Privacy Policy

Thank you for visiting our website www.signdesk.ae or our App, the terms; “We/Us/Our/Company/DNL” individually and collectively refer to Signdesk.ae, owned by Desk Nine Limited having its registered office at Desk D08, 15th Floor, Al Sarab Tower, Abu Dhabi Global Market, Al Maryah Island, Abu Dhabi, United Arab Emirates and the terms “You/Your/Yourself” refer to the users/members under SaaS Agreement. This privacy policy (“Privacy Policy”) describes our procedures and policies regarding the collection, processing, and disclosure of Your information whilst using our Services.

This Privacy Policy is an electronic record in the form of an electronic record contract formed under the UAE Civil Code and the rules made thereunder and the amended provisions pertaining to electronic documents/records in various statutes as amended by the Electronic Transactions and Trust Services law.

This Privacy Policy does not require any physical, electronic or digital signature and when You visit our website www.signdesk.ae (the “Website”), use our mobile application, as the case maybe (the “App”) and more generally, use any of our services (the “Services” which include the Website and App), You provide Your unconditional, irrevocable consent to this Privacy Policy for the purposes prescribed under, including but not limited, to provisions of Electronic Transactions and Trust Services including any other applicable acts. If there are any terms in this Privacy Policy that You do not agree with, please discontinue the usage of our Services immediately.

This Privacy Policy is a legally binding document between You and DNL. This Privacy Policy is published and shall be construed in accordance with the provisions of the applicable law that require publishing of the Privacy Policy for the collection, use, storage and transfer of sensitive personal data or information.

This Privacy Policy applies to all such information collected and used by our Website and App. This Privacy Policy applies to all individuals and entities who chose to access our Website or use our Services.

At SignDesk, We value Your Privacy. This Policy sets out what information we collect and how we use the information from our customers and other individuals, including you, while you are using our services from Signdesk.ae, Signdesk.in, Signdesk.com, SignDesk Application, or any of our other products and services that link to our Product and services as our web client or as our professional client.

  1. What Information do we collect?

    Direct Collection

    We collect any information that you provide to us directly-

    • while You register with our Website and mobile application;
    • when You choose to create or modify Your information,
    • when You request our services, contact our support team, or otherwise communicate with us. All such information will be stored in our database and shall be processed in accordance with the purposes listed herein. We collect information when you express an interest in obtaining information about us or our products and services. The personal information collected by Us depends on the context of Your interactions and the choices you make.
    • The information We collect may include name, email, phone number, postal address, identity card information, identity proof details, profile picture, payment method, items requested (for services), delivery notes, location details, geolocation and the video record of Your consent.

    Indirect Collection as Data Processor

    In certain circumstances, We may have an Agreement with Third-Party Organizations, under the scope of which We would be processing personal information about You. In cases where information regarding You is supplied by third parties, they are regarded as controllers of the data. In case You have any clarifications and objections We request you to consult the said third party.

    Information We collect through Your Use of Our Services:

    In certain circumstances, We may have an Agreement with Third-Party Organizations, under the scope of which We would be processing personal information about You. In cases where information regarding You is supplied by third parties, they are regarded as controllers of the data. In case You have any clarifications and objections We request you to consult the said third party.

    1. Personal Information:

      We collect personal information that You voluntarily provide to Us upon registration and through the usage of our Services and any other information You may provide to Us whilst accessing our Services. It shall include Your name, age, address, mobile number, contact information, identity card information, identity documents, age and other details. Product-wise Information details are provided in Section 2

    2. Company Information:

      Depending on the package You opt for, We would collect any such information deemed essential for rendering the services. These shall include Name of the company, Officers, Registered Office, Contact Person, Authorized Representative Details, Contact details, Industry of the company, Director/Partner information, Capital Information, and Business details.

