide guidance.

How We Use Personal Data

We will only use your personal data for specific, limited purposes and in ways that are transparent to you. Under data protection laws, we must have a valid “legal basis” (or reason) to process your personal information. In line with the UAE law and GDPR principles, our use of your data falls under one or more of the following bases:

  • To Provide Services or Information You Request: When you voluntarily provide data to schedule a meeting, to contact us, or to make a payment, we use your data to carry out that request. This is often considered contractual necessity or consent. For example, if you schedule a consultation, we use your provided contact information to hold the meeting (effectively, you consented for us to do so by providing the info). If you make a payment for a service, we process that data to complete the transaction and deliver whatever was purchased.
  • Consent (for Analytics Cookies): For collecting analytics information via cookies, we rely on your consent. When you use the site, we assume you consent to the placement of analytics cookies (unless you opt out) so we can understand site traffic. This consent can be withdrawn at any time by disabling cookies or using the opt-outs mentioned. Under the UAE PDPL, personal data should generally only be processed with the consent of the data subject (Data protection laws | The Official Portal of the UAE Government), and our use of analytics and other optional features is based on your consent.
  • Legitimate Interests: In some cases, we may process your data because we (or a third party) have a legitimate interest in doing so, and we believe this does not override your rights. For instance, we have a legitimate interest in understanding how our Website is used so we can improve it. We also have a legitimate interest in keeping records of transactions (for running our personal business and complying with any financial regulations). When we rely on legitimate interests, we ensure that we consider and balance any potential impact on you (both positive and negative) and your rights under privacy laws. We do not use legitimate interest as a basis for processing when your personal rights and interests outweigh ours.
  • Legal Obligation: We may need to process or retain certain data to comply with a legal obligation. For example, if there are applicable accounting rules, tax laws, or lawful requests from authorities, we will process and disclose data as required by law.

We will not use your personal data for any purpose that is incompatible with the purposes described in this Privacy Policy, unless we obtain your consent or are required/permitted by law to do so. Specifically, we do not use your data for unsolicited marketing, and we do not engage in any kind of automated decision-making or profiling that has legal or significant effects on you.

Data Sharing and Disclosure

We treat your personal information with care and confidentiality. We do not sell, rent, or trade your personal data to any third parties for their own marketing or other purposes. In plain terms, we will never profit from your personal information by selling it to others. We also do not share your data with third parties except in the limited circumstances described here:

  • Service Providers: We may share information with the third-party services outlined above (Google, Yandex, Calendly, Stripe, PayPal) to the extent necessary for them to provide their services. For example, if you schedule a meeting, we obviously share (or rather, collect via Calendly) your meeting information with Calendly; if you make a payment, your details go to Stripe/PayPal. These providers are bound by contracts or terms to use the information only for the purposes we’ve agreed upon (e.g., Calendly can’t use your meeting info to spam you; Stripe can’t use your credit card for anything except processing the payment). We ensure that these partners are reputable and comply with applicable data protection requirements.
  • Legal Requirements: We may disclose personal information if we are legally required to do so – for instance, in response to a court order, subpoena, or other government demand lawfully requiring us to hand over data. We will only disclose what is necessary and will verify that the request is legitimate. Additionally, we might disclose information if we believe in good faith that it’s necessary to: (a) comply with the law or cooperate with law enforcement (such as investigating fraud or security issues); (b) protect our rights, privacy, safety, or property, or that of our visitors or the public; or (c) enforce this Privacy Policy or any other agreements.
  • Business Transfers: Since this is a personal site owned by an individual and not a company, business transfer scenarios are unlikely. However, if in the future the ownership of the Website or its assets were to change (for example, if the domain is sold or the site content is transferred to another party), personal data held by the site (if any) might be part of that transfer. We will ensure the new owner continues to honor the commitments we have made in this Privacy Policy, and we will notify users (for example, via a notice on the site) of any such change and any choices you may have regarding your data.

Other than the above, no third party will receive or have access to your personal data from us. In particular, we do not share your data with advertisers or social media companies (we have no social media plugins collecting your data, and we don’t run ads that require your data). The data that third-party analytics services collect (Google/Yandex) is not personal data that we share, but rather information those services observe through your interactions. However, we include them here to be fully transparent.

