Privacy Policy

Effective Date: 1st Nov 2025

Last Updated: 14th Dec 2025

1. Privacy Policy Statement

Welcome to Fenixperience (“Company”, “we“, “our“, or “us“). We operate a global online platform that enables professional networking, event participation, digital engagement, and related audience-interaction services (the “Platform“).

By accessing, registering, or using the Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy, and you hereby provide your freely-given, explicit, and informed consent to the collection, use, storage, and processing of your Personal Data as described herein.

If you do not agree with this Privacy Policy, you must not access or use the Platform.

1.1. Sensitive Personal Data

We do not collect Sensitive Personal Data unless:

1.You provide explicit consent, and

2.Collection and processing are strictly necessary for purposes including, but not limited to:

Identity verification
Age or eligibility validation
Regulatory or legal compliance
Safety and fraud-prevention requirements
Accessibility support

Sensitive Personal Data will only be collected and processed:

Where permitted or required by UAE PDPL data-protection regulations
For legitimate, lawful business purposes
Using industry-standard technical, organizational, and security safeguards

By continuing to use the Platform, you hereby provide your explicit consent for the limited processing of only the minimum necessary Sensitive Personal Data required for legitimate operational purposes.

We do not sell Sensitive Personal Data and we do not process such data for profiling or marketing without explicit user consent.

1.2. Disclaimer & Liability Protection

While we implement commercially-reasonable security, compliance, and data-governance practices, no digital platform can guarantee absolute security. Users acknowledge and accept:

Data transmission over the internet carries inherent risk
The Platform is provided on an “as-is” and “as-available” basis
The Company will not be liable for any indirect, incidental, or consequential damages arising from unauthorized access or security incidents beyond our reasonable control

You are responsible for maintaining the confidentiality and security of your account credentials.

2. Personal Data We Collect

We may collect, use, and process certain categories of Personal Data that are necessary to operate the Platform, deliver our services, maintain platform security, verify user authenticity, prevent fraudulent activity, and improve user experience. The categories of Personal Data we may collect include, without limitation:

2.1. Identity Information

Full name
Date of birth
Nationality (only where legally required for eligibility, KYC, compliance, or access restrictions)

2.2. Contact Information

Email address
Mobile number

Verification of contact information may be required to maintain account security and prevent fraudulent activity.

2.3. Professional Profile Information

Career and employment information
Skills and areas of expertise
Work identity and professional representation
Public professional links (e.g., LinkedIn profile, portfolio sites)

2.4. Demographic & Interest Information

Country/region or general location
Language preferences
Gender (optional and only with consent)
Age group (not exact date except where legal verification applies)

2.5. Platform Interaction & Event Data

Event registrations, attendance, and participation history
Ticket purchases, bookings, and related transaction records
Communications and interactions within the platform

2.6. Technical & Log Data

Internet Protocol (IP) address
Browser type, device identifiers, and operating system
Login timestamps and security logs
Usage and session information

2.7. Analytics & Performance Data

We may collect data to support platform performance, enhance user experience, detect abuse, and support tailored marketing campaigns, including but not limited to:

Page views and navigation patterns
Time spent, load times, click paths
Conversion metrics (e.g., event sign-ups, ticket purchases)

Such analytics may be collected using third-party technologies such as Google Analytics and other trusted service providers, as permitted by law.

2.8. Sensitive Personal Data (Collected Only Where Permitted)

We will only collect and process Sensitive Personal Data when:

Required by applicable law or regulatory frameworks
Strictly necessary for identity verification, security, or lawful eligibility checks
You provide explicit, written, and informed consent

Sensitive data may include — where legally permitted and only where required:

Passport or National ID information
Government-issued documents
Biometric information (e.g., facial data for identity validation only)
Nationality / residency status (when legally relevant)
Health or accessibility information (voluntarily provided and only for support services)
Information related to minors (only with verified parental/guardian consent)

We do not process sensitive personal data for marketing, profiling, or commercial sale. We apply strict storage, access control, encryption, and compliance safeguards to protect Sensitive Personal Data.

2.9. Consent for Data Collection

By accessing, registering, or continuing to use the Platform, you:

Confirm that the information you provide is accurate and lawful to share
Provide explicit consent for the collection and processing of your Personal Data as outlined in this Policy
Provide explicit consent for limited Sensitive Data processing only where necessary and lawful

If you do not wish to provide the Personal Data required to operate this Platform, certain features or services may not be available to you.