    3. Location Information:

      When You use our Services, We may collect and process information about Your actual location. We use various technologies to determine Your location which includes IP Address, Global positioning system, and other sensors. The data is collected only when You use Our Website or App or only in instances where location details are instrumental for the purposes involved. You can choose to not provide such data otherwise by the settings available to you, however, for certain services, location data forms a mandatory part of the process.

    4. Transaction Information:

      We shall collect data necessary to process Your transaction whilst using our services or subscriptions and these shall include the type of service requested, date and time the service was provided, amount charged, and any other detail related to the transaction. In an instance of referral where someone uses Your promo code, We may associate Your name with that person.

    5. Usage and Preference information:

      We collect information about how our visitors access or interact with the Website or App, the services opted for, the preferences and the settings opted for. We may use cookies, pixel tags or any other similar technology to collect certain data such as device or usage information, including country, location, IP address, browser, operating system, device name, referring URLs, hardware model, software and file names and versions, preferred language, unique device identifier, advertising identifier, serial number, device motion information, and mobile network information. This information is primarily required to maintain efficient security and help us to improve user experience and future performance.

    6. Log Information:

      When You interact with the Services, We collect server logs, which may include information like device IP address, access dates and timings, app features or pages viewed, app crashes and other system activity, type of browser, and third-party site or service You were using before interacting with Our Services.

    7. Payment Information:

      The information provided by You shall be used for the generation of payment invoices directly by Us.

      .

    8. Additional Information collected:

      1. Whilst using the SignDesk App, We also collect the following information:

        1. Geo-location information

          SignDesk App may request access or permission to track location-based information from Your mobile device whilst using the App in order to provide certain location-based services. You can change Your device/browser settings to revoke access to Your location. The location information is recorded only whilst using the App and we do not track such information when the device is idle.

        2. Mobile Features Access

          SignDesk App may request access or permission to features such as storage, camera, location, and microphone. You can clear these permissions at any time.

        3. Device Data

          SignDesk App may automatically collect device information such as Device ID, Model, Manufacturer, Operating System, Version information, Configuration Information, Identification numbers, browser type, and IP Address.

        4. Push Notifications

          In order to provide an improved user experience and impetus to explore the features of our App, We may send You push notifications to help You have a better experience and explore more features or offers provided by Us. You can opt-out of push notifications by turning them off at any time.

  2. Product-wise Information collected

    1. Digital Onboarding

      The information collected for this service varies and may include such information as name, physical address, email address, phone number, driver’s license number, state or national ID card number, passport number, or other ID card number, date of birth, documents, and live video. In some cases, SignDesk may collect a visually scanned or photographed image of Your face and/or Your identification card, driver’s license, passport.

      Under the digital onboarding process We provide services with regard to KYC & KYB, AI based verification and includes features like liveliness detection. For this process, We procure the following information:

      1. Name

      2. Email Address

      3. Phone Number

      4. Address

      5. Passport/ Driver’s License,

      6. UAE Pass

      7. And any other information as may be required;

    2. Execution Management

      Under execution Management Services We cover OTP & Video Based Signatures, Integrations for facial matching & ID verification, Audit Trail & Evidence creation. With regard to this We procure and process the following information:

      1. Name

      2. Email Address

      3. Phone Number

      4. Address

      5. Information such as name, email address, and phone numbers of the secondary signatory or related parties

      6. And any other information as may be required;

    3. Document Management

      Under document management Services We provide Configurable templates, provide for an intelligent drafting & negotiating capability and features such as reminders and notifications. With regard to this We procure and process the following information:

      1. Name

      2. Email Address

      3. Phone Number

      4. Address

      5. And any other information as may be required;

  3. Why do we collect such information?

    We use the information We gather for the following purposes:

    • To facilitate account creation, authentication, billing, account management, and other administrative matters;

    • Perform internal operations such as the prevention of fraud and abuse of Our Services; troubleshoot software bugs and operational problems, data analytics, testing, research, and to monitor and analyze usage and activity trends;

    • Send You information about our products, services, promotional mailers, news, and events of Signdesk and other companies where permissible and according to local applicable laws and to process contest, sweepstake or promotional entries and fulfill any related awards;

    • We collect information from You when You use Our platform for which a Service Agreement was executed;

    • Personalization and improvement of Services, so as to recommend features, content, connections, referrals, promotions, surveys, and advertisements.