International Data Transfers

We are based in the UAE, but the third-party services we use may process your data in other countries. Whenever your personal data is transferred across national borders, we take steps to ensure it is protected in line with applicable laws. The UAE Personal Data Protection Law sets requirements for cross-border transfer of personal data (Data protection laws | The Official Portal of the UAE Government), and we strive to meet those requirements. Here is what to know about international data flows related to our site:

  • Third-Party Servers: Google Analytics and Stripe may store data in the United States or other jurisdictions outside the UAE/CIS. Yandex Metrica might store data in Russia or other countries. Calendly and PayPal are U.S.-based companies, so data you provide to them will likely be stored on servers in the United States or possibly the European Union. This means your personal information (IP address, name/email for scheduling or payments, etc.) might be transferred to and processed in a country different from your home country.
  • Data Protection Safeguards: We only use third-party services that claim to handle data securely and lawfully. For example, if you are in the UAE or another country with data protection laws, and your data is sent to another country, the third-party should have safeguards in place. Google and Stripe, for instance, implement standard contractual clauses and other measures for data transfers from Europe (and similar measures would apply for UAE data). Calendly as a processor offers a Data Processing Addendum aligning with GDPR standards, which includes commitments on international transfers. While the specifics can vary, the general idea is that **your data will receive a similar level of protection as it would under UAE law or other applicable privacy laws, even when it’s transferred abroad.
  • Your Consent to International Transfer: By using our site and providing information to us or our integrated services, you consent to the transfer of your information to other countries as described. We will always handle your personal data in accordance with this Privacy Policy, wherever it is processed. However, please note that different countries may have different data protection laws than your country of residence. In some cases, the laws of those countries might not be as protective as those in your own country (for example, not all jurisdictions have laws as strict as the UAE PDPL or GDPR). In such cases, we rely on the contractual and technical measures our third-party processors have in place to protect your data.

If you have questions about cross-border data transfer or need more specific information about where a particular service might hold your data, feel free to contact us (see “Contact Us” section). We understand the importance of keeping your data safe and will help provide information where possible.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Because our direct data collection is minimal, our retention practices are straightforward:

  • Analytics Data: The information collected via Google Analytics and Yandex Metrica is retained according to the settings in those services. We have configured our Google Analytics data retention period to a reasonable length (e.g., 14 months, or as per default) after which Google automatically deletes old data. Yandex Metrica data retention is managed by Yandex (they typically retain data as long as the account is active). We primarily look at aggregated data, and do not personally store this raw analytics information outside those platforms. If we ever download analytics reports, they would be aggregated and used for internal analysis, not kept indefinitely.
  • Calendly (Scheduling) Data: If you schedule a meeting, Calendly retains the information of that meeting in our account schedule. We generally keep the meeting details (like your name, contact info, and the event details) in Calendly or in our calendar for reference until the meeting is concluded and for some time afterward in case we need to remember what was discussed. Typically, we might retain those emails or calendar entries indefinitely for our personal records, unless you request deletion (for example, if you want us to remove your contact info after the meeting). Calendly invitations on our calendars may remain as part of our email/calendar history unless cleaned up. However, if you wish for us to delete your information after the meeting, you can let us know and we will remove your details from Calendly and our calendars to the extent possible.
  • Payment Records: If you conduct a transaction, we will retain the payment records as long as necessary for accounting and tax purposes. For instance, UAE law or other applicable regulations might require us to keep transaction receipts for a certain number of years. We will keep minimal personal data in those records (likely just your name, contact, amount, date, and service description) and only for compliance reasons. We do not keep your card details. Stripe and PayPal will have their own retention policies (they may keep transaction data per legal requirements, which can be several years).
  • Correspondence: If you contacted us via email or other means, we may retain that correspondence for our records. For example, emails you send might be stored in our email account indefinitely, which is a standard practice, to keep track of communications. We will securely archive or delete them if no longer needed.

In all cases, we ensure that retained data remains secure and is only used for the purposes originally intended. When your personal data is no longer necessary or if you request its deletion (and we have no legal obligation to retain it), we will securely delete or anonymize it. For example, upon your request, we can delete your contact information from our systems (Calendly, email, etc.) assuming we don’t require it for a pending service or legal reason.