3. Purpose of Data Collection and Processing

We collect and process Personal Data strictly for legitimate, lawful, and clearly defined business purposes, including but not limited to:

3.1. Account Registration and User Verification

Creating and managing user accounts
Verifying identity and contact details
Authenticating platform access and enhancing security

3.2. Platform Access and Service Delivery

Enabling participation in events, programs, and digital services offered on the Platform

Managing event bookings, ticketing, and user engagements
Providing support and resolving technical issues

3.3. Networking, Matchmaking & User Engagement

Enabling professional discovery, networking, and community interactions
Facilitating platform-based connections and communication features

3.4. Legal, Compliance & Fraud Prevention

Verifying identities where required by law
Ensuring platform integrity, preventing fraudulent accounts, abuse, and unauthorized access
Complying with applicable legal, regulatory, and audit obligations

3.5. Analytics, Service Optimization & Platform Development

Improving service functionality, user experience, and performance
Conducting platform usage analytics and measurement
Detecting anomalies and enhancing product security

3.6. Marketing & Communication Activities

Sending relevant updates, event notifications, promotions, and platform announcements

Marketing activities conducted only where legally permitted and only with user consent where required by law

3.7 Important Notice

We do not collect or process Personal Data for purposes:

unrelated to legitimate business operations,
prohibited by law, or without a valid legal basis.

4. Data Sharing & Third-Party Disclosures

We do not sell or trade Personal Data to third parties, including advertisers or data brokers. Personal Data is only shared in accordance with:

A lawful purpose
A valid legal basis (e.g., consent, contract, legal obligation, legitimate interest)
Applicable data-protection laws
Security and confidentiality safeguards
Demonstrated need to access for service delivery

We maintain full transparency regarding the categories of Personal Data shared, the purpose of sharing, and the categories of recipients.

You have the right to request details regarding:

What Personal Data has been shared
With whom it has been shared
The purpose of sharing
Whether data has been transferred across borders
Retention periods and security measures applied

You also have the right to object to or restrict certain data sharing, unless such sharing is necessary for contractual or legal compliance purposes.

4.1. Categories of Third Parties We May Share Data With

We may share Personal Data with trusted third-party service providers solely to operate the Platform, provide services, ensure security, support functionality, and comply with legal obligations. These may include:

Cloud hosting and IT service providers

g., GoDaddy, AWS, Google Cloud, Microsoft Azure)

Email and communication service providers
Marketing and communication platforms
Identity verification and KYC services
Secure payment processors and financial institutions

g., Stripe, Network International)

Analytics and performance-monitoring providers

g., Google Analytics)

Event management and ticketing partners
Networking and matching facilitation tools
Content distribution and opportunity-sharing services

All third-party providers are required to:

Process data only on our instructions
Maintain confidentiality and security
Comply with relevant data-protection laws
Not use the data for independent marketing, resale, or profiling

4.2. Consent for Third-Party Sharing

By accessing and using the Platform, you provide your explicit consent to the transfer and processing of your Personal Data by third-party service providers for the legitimate purposes listed above.

Users may request withdrawal of consent; however, withdrawal may result in limited or suspended access to certain features.

4.3. Contact for Data Sharing Requests

If you wish to request information, revoke consent (where legally permitted), or exercise your data-protection rights related to sharing, you may contact: dpo.office@fenixperience.com

5. International Data Transfers

Fenixperience operates globally. Accordingly, your Personal Data may be stored, processed, or transferred to jurisdictions other than your country of residence, including to servers and service providers located in the United States, United Kingdom, European Union, United Arab Emirates, Kingdom of Saudi Arabia, and other global regions.

We perform such transfers only in accordance with applicable privacy and data-protection laws and apply appropriate contractual, technical, and organizational safeguards to protect your Personal Data against unauthorized access, loss, misuse, or alteration.