  4. Facial recognition

    • If You agree to use Our Biometric Facial Recognition, or other facial recognition services that We offer to our business customers, We will collect an image of Your face that you provide through a mobile app or such other device (i.e. a selfie) and a photo or scanned image of Your face as it appears on an identification document.

    • Please note that We will use facial recognition technology only for the purpose of verifying Your identity as the person who appears on the identification document.

    • SignDesk will share the facial scans of its customers through whom You used SignDesk's identity verification service. SignDesk will retain Your facial recognition information, including the photo of Your face and photo or scan of Your identification document, for the amount of time requested by the SignDesk customer through which you used SignDesk's identity verification service. In no event will SignDesk store Your facial recognition information after SignDesk ceases to have a customer relationship with the customer through which you used SignDesk’s identity verification service.

  5. Sharing of Information

    • The information that You provide to Us may be shared as per the terms in this Privacy Policy or as informed at the time of collecting such information. We only share Personal Information with third-parties licensed service providers for availing authentication services on Our behalf, for which We have already obtained Your consent.

    • All information shared by You will be stored on the AWS Cloud based platform, the terms and conditions of which can be found at https://aws.amazon.com/service-terms/.

      1. Certain services We provide are in conjunction with third-party service providers who are authorized by appropriate regulatory bodies and We are bound by such applicable terms. We have a good faith belief that access, usage, preservation or disclosure of such information is reasonably necessary to -

        1. Comply with all applicable laws, regulations, legal processes, including but not limited to the rules and regulations as laid down by the Service Providers and the Regulators.

        2. Comply with any governmental request including enforcement or in response to a court order.

        3. Detect, prevent, or otherwise address fraud, technical or security issues.

        4. Enforce applicable Terms of Use, including investigation of potential violations thereof, or;

        5. Protect ourselves against third-party claims.

      2. By accessing Our Website or App and registration, You agree and authorize us to:

        1. Share your Information

          • We may engage third-party service providers for certain services We provide, We may also disclose Your information to any competent authority when We are legally bound to do so, so as to comply with all applicable laws, rules, regulations.

          • We may engage with third-parties to provide You a service requested through a partnership or promotional offering made by a third party to Us;

          • If You share any content in our public forum, You agree that such information shall be viewed by all our users.

          • With third parties with whom you choose to let Us share information, for example, other apps or websites that integrate with our API or Services, or those with an API or Service with which We integrate and;

          • With any law enforcement agencies in case of any issues.

          • With SignDesk subsidiaries and affiliated entities that provide services or conduct data processing on Our behalf, or for data centralization and/or logistics purposes on a need to know baisis;

          • With vendors, consultants, marketing partners, and other service providers who require access to such information to carry out work on Our behalf;

          • With law enforcement officials, government authorities, or other third parties if We believe Your actions are inconsistent with our User agreements, Terms of Service, or policies, or to protect the rights, property, or safety of SignDesk.ae or others;

          • In connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company;

          • If We otherwise notify you and you consent to the sharing; and

          • In an aggregated and/or anonymized form which cannot reasonably be used to identify You.

  6. How do we store your Data?

    • DNL uses the highest standards of industry practice and encryption and uses Industry-grade SHA-256 algorithm, hashing algorithms, and instance isolation. DNL is an ISO 27001:2013 and 9001:2015 certified organization; the information We collect is strictly confidential and is always used only for the purposes mentioned herein and in accordance with any other Agreement You have with us.

