Privacy Policy

1. Introduction

Signzy Technologies & Services Ltd., incorporated in DIFC and its parent company incorporated in India viz. Signzy Technologies Pvt. Ltd. (collectively referred to as "Signzy", "we," "our," or "us") is a UAE-based technology solutions provider offering digital identity and verification services through APIs and a no-code platform. Our services enable businesses in the UAE to conduct robust Know Your Customer (KYC), identity, business, age, and bank account verifications (the "Services"). Our Customers integrate these APIs into their digital platforms to verify information of their end-users ("you," "Users," or "End-users").This Privacy Policy outlines how we collect, use and safeguard your personal data in accordance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data ("UAE PDPL").

2. Summary & Scope

We process Personal Data (as defined below) provided either directly by you or indirectly through our Customers. Our role is typically that of a data processor, acting on the instructions of our Customers who are the data controllers. This policy applies to data collected via our website, APIs, mobile applications, and associated platforms, strictly within the UAE.

3. Data Protection Role

In most cases, we act as a data processor under UAE PDPL, processing Personal Data on behalf of and as instructed by our Customers. We do not determine the purposes or means of processing such data unless we directly interact with you as a user of our services.

4. Information We Collect

We may process the following categories of Personal Data:
  • Personal and Contact Data: Name, address, email, phone number, etc.
  • Government-Issued ID Data: Passports, Emirates IDs, etc.
  • Biometric Data: Facial images, biometric templates, and liveness checks.
  • Document Data: Scanned documents processed via OCR.
  • Screening & Risk Data: PEP checks, AML-related flags.
  • Technical Data: IP address, browser type, device data.
  • Transaction Data: Verification logs, digital signatures.
  • Location Data: Device location where applicable.
  • Usage Activity: Interaction data from our platforms.
  • Risk Scores: Indicators related to fraud prevention.
We may also receive supplementary information from trusted third-party sources for fraud detection and verification purposes.

5. Purpose of Data Processing

We process Personal Data to:
  • Provide identity, age, and document verification services.
  • Ensure compliance with applicable UAE AML/CFT regulations.
  • Support Customer due diligence and fraud prevention.
  • Enhance platform security and user experience.
  • Respond to legal obligations or enforce our rights.

6. Public Registry Data

Where permitted by UAE law, we may access and transfer publicly available data (e.g., from government registries) to our Customers. This is done with the objective of supporting anti-fraud efforts and complying with legal requirements. We do not store such data unless strictly necessary.

7. Legal Basis for Processing

We rely on the following bases under UAE PDPL:
  • Consent: Where you or the Customer have provided informed consent.
  • Contractual necessity: To fulfil obligations under agreements with Customers.
  • Legal obligation: Compliance with UAE regulatory requirements.
  • Legitimate interest: For fraud prevention and service improvement, where permissible.

8. Data Sharing and Transfers

We may share your information:
  • With Customers: For purposes of identity verification and compliance.
  • With Service Providers: Under strict agreements, to support service delivery.
  • For Legal Requirements: With UAE regulators, courts, or law enforcement.
  • In Business Transactions: E.g., mergers, subject to confidentiality safeguards.
Data is processed and stored within the UAE. If cross-border transfers are necessary, we ensure compliance with applicable UAE data transfer regulations.

9. Data Retention

We retain your Personal Data only as long as required by applicable UAE laws or for the fulfillment of processing purposes. Afterward, data is securely deleted or anonymized.

10. Data Security

We use industry-standard security measures including:
  • End-to-end encryption (in transit and at rest)
  • Strict access control and authentication
  • Regular audits and incident response procedures

11. Your Rights

Under UAE PDPL, you have the right to:
  • Access your personal data
  • Correct inaccurate data
  • Request erasure (where applicable)
  • Object to processing
  • Withdraw consent
To exercise your rights, please contact us using the information in Section 14.

12. Children's Privacy

Our services are not intended for users under the age of 18. If we learn that we have collected data from a minor, we will delete it promptly.

13. Policy Updates

We may revise this Privacy Policy from time to time. Any material changes will be communicated via our website or other appropriate means. Continued use of our Services signifies your acceptance of any changes.

14. Contact Information

For questions or requests related to this Privacy Policy or your Personal Data, please contact:Data Protection Officer (UAE)Email: Dhwaneet@Signzy.comPhone: +91 8446435434Address: Gate Avenue, Zone D - Level 1 Al Mustaqbal St - Dubai - United Arab Emirates