Join Waitlist

Privacy Policy

Effective Date: September 27, 2025

1. Introduction

At SafiZero, we are committed to protecting your privacy and safeguarding your personal and organizational information. This Privacy Policy explains how we collect, use, store, and share your data when you interact with our AI-powered SaaS platform, which assists small and medium-sized enterprises (SMEs) and educational institutions with environmental, social, and governance (ESG) compliance and sustainability reporting.

We operate with awareness of key data protection principles, including those outlined in the UAE Federal Decree-Law No. 45/2021 on the Protection of Personal Data and the General Data Protection Regulation (GDPR) of the European Union. However, because SafiZero is currently in a pre-registration phase and not yet fully incorporated in the UAE, this Privacy Policy serves as a general framework. We may update it as our operations evolve to fully align with applicable laws.

By using our Service, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use our platform.

2. Data We Collect

We collect only the data necessary to provide, improve, and secure our Service. This includes:

  • User Details:Information you provide during registration or use, such as your name, email address, organization name, job title, and contact details. This may also include language preferences (English or Arabic).
  • Uploaded Files and Content:Documents, spreadsheets (e.g., CSV/XLSX), or other files you upload for ESG reporting, such as utility bills, emissions data, or compliance records. This may include sensitive business information related to sustainability metrics.
  • Analytics and Usage Data:Automatically collected information about your interactions with the platform, including IP address, browser type, device information, pages visited, and timestamps. We use cookies and similar technologies for analytics, performance monitoring, and enhancing user experience.
  • Communication Data:Any information shared through our support channels, surveys, or feedback forms.

We do not intentionally collect sensitive personal data (such as racial or ethnic origin, health data, or biometric identifiers) unless explicitly provided by you in uploaded content.

3. How We Use Data

We use your data to deliver and improve our platform in the following ways:

  • Service Delivery:To generate ESG reports, map data to compliance templates, and offer AI-assisted insights.
  • Communication:To send alerts, reminders, updates about your account, or relevant regulatory changes.
  • Platform Improvement:To analyze usage patterns and enhance functionality, security, and user experience.
  • Legal & Security Compliance:To meet legal obligations, prevent fraud, or enforce our Terms of Service.

We process data based on your consent, the performance of our contract with you, or our legitimate interests (such as platform security). We do not use your data for automated decision-making that significantly affects you without human oversight.

4. Data Security

We prioritize your data security and implement reasonable measures to protect it from unauthorized access, loss, or disclosure. Key practices include:

  • Encryption:All data is encrypted in transit (TLS 1.3 or higher) and at rest (AES-256).
  • Storage:Data is stored on secure cloud servers, with plans for UAE-based hosting to ensure data residency compliance once fully operational.
  • Access Controls:Strict role-based access for our team, with regular security audits and monitoring.
  • Incident Response:In the event of a data breach, we will notify affected users and relevant authorities as required by applicable laws.

While we strive to protect your data, no system is completely secure. We encourage you to use strong passwords and avoid uploading unnecessary sensitive information.

5. User Rights

You have rights regarding your personal data, and we aim to facilitate their exercise in line with data protection principles. These include:

  • Access:Request a copy of the data we hold about you.
  • Correction:Update or correct inaccurate information.
  • Deletion:Request removal of your data, subject to legal retention requirements (e.g., for audit purposes).
  • Withdrawal of Consent:Revoke consent for data processing at any time, which may limit your access to certain features.
  • Objection or Restriction:Object to processing based on legitimate interests or request restrictions on use.
  • Portability:Receive your data in a structured, machine-readable format.

To exercise these rights, contact us at the details provided below. We will respond within 30 days (or as required by law) and may require identity verification. If you are in a jurisdiction with specific rights (e.g., UAE or EU), we will honor them accordingly.

6. Data Sharing

We do not sell your data to third parties. We may share data in limited circumstances:

  • With Service Providers:(e.g., cloud hosting, AI processing tools) who assist us under strict confidentiality agreements.
  • For Legal Reasons:To respond to court orders, government requests, or legal obligations.
  • Business Transfers:In the event of a merger, acquisition, or asset sale, where data is treated as an asset but remains subject to this Privacy Policy.

All third parties are required to protect your data and use it only for the purposes we specify.

7. Retention

We retain your data only as long as necessary for the purposes outlined in this Privacy Policy, or as required by law. For example:

  • Account data is kept while your account is active and for up to 7 years afterwardto comply with UAE regulatory retention for ESG records.
  • Analytics data is anonymized and retained for up to 2 years.
  • Uploaded files are stored securely in your Evidence Vault for the required compliance period (e.g., 7 years under UAE law).

Upon request or account closure, we will delete or anonymize data unless retention is legally mandated.

8. International Transfers

As a platform targeting the UAE and GCC region, we aim to keep data within the UAE once fully operational. However, during our pre-launch phase, data may be processed or stored in other jurisdictions (e.g., Canada or AWS global regions). We ensure any transfers comply with data protection standards, such as using standard contractual clauses or adequacy decisions where applicable.

9. Pre-Launch Disclaimer

SafiZero is currently operating in a pilot and pre-launch capacity as we prepare for full registration and incorporation in the UAE. During this phase, services are provided on a trial basis, and we may rely on international infrastructure. We are committed to transitioning to full UAE compliance, including data residency, upon registration.

Users participating in pilots acknowledge that features and data handling practices may evolve, and we appreciate your feedback to improve our privacy practices.

10. Contact Information

If you have questions about this Privacy Policy or your data, please contact us at:

Email: support@safizero.ae
Website: www.safizero.ae

We may update this Privacy Policy from time to time. Changes will be posted on our platform with the updated effective date. Continued use after changes constitutes acceptance.