5.1. Legal Basis for Cross-Border Transfers

For users located in the EU/EEA, United Kingdom, United Arab Emirates, Saudi Arabia, California (USA), Australia, and other regulated jurisdictions, your Personal Data will only be transferred internationally when one or more of the following conditions apply:

The receiving jurisdiction provides an adequate level of data protection as recognized by applicable laws
Standard Contractual Clauses (SCCs) or equivalent government-approved transfer mechanisms are in place
The transfer is necessary for the performance of a contract, the provision of services, or platform functionality
The transfer is required to comply with legal, regulatory, or government obligations
The transfer is necessary to protect vital interests such as fraud-prevention and security
Explicit consent has been obtained where required by law

5.2. Our Safeguards

To ensure continued protection of Personal Data during transfer, we implement:

Encryption and secure transmission protocols
Access controls and security policies aligned with international standards
Vendor due-diligence and continuous compliance monitoring
Restriction on third parties from using data for independent purposes

All third-party recipients are contractually obligated to:

Protect your Personal Data
Use your information only for the purposes for which it was provided
Comply with applicable data-protection and confidentiality obligations

5.3. User Rights Regarding International Transfers

You may request information about:

The countries to which your data has been transferred
The legal mechanism used to authorize such transfers
Details of safeguards and protections applied

Additionally, where applicable law permits, you may object to certain cross-border transfers; however, this may limit your ability to use some features of the Platform.

5.4. Contact for Transfer Queries

To exercise your rights or request further information regarding international data transfers, please contact us at: privacy.office@fenixperience.com

6. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to operate and enhance the Platform. Cookies help us:

Enable core platform features and secure access
Improve performance and reliability
Understand user behavior and platform usage patterns
Personalize content and user experience
Measure engagement and support marketing (where permitted)

Cookies may include functional, security, preference, performance, and analytics cookies. We do not use cookies to collect sensitive information without consent, nor do we sell cookie-derived data.

6.1. Types of Cookies We Use

Category	Purpose	Consent Required
Strictly Necessary / Functional Cookies	Required for core platform functionality, authentication, security, and navigation	Not required
Preferences & Experience Cookies	Store user settings and preferences	Yes (where required by law)
Performance & Analytics Cookies	Analyze platform usage, measure trafPic, detect abuse, and improve features (e.g., Google Analytics)	Yes
Marketing & Advertising Cookies (if introduced later)	Deliver relevant content and measure campaigns	Yes (opt-in only)

We do not deploy marketing cookies without clear consent.

6.2. User Consent & Controls

When you first visit our Platform, you will be presented with a cookie consent banner that allows you to:

Accept all cookies
Reject non-essential cookies
Manage cookie preferences
Withdraw consent at any time

You may also adjust tracking preferences through your browser settings.

Users may opt-out of analytics and tracking at any time without affecting their access to essential platform functions.

6.3. Legal Basis

We apply the appropriate legal basis depending on jurisdiction:

Explicit consent for non-essential cookies (PDPL UAE )
Legitimate interest for essential cookies required for platform operation and security

6.4. Third-Party Cookies

We may allow approved analytics partners to place cookies (e.g., Google Analytics) solely for performance measurement and platform improvement. These providers must comply with applicable privacy laws and security requirements.

6.5. Withdrawal of Consent

You may withdraw cookie consent or update your preferences at any time:

Via cookie settings panel
Using browser cookie controls
By emailing privacy.office@fenixperience.com

7. Data Retention & Deletion Policy

“Data retention” refers to the period for which we store Personal Data before securely deleting or anonymizing it. We retain Personal Data only for as long as reasonably necessary to:

Provide and maintain the Platform and related services
Fulfill contractual and operational requirements
Comply with applicable legal, regulatory, or audit obligations
Resolve disputes and enforce our rights
Prevent fraud, abuse, and platform misuse
Maintain business records in accordance with lawful retention standards

When Personal Data is no longer required for the purposes listed above, we will delete, pseudonymize, or irreversibly anonymize it in a secure manner.

7.1. Standard Retention Periods

The UAE PDPL requires that personal data be kept only for as long as necessary for the purpose it was collected, and securely deleted or anonymized when no longer needed. It also mandates that organizations maintain documented retention schedules for audit and compliance.

