Data protection policy
YATRA22 – FZCO value your security and privacy and is committed to protecting it. We maintain the information and materials you provide to us voluntarily by using www.i.masterskaya22.com/dubai_eng (the “Website”) or “we”), you agree to be bound by our conditions set out below, and hence we ask you to take the time to read this data protection Policy (the “Policy”) carefully. This Policy includes the type of information we collect, process, use, share and store such information, and also explains your rights and choices regarding the information you provide voluntarily to us when you use our Website. Our Website offers paid lifestyle coaching services, including but not limited to courses on general development, thematic seminars, training, courses, master classes, individual consultations, and instructional sessions (the “Services”).
We aim to ensure that all Personal Data collected about users are stored and processed in accordance with the Federal Decree-law no. 45/2021 on the protection of Personal Data. This Policy applies to all Personal Data, regardless of whether it is in paper or in electronic format.
1. DEFINITIONSANDINTERPRETATIONS
"Client" means an identified or identifiable individual who wants or is using our Services through our
Website.
"Data Protection Law" means the Federal Decree-law no. 45/2021 on the protection of Personal Data.
"Personal Data" means as by the applicable Data Protection Law and shall include, without limitation, any information relating to an identified natural person, or one who can be identified directly or indirectly by way of linking data, using identifiers such as name, voice, picture, identification number, online identifier, geographic location, or one or more special features that express the physical, psychological, economic, cultural or social identity of such person. It also includes sensitive personal data and biometric data.
"Process" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, return or destruction, and "Processed", or "Processing" shall be construed accordingly.
"Processor" means a natural person who processes Personal Data on behalf of the Website.
“Services” means the acts, matters and things which we shall do/undertake in relation to the processing
of Personal Data.
“State” means Dubai, United Arab Emirates.
2. ROLESANDRESPONSIBILITIES
2.1 This section defines the roles and responsibilities that apply to all users, visitors, parents, guardians, and external organisations or individuals working on our behalf. If there is any non-compliance with this Policy, it will lead to a disciplinary action.
2.2 With regards to Personal Data, the Client is responsible for providing all information as requested by the Website, such information must be true and accurate in all material respects, and the Client is aware that such information is disclosed with consent and on a voluntary basis.
2.3 We shall not be responsible for any bugs or viruses on our website, or any software that might be transferred to your computer from our website, or any consequences which the presence or operation of such programs may have.
We aim to ensure that all Personal Data collected about users are stored and processed in accordance with the Federal Decree-law no. 45/2021 on the protection of Personal Data. This Policy applies to all Personal Data, regardless of whether it is in paper or in electronic format.
1. DEFINITIONSANDINTERPRETATIONS
"Client" means an identified or identifiable individual who wants or is using our Services through our
Website.
"Data Protection Law" means the Federal Decree-law no. 45/2021 on the protection of Personal Data.
"Personal Data" means as by the applicable Data Protection Law and shall include, without limitation, any information relating to an identified natural person, or one who can be identified directly or indirectly by way of linking data, using identifiers such as name, voice, picture, identification number, online identifier, geographic location, or one or more special features that express the physical, psychological, economic, cultural or social identity of such person. It also includes sensitive personal data and biometric data.
"Process" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, return or destruction, and "Processed", or "Processing" shall be construed accordingly.
"Processor" means a natural person who processes Personal Data on behalf of the Website.
“Services” means the acts, matters and things which we shall do/undertake in relation to the processing
of Personal Data.
“State” means Dubai, United Arab Emirates.
2. ROLESANDRESPONSIBILITIES
2.1 This section defines the roles and responsibilities that apply to all users, visitors, parents, guardians, and external organisations or individuals working on our behalf. If there is any non-compliance with this Policy, it will lead to a disciplinary action.
2.2 With regards to Personal Data, the Client is responsible for providing all information as requested by the Website, such information must be true and accurate in all material respects, and the Client is aware that such information is disclosed with consent and on a voluntary basis.
2.3 We shall not be responsible for any bugs or viruses on our website, or any software that might be transferred to your computer from our website, or any consequences which the presence or operation of such programs may have.
3. COLLECTINGPERSONALDATA
We collect Personal Data which you choose to provide directly through our Website. We ensure to show complete fairness and transparency and will only process Personal Data when we have to do the following hereinunder:
4. LIMITATION, MINIMISATION AND ACCURACY
We will only collect Personal Data for specified explicit and legitimate reasons. If a situation arises where we would use Personal Data for reasons other than those which are mentioned, we will inform the individuals concerned before we do so and seek consent where necessary. Clients must only provide data that has been asked for. When we no longer need the Personal Data of the individuals, we ensure it is deleted.
5. SHARINGPERSONALDATA
Your Personal Data is important to us, and we ensure to keep it safe and secure. In normal circumstances, we do not share Personal Data with anyone unless under the following circumstances mentioned hereinunder:
b) The apprehension or prosecution of offenders.
c) In an event where there is a need for legal proceedings.
d) Where disclosure is required to satisfy our safeguarding obligations.
e) Research and statistical purposes, as long as personal data is sufficiently anonymized or consent has been provided We may also share personal data with emergency services and local authorities to help them to respond to an emergency situation that affects any of our individuals or staff.