Data Security

We are committed to keeping your personal data secure. While no website or online service can guarantee absolute security, we implement appropriate technical and organizational measures to protect your information. Here are some of the security practices in place:

  • The Website is built on WordPress and is kept updated with the latest security patches and plugins to prevent unauthorized access. We use reputable hosting services that maintain firewalls and intrusion detection.
  • Our site is accessible only over HTTPS (secure HTTP) which encrypts data between your browser and our site. This means any data you transmit (such as when scheduling a meeting or browsing pages) is encrypted in transit.
  • We have limited access to any personal data. Since we do not store much data on our servers, the risk is minimized. Personal data you provide (like scheduling info or payments) is handled by third parties with robust security measures:
    • Calendly uses encryption and secure protocols to protect the data you enter. They also implement access controls so that only authorized people (such as the site owner) can see your scheduling information.
    • Stripe and PayPal are established payment providers that use high-grade encryption and security compliance (PCI-DSS) to protect financial data. We rely on their secure infrastructure for any payments.
    • Google Analytics and Yandex Metrica data is stored on Google’s and Yandex’s servers respectively, which have their own strong security practices. Additionally, the data is largely aggregated and not personally identifying.
  • We (the site owner) ensure that any devices or accounts we use to access personal data (such as the email receiving Calendly notifications, or the Calendly/Stripe dashboards) are protected with strong passwords and, where available, two-factor authentication. We also take care to log out of sensitive services and keep our own systems free of malware.

Despite all precautions, it’s important to note that no method of transmission over the Internet, or method of electronic storage, is completely secure. While we strive to protect your personal information, we cannot guarantee its absolute security. In the unlikely event of a data breach involving your personal data, we will follow applicable laws to inform any affected users and authorities as required. UAE’s data protection law and best practices would require us to take immediate steps to contain the breach, assess the scope, and notify the UAE Data Office or other relevant bodies if significant (similar to breach notification under GDPR). We would also let you know if your data was compromised and advise on any steps you should take.

By using our Website, you acknowledge these security measures and understand that there is always some risk involved in transmitting data online. We promise to do our best to protect your data and to be transparent with you in the event something unexpected occurs.

Your Rights and Choices

We respect your rights to control your personal data. Because we operate in the UAE and serve users in various jurisdictions, we aim to uphold the rights granted by UAE law as well as key rights from GDPR and similar regulations. These rights may include:

  • Right to Be Informed: You have the right to know what personal data we collect, how we use it, and who we share it with. This Privacy Policy is part of fulfilling that right by providing you detailed information. If you have any questions that are not answered here, you can always contact us for more information.
  • Right of Access: You have the right to request a copy of any personal data that we hold about you, and to obtain information about how it is processed (Overview of UAE’s Federal Decree-Law No. (45) of 2021 on PDPL – Securiti) (Overview of UAE’s Federal Decree-Law No. (45) of 2021 on PDPL – Securiti). For example, you can ask us to confirm whether we are processing your personal data and provide you with a copy of that data (this might include any info you gave us via Calendly or email). Given that we have minimal data, in most cases this would simply be communications you’ve sent or scheduling entries. We will provide this to you free of charge within a reasonable time (as required by law).
  • Right to Rectification: If you believe that any personal data we have about you is inaccurate or incomplete, you have the right to request that we correct or update it (Overview of UAE’s Federal Decree-Law No. (45) of 2021 on PDPL – Securiti). For instance, if you scheduled a meeting and misspelled your name or changed your email, we can update our records (and inform Calendly or others, as needed) to correct it.
  • Right to Erasure: This is also known as the “right to be forgotten.” You can ask us to delete personal data we hold about you in certain circumstances (Overview of UAE’s Federal Decree-Law No. (45) of 2021 on PDPL – Securiti). For example, if you had scheduled a meeting but later want your contact info removed from our records, or if you simply don’t want us to have your data anymore and it’s no longer necessary for us to keep it, you can request deletion. We will comply provided we have no legal obligation or overriding reason to keep the data. If the data is held by a third-party (e.g., Calendly or Google), we will do our best to facilitate the removal of your data from those services as well.
  • Right to Restrict or Object to Processing: You have the right to object to certain types of processing or to ask that we limit how we use your data (Data protection laws | The Official Portal of the UAE Government) (Overview of UAE’s Federal Decree-Law No. (45) of 2021 on PDPL – Securiti). For instance, you can object to being included in analytics tracking. If you do, we will honor that by excluding your visits from Google Analytics and Yandex Metrica (you can do this yourself via the opt-out methods described, or contact us for assistance). You can also object to any processing that you consider not justified. In practice, since we only process data for specific purposes (scheduling, analytics, etc.), this right would mostly apply to analytics or future marketing (which we don’t do without consent). We have provided ways to opt out of analytics as described above. If you want to restrict processing (say, ask that we keep your data but not use it), we can also accommodate that, though typically we either use data for the narrow purpose or not at all.
  • Right to Data Portability: For any data you provided to us directly, you have the right to request that we provide it to you in a commonly used electronic format, or transfer it to another service if technically feasible (Overview of UAE’s Federal Decree-Law No. (45) of 2021 on PDPL – Securiti). In our context, this might apply if, for example, you gave us certain information and you want to re-use it elsewhere. Given the limited data we handle, this right might rarely need to be exercised, but it’s there for completeness. If you needed a copy of, say, your scheduling entries in a structured format, we would cooperate to provide that.
  • Right to Withdraw Consent: Where we rely on your consent to process data (such as for analytics cookies or if we ever ask your consent for something like a newsletter), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the legality of any processing we did based on consent before your withdrawal. For example, if you initially allowed cookies but then changed your mind, you can delete/disable cookies and we will stop tracking your visits going forward. If you gave consent for a certain use of your info and then withdraw it, we will cease that use.
  • Right Not to be Subject to Automated Decision-Making: We do not engage in automated decision-making or profiling that produces legal effects concerning you. In any case, under laws like the GDPR, you have the right not to be subject to a decision based solely on automated processing (including profiling) which significantly affects you (Overview of UAE’s Federal Decree-Law No. (45) of 2021 on PDPL – Securiti). All of our processes involve human decision-making (for instance, we personally review analytics in aggregate, we personally respond to communications, etc.).
  • Right to Complain: If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In the UAE, the UAE Data Office is the designated data protection regulator (once fully established) under the new law. If you are located in a different country, you may instead contact your local data protection authority. We would appreciate the chance to address your concerns first, so we encourage you to contact us directly to resolve any issue. We take privacy seriously and will do our best to respond and remedy any problems.