7.2. Standard Data Retention Periods – As per UAE PDPL

Data Category	Retention Period	Legal / Regulatory Basis (PDPL Reference)
Account & ProIile Data	Ac t i v e du r a t ion of account + up to 12 months after account closure or deletion request	PDPL Art. 5 & 10: Data minimization & storage limitation. Retention permitted only until purposes are fulfilled or legally required.
Event & Platform Activity Logs	2 – 3 years	PDPL Art. 5(6) – Security, fraud detection, and system monitoring purposes. Logs retained for traceability and lawful investigation support.
Marketing & Communication Preferences	Until user withdraws consent or unsubscribes	PDPL Art. 6(1) – Consent-based processing; retention valid only while consent remains active.
Payment & Financial Records	5 – 7 years, depending on UAE Federal Tax Authority and Commercial Law requirements	PDPL Art. 10 – Compliance with other UAE laws. Federal Law No. 2 of 2015 (Commercial Companies Law) & Federal Decree-Law No. 47 of 2022 (Corporate Tax) require financial recordkeeping.
Legal, Regulatory & Dispute Records	As required by statutory limitation periods (typically 5 – 10 years)	PDPL Art. 5(7) – Data may be retained for establishment, exercise, or defense of legal claims or compliance with judicial orders.
Backup System Records	Retained per secure backup cycle (typically 3– 12 months), then permanently deleted or overwritten	PDPL Art. 5(5) – Business continuity & security exception; backups must follow strict access controls and deletion schedules.

7.2. User Requests and Deletion Rights

Users may request deletion of their Personal Data at any time. However, we may retain certain information where required to:

Comply with legal duties or regulatory requirements
Defend or establish legal claims
Detect, prevent, or investigate fraud, abuse, or security risks
Maintain accurate financial and business records

Deletion cannot be guaranteed for data stored in encrypted system backups until the backup is overwritten as part of the standard lifecycle.

7.3. Data Disposal & Security

When data becomes no longer necessary, we ensure secure disposal through:

Cryptographic erasure
Secure archival and restricted access (where retention is legally required)
Permanent anonymization
Overwriting or secure destruction of backup data during lifecycle expiry

8. Your Data Protection Rights

You may have certain rights regarding your Personal Data. We will honor all legally applicable rights, including:

8.1. Right of Access

You may request confirmation of whether we process your Personal Data and obtain a copy of such data.

8.2. Right to Rectification

You may request correction of inaccurate, incomplete, or outdated Personal Data.

8.3. Right to Erasure (‘Right to be Forgotten’)

You may request deletion of your Personal Data when:

It is no longer required for its original purpose
You withdraw consent (where consent was the basis)
Processing was unlawful
Erasure is required by law

8.4. Right to Restrict or Object to Processing

You may request that we restrict or stop processing your Personal Data under certain circumstances, including objection to processing based on legitimate interest or direct marketing.

8.5. Right to Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

8.6. Right to Data Portability

You may request a copy of your Personal Data in a structured, commonly used, machine readable format and request transfer to another controller where feasible and legally applicable.

8.7. Right to Object to Direct Marketing

You may object to marketing communications at any time, and we will honor such requests promptly.

8.8. Rights Regarding Automated Decisions & Profiling

Where applicable, you may request human review of automated decisions that have legal or significant effects.

8.9. Right to Lodge a Complaint

You may lodge a complaint with the relevant data-protection authority if you believe your rights have been violated. We encourage contacting us Pirst to resolve concerns amicably.

8.10. How to Exercise Your Rights

Fenixperience has appointed a Data Protection Officer (DPO) responsible for overseeing compliance with applicable data-protection laws.

Please contact email: dpo.office@fenixperience.com

For all privacy and data-subject inquiries, please contact email: privacy.office@fenixperience.com

We may request verification of your identity to protect user data security. We will respond within the timeframes required by applicable law i.e. (30 Days in UAE PDPL)

8.11. Important Notes

We may retain certain necessary data where legally required or for legitimate business interests such as fraud prevention, dispute resolution, or regulatory
Exercising certain rights (such as deletion or restriction) may limit your ability to use some features of the Platform.

9. Minors Data

We do not knowingly collect, use, or process Personal Data from individuals under the age of 18 unless:

Verified parental or legal guardian consent is obtained, and
Collection is legally permitted and necessary for the intended service

If we become aware that Personal Data has been collected from a minor without appropriate consent:

We will promptly delete or anonymize such data, and
We may suspend or terminate access to the Platform, where appropriate Parents or legal guardians may:
Request access to their child’s data
Request deletion of their child’s data
Withdraw consent at any time
Requests can be submitted at: privacy.office@fenixperience.com

Our Platform is not intended for children without supervision or lawful consent, and we do not knowingly engage in any marketing, profiling, or targeted communications toward minors.