  7. Information Security

    • We will take reasonable administrative, technical, physical, and organizational measures to prevent the loss, misuse or theft, destruction, alteration, disclosure, or any unauthorized access. All personal information shall be stored in Our secure database. We always strive to implement the best available industry practices. However, despite our stern measures focused on securing Your information, no electronic transmission over the internet or information storage technology can be guaranteed to provide 100% security to any User, thereby We cannot guarantee that hackers, cybercriminals or any unauthorized third parties will not be able to bypass and steal any such information. You hereby provide Your consent and agree that you would access our Services within a secure environment and in no event shall We be held liable. You are responsible for all such Personal Information You choose to submit in these cases.

    • You are solely responsible for maintaining the confidentiality of Your account and passwords, restricting access to Your computer, using updated software, antiviruses, and you agree to accept responsibility for all activities that occur under Your account credentials.

  8. Analytics and advertising services

    • We may engage certain service providers or platforms including “Google Analytics” to provide audience measurement and analytics for Us with a view to advertising on Our behalf. This helps us to better track and report on the performance of these advertisements.

  9. Cookies and other technologies

    • We use Local Storage and Session Storage to identify Your device when You visit or use Our Website or App, as well as when you visit other online sites and services. These are deployed to collect non-identifiable information and help Us enhance and improve Our services.

    • You may control the effect of cookies through Your browser settings; however, certain features may not work efficiently if cookies are disabled. We use web beacons or other technologies in addition to our cookies to enhance Our Website and App. An unidentifiable notice of a visitor’s visit to a page on Signdesk.ae site is generated and recorded, which may be processed by Us or by our suppliers.

    • You may choose to disable some of these features through Your web browser’s or mobile device’s settings, but web beacons and other technologies will still be able to detect visits to pages. The notices they generate are disregarded and cannot be associated with other non-identifiable cookie information.

  10. Account Information

    • You may correct Your account information at any time by logging into Your online or in-app account. If you wish to cancel Your association with SignDesk and seek the deletion of Your personal information please email us at privacy@signdesk.com. This shall be subject to certain exceptions and provisions provided by law. We shall also retain Your account during instances of defaulted payments or fraud from Your end and You would be expected to resolve these issues before requesting deletion.

  11. Data Retention

    • SignDesk will hold and process data only as long as it is necessary and as per the instructions of the customer or as required by law or regulatory obligations.

  12. Data Processor

    • SignDesk will receive certain personal information necessary for the provision of services as per the mandate of the user. SignDesk is the processor of such information whereas the Clients are the controllers of the data.

  13. Data Controller

    • We are the controllers of the information We collect through our website/application directly, and such data is processed fairly and reasonably, respecting the privacy of the data principal. In cases where You are approaching us through a third party (Our Clients), in those cases, Our clients are the Data Controller and any rights regarding Your data would be as per their privacy policy.

  14. Your Data Protection rights

    • Users have the right to access, rectify, delete, seek transfer of data, and restrict continuing disclosure of their data if it is no longer necessary or consent is withdrawn.

    • We always value our users and adopt stern measures to protect the rights of our users, We ensure We take into account all the required physical, technical and jurisdictional regulations.

    • We will value every request We receive regarding access, correction, and deletion of data in accordance with law and subject to exceptions thereunder.

  15. Your Rights under this Privacy Policy

    • The rights provided under this privacy policy are in accordance with the GDPR and the DIFC Data Protection Laws

      1. Right of access

        • You have a right to request access to the personal data that We hold about you. You also have the right to request a copy of the information We hold about you, and We will provide you with this unless legal exceptions apply. If you want to access Your information, please send a description of the information you want to see and proof of Your identity by post to the address provided below.

          Please refer / use Data Access Request Form for Data Access Request.

      2. Right to have Your inaccurate personal information corrected

        • You have the right to have inaccurate or incomplete information We hold about you to be corrected. The accuracy of Your information is important to us so we’re working on ways to make it easier for you to review and correct the information that We hold about you. In the meantime, if You change Your email address, or if you believe any of the other information We hold is inaccurate or out of date, please contact us via email or post.