To exercise any of these rights, you can contact us using the information provided in the “Contact Us” section below. We may need to verify your identity before fulfilling certain requests (to ensure we don’t disclose your data to someone else). For example, if you email us requesting data deletion, we may reply asking you to confirm some details that only you would know (like the email you used in Calendly) to verify it’s really you. We will respond to your request within a reasonable timeframe and in accordance with applicable law (usually within 30 days for most rights, and we’ll inform you if we need more time).

Please note that some rights may not be absolute. There may be legal exceptions (for example, we might not delete data that we are required by law to keep, or we might refuse a request to access data if it would infringe on another person’s privacy). But we will explain any such decisions to you if they occur. Our goal is to be as transparent and accommodating as possible.

Children’s Privacy

Protecting the privacy of minors is important to us. Our Website is not directed to children, and we do not knowingly collect personal data from individuals under the age of 13 (or the equivalent minimum age in relevant jurisdictions). If you are under 13, please do not use this Website or provide any personal information (such as your name, email, or phone number). We do not offer services that would typically be used by children without parental supervision.

If we become aware that we have inadvertently collected personal information from a child under 13 (for example, if a child booked a Calendly meeting without our knowledge of their age), we will take steps to delete that information as soon as possible. If you are a parent or guardian and you believe your child has provided personal data to us, please contact us immediately so we can remove the information.

For users in the UAE and CIS, if any local law has defined a different age threshold for minors (for instance, some may define children as under 18 for certain data rights), we will respect those requirements. We do not anticipate serving content or services to anyone under 18 that would involve personal data.

Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make changes, we will post the updated policy on this page and update the “Last Updated” date at the bottom. If the changes are significant, we may also provide a more prominent notice (such as a banner on the Website or an email notification if appropriate).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Website after any modifications to the policy will constitute your acknowledgment of the changes and agreement to abide by the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please feel free to contact us. As the site is owned by an individual, you can reach out directly to the owner at:

Email: contact@ilia.ae (Please include “Privacy Inquiry” in the subject line for quicker attention.)
Contact Form: If our Website has a contact form, you may send your request through that form as well.

We will do our best to respond promptly to any request or concern. If you are contacting us to exercise a specific data protection right, please clearly describe your request (for example, “I am requesting a copy of my personal data that you have,” or “I withdraw my consent for analytics tracking”). We may reach back for verification of identity or clarification if needed, but we will handle your request in accordance with applicable law.

Your privacy is important to us, and we mean it. We appreciate that you trust us with your information when you use our Website. We are committed to safeguarding that information and using it responsibly. If you have any questions about this policy or any privacy matter, we are here to help.

Last Updated: [April 08, 2025] (Data protection laws | The Official Portal of the UAE Government) (Data protection laws | The Official Portal of the UAE Government)

2009 - 2026