Legal

Privacy Policy

Last updated: June 2025

At eBiz CRM, your privacy is important to us. This policy describes how we handle your personal data in compliance with the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021) and other applicable regulations.

1. Overview

eBiz CRM ("we", "us", or "our") is committed to protecting the privacy of its users. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data in connection with our cloud-based CRM platform ("Service"). It applies to all users registered on our platform including company administrators, managers, and staff.

2. Data We Collect

We collect data in the following categories: • Account data — name, email address, phone number, company name, and role provided during registration. • Usage data — pages visited, features accessed, session duration, IP address, browser type, and device information, collected automatically. • Customer data — any data you input into the Service, including lead records, client information, transaction records, visa and licence files, and HR data. • Communications — messages you send via our contact form or support channels.

3. How We Use Your Data

We use your data to: (a) provide, maintain, and improve the Service; (b) authenticate you and manage your account; (c) send transactional emails such as password resets and system notifications; (d) respond to support requests; (e) process payments and manage subscriptions; (f) comply with legal obligations; and (g) detect and prevent fraud or abuse. We do not use your data for advertising purposes or sell it to third parties.

5. Data Sharing and Third Parties

We may share data with: (a) service providers who help us deliver the Service (e.g. cloud hosting, email delivery, payment processing) under strict data processing agreements; (b) professional advisors such as lawyers and accountants, under confidentiality obligations; (c) regulatory authorities or law enforcement when required by applicable UAE law. We do not sell, rent, or trade personal data with third parties for marketing purposes.

6. Data Retention

We retain account data for the duration of your subscription and for up to 90 days after termination to allow for data export. Customer data within the platform is retained according to your organisation's data management practices. Anonymised analytics data may be retained indefinitely. You may request deletion of your personal data at any time by contacting admin@ebizcrm.com.

7. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, role-based access controls, and regular security assessments. However, no method of transmission over the internet is 100% secure. You are responsible for maintaining the security of your account credentials.

8. Your Rights

Under the UAE PDPL and applicable law, you have the right to: (a) access the personal data we hold about you; (b) correct inaccurate or incomplete data; (c) request deletion of your data ("right to be forgotten") subject to legal retention requirements; (d) restrict or object to certain processing; (e) data portability — receive your data in a structured, machine-readable format; and (f) withdraw consent where processing is based on consent. To exercise any of these rights, contact admin@ebizcrm.com.

9. Cookies

We use essential cookies to keep you signed in and remember your preferences. We also use analytics cookies (e.g. session tokens) to understand how the Service is used. You can disable cookies through your browser settings, but this may affect Service functionality. We do not use third-party advertising cookies.

10. International Transfers

Our servers are located in the UAE or within regions that provide adequate data protection as determined by the UAE data protection authority. Where data is transferred outside the UAE, we ensure appropriate safeguards are in place such as standard contractual clauses or data processing agreements.

11. Children's Privacy

The Service is not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If you become aware that a minor has provided us with personal data, please contact admin@ebizcrm.com and we will take steps to delete that information.

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated by email or in-app notification before they take effect. The "last updated" date at the top of this page indicates when the policy was last revised.

13. Contact & DPO

For any privacy-related questions, requests to exercise your rights, or to reach our Data Protection Officer, please contact us at: admin@ebizcrm.com or via the contact form at ebizcrm.com/contact.

Request DemoChat with us