          Please refer / use Data Rectification Form for Data Rectification.

      3. Right to restrict use

        • You have a right to ask us to restrict the processing of some or all of Your personal information if there is a disagreement about its accuracy or We are not lawfully allowed to use it.

          Please refer / use Data Rectification Form for Data Rectification.

      4. Right of erasure

        • You may ask Us to delete some or all of Your personal information and in certain cases, and subject to certain exceptions; We will do so as far as We are required to. In many cases, We will anonymise that information, rather than delete it.

          Please refer / use Data Rectification Form for Data Rectification.

      5. Right for Your personal information to be portable

        • If we are processing Your personal information (1) based on Your consent, or in order to enter into or carry out a contract with You, and (2) the processing is being done by automated means, You may ask us to provide it to You or another service provider in a machine-readable format.

          Please refer / use Data Rectification Form for Data Rectification.

      6. Right to object

        • You have the right to object to processing where We are using Your personal information (1) based on legitimate interests, (2) for direct marketing or (3) for statistical/research purposes.

        • If You want to exercise any of the above rights, please email Us at privacy@signdesk.com or write to Us at Desk D08, 15th Floor, Al Sarab Tower, Abu Dhabi Global Market, Al Maryah Island, Abu Dhabi, United Arab Emirates. We may be required to ask for further information and/or evidence of identity. We will endeavor to respond fully to all requests within one month of receipt of Your request, however, if We are unable to do so We will contact you with reasons for the delay.

        • Please note that exceptions apply to a number of these rights, and not all rights will be applicable in all circumstances.

          Please refer / use Data Processing Objection Request Form ffor Data Objection.

      7. Right to Lodge Complaint with Supervisory Authority

        • Subject to applicable law, you also have the right to

          1. restrict Our use of functions that constitutes Your Personal Data and

          2. lodge a complaint with Your local data protection authority.

      8. Right to Object Automated decision-making

        • We will use Your personal data for the purposes of automated decision-making in relation to recording the live video stream of the entire verification process, taking frames from that video at each verification step, storing Your residence address, name, date of birth, identity details etc.

        • This automated decision-making will involve checking the info provided by you and matching that with the identity document information provided by You to the merchant (our client).

        • The significance and possible consequences of this automated decision-making are to verify Your identity and authenticity of Your documents, based on which Your chosen process will proceed further.

        • You have the right to object to Automated Decision-making and can contact Us to raise an objection.

  16. Promotional Communications

    • You can opt out of email marketing by following the instructions in those messages. However, despite opting out from promotional mailers, we may still send You transactional communications related to Your account or about services You have requested for or any ongoing communication related to business.

  17. Updates to this Privacy Policy

    • We reserve the right to update this Privacy Policy from time to time, with or without advance notice, and the updated version shall bear the date on which it is updated and shall be effective immediately. We urge our Users to frequently review this Privacy Policy, and by Your continued use of our Website and App, Your consent to the terms of the updated Policy is implied.

    • In case of concerns regarding any updates to our policies, you can contact us at the details provided in Section 19-Grievance Officer.

  18. Compliance

    • While We may retain any correspondence sent by You, We do not intend to collect or save any information from minors/children below 18 years of age. The website is not intended for users who are not competent to contract under the provisions of the UAE Civil Code. We reserve the right to remove, edit, delete, refuse service, terminate accounts or cancel plans or orders at our sole discretion. We collect and process Your personal information in accordance with the Electronic Transactions and Trust Services and other rules broadly governed by the UAE Civil Laws.

  19. Grievance Office

    • If you have any issues or grievances in relation to the processing of Your personal information under this Policy or any terms of use of Signdesk.ae, please contact the following Email: privacy@signdesk.com

    • The Grievance Officer shall address the grievances within a period of one month from the date of receipt of the grievance.