10. Security Measures

We implement appropriate technical and organizational safeguards designed to protect Personal Data against unauthorized access, loss, alteration, or misuse. Our security measures include, but are not limited to:

10.1. Encryption

Personal Data is encrypted in transit and at rest using industry-standard encryption
Sensitive and authentication-related data is protected with strengthened cryptographic controls.

10.2. Access Controls & Authentication

Access to systems containing Personal Data is restricted to authorized personnel only, based on role-based access principles and the principle of least privilege.

Multi-Factor Authentication (MFA) is enforced for administrative and privileged
All staff, contractors, and authorized processors are required to adhere to confidentiality and data-protection obligations.
Monitoring, Logs & Audits We monitor systems and maintain activity logs to detect suspicious activity, abuse, and unauthorized access attempts.
We conduct periodic audits, vulnerability assessments, and security reviews to ensure ongoing compliance and effectiveness of controls.
Security controls are reviewed and updated regularly in line with evolving risks and industry best practices.
Incident & Breach Handling In the event of a security incident affecting Personal Data, we will take immediate steps to investigate, contain, and mitigate the issue.
Where required by law, affected individuals and regulators will be notified within applicable timeframes.

10.5. Third-Party Security

Third-party providers with access to Personal Data are required to implement equivalent security controls and comply with confidentiality and data-protection

While we implement commercially reasonable safeguards, no digital system can guarantee absolute security. Users are responsible for maintaining the security of their login credentials and devices.

11. Consent Withdrawal

Where we rely on your consent to process Personal Data, you have the right to withdraw your consent at any time. Withdrawal will not affect the lawfulness of processing carried out prior to your withdrawal.

Upon withdrawal of consent:

We will cease processing the data for the purpose for which consent was originally provided
We may continue to retain and process Personal Data where required to comply with legal, regulatory, contractual, or legitimate business obligations
Certain features, services, or access to the Platform may be limited or unavailable if the withdrawal of consent prevents us from providing those services

You may withdraw your consent by:

Adjusting your account and privacy settings (where available)
Updating cookie and tracking preferences
Unsubscribing from marketing communications
Contacting us directly at privacy.office@fenixperience.com

We may request verification of identity before processing consent-withdrawal requests to protect user information.

Note: Withdrawal of consent does not affect our right to continue processing Personal Data where another lawful basis applies (e.g., legal compliance, fraud prevention, contractual obligations, or platform security).

12. Updates to This Privacy Policy

We may update, amend, or modify this Privacy Policy from time to time to rePlect changes in our business practices, legal or regulatory requirements, or enhancements to the Platform and our services.

When we update this Policy, we will:

Post the updated version on our website and/or Platform
Indicate the date of the most recent revision
Where required by law, notify users of material changes (e.g., via email, platform notice, or consent prompt)
Obtain renewed consent where the changes affect how we collect, use, or process Personal Data, and such consent is legally required

Please review this Privacy Policy periodically to ensure you understand how your Personal Data is processed. Continued use of the Platform after the updated Policy becomes effective constitutes acceptance of the revised terms, unless otherwise required by applicable law.

If you do not agree with the updated Policy, you may discontinue use of the Platform and request account deletion or exercise your data rights.

For questions or concerns regarding Policy changes, you may contact us at: privacy.office@fenixperience.com

13. Contact & Data Protection Queries

If you have questions, concerns, or requests regarding this Privacy Policy or how we process your Personal Data, you may contact us using the details below:

Company Name: Fenixperience Ventures – FZCO

Address: Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates

Email: privacy.office@fenixperience.com

For data-subject rights requests (access, deletion, correction, withdrawal of consent, etc.), please submit your request to dpo.office@fenixperience.com and allow us the legally permitted timeframe to respond. We may request additional information to verify your identity for privacy and security purposes.

14. At-a-Glance Summary

Purpose	Data Collected	Legal Basis	Retention
Account registration	Name, email, password	Contractual necessity	Until account deletion
Analytics	Usage data, device info	Consent	Up to 24 months
Marketing	Email, preferences	Consent	Until withdrawn
Security & Fraud prevention	IP address, login logs	Legitimate interest	As required by law