6. DATAPROTECTIONOFFICER(DPO)
The data protection officer shall be responsible for ascertaining compliance with the provisions of the Data Protection Law, the Executive Regulations thereof, and the instructions issued by the Office. The data protection officer shall undertake the following duties and powers:
We collect Personal Data which you choose to provide directly through our Website. We ensure to show complete fairness and transparency and will only process Personal Data when we have to do the following hereinunder:
- The data needs to be processed to fulfil our contract to provide Services.
- The data needs to be processed in order for the us to adhere to legal obligations when in time.
- The data needs to be processed for the legitimate interests of us or a third party (provided the
- individual’s rights and freedoms are not overridden).
- Any information provided by the individual is given with written consent.
4. LIMITATION, MINIMISATION AND ACCURACY
We will only collect Personal Data for specified explicit and legitimate reasons. If a situation arises where we would use Personal Data for reasons other than those which are mentioned, we will inform the individuals concerned before we do so and seek consent where necessary. Clients must only provide data that has been asked for. When we no longer need the Personal Data of the individuals, we ensure it is deleted.
5. SHARINGPERSONALDATA
Your Personal Data is important to us, and we ensure to keep it safe and secure. In normal circumstances, we do not share Personal Data with anyone unless under the following circumstances mentioned hereinunder:
- Where there arises an issue with a user/individual or parent/guardian that puts the safety of our establishment at risk.
- When there is a need to liaise with other agencies, before doing this, we will seek consent as necessary.
- When our Processors need data to enable us to provide services to external parties, for example, IT companies. When doing this, we will only appoint suppliers or contractors who can provide sufficient guarantees that they comply with data protection law, and we establish a data-sharing agreement with the supplier or contractor, either in the contract or as a standalone agreement, to ensure the fair and lawful processing of any personal data we share to them, we only share data with the supplier or
- contractor that are required to carry out their service.
- We will also share personal data with law enforcement and government bodies where we are legally
- required to do so, including for:
b) The apprehension or prosecution of offenders.
c) In an event where there is a need for legal proceedings.
d) Where disclosure is required to satisfy our safeguarding obligations.
e) Research and statistical purposes, as long as personal data is sufficiently anonymized or consent has been provided We may also share personal data with emergency services and local authorities to help them to respond to an emergency situation that affects any of our individuals or staff.
6. DATAPROTECTIONOFFICER(DPO)
The data protection officer shall be responsible for ascertaining compliance with the provisions of the Data Protection Law, the Executive Regulations thereof, and the instructions issued by the Office. The data protection officer shall undertake the following duties and powers:
- The DPO shall verify the quality and validity of the procedures.
- The officer shall receive requests and complaints related to Personal Data.
- They provide technical advice related to the procedures of periodic evaluation and examination of
- Personal Data protection systems and intrusion prevention systems, documenting the results of such evaluation, and providing appropriate recommendations in this regard, including risk assessment procedures.
- Data Processor Agreement With regards to any other duties or powers specified under the Executive Regulations of Federal Decree- Law No. 45/2021. The Data Protection Officer shall maintain the confidentiality of the information and data received thereby in implementation of the duties and powers given thereto pursuant to the provisions of this Decree-Law.
7 DATA PROTECTION PRINCIPLES GENERAL
The Data Protection Law is based on data protection principles that we, as an establishment, comply with. This Policy hereinunder sets out how we aim to comply with these principles:
8. DATA PROTECTION RIGHTS OF THE INDIVIDUAL
Our aim is to empower individuals and give them control over the Personal Data that they provide through our Website, mentioned hereinunder are their rights:
9. ACCESS TO AND CORRECTION OF YOUR PERSONAL INFORMATION
9.1 We ensure that the Client has the right to access the information about them, for any reason at any time, in accordance with the applicable laws.
9.2 The Client has the right to ask us to rectify information that they think is inaccurate and have the right to ask to complete information that they perceive to be incomplete.
9.3 They can request to restrict the processing of, erase, or transfer of the information that is provided to us, all changes which are requested by the Client will generally be at no cost.
9.4 In an event that the Client contacts us about a potential Personal Data error or query, we will endeavor to confirm or verify the information in question, then correct verified inaccuracies and respond to the original inquiry. We will endeavor to send a correction notice to businesses or others whom we know to have received inaccurate data, where required and/or appropriate. However, some third parties and third-party sites may continue to process inaccurate data until their databases and display of data are refreshed in accordance with their update schedules or until they have been contacted by personally to ensure the correction is validated.
10. CONSENT
10.1 When registering on our Website and providing information to us, you consent to our collection, storing and processing of your information in accordance with this Policy. You are entitled to request a withdrawal of consent, and we will stop any consent-based processing of your Personal Information.
10.2 You are entitled to ask us not to process your personal information for marketing purposes.
10.3 With regard to Personal Information from minors, the Website is not intended for individuals under the age of eighteen (18) years of age. We do not intentionally collect personal information from children. Protecting the online privacy of children is important to us. If you are under (18) years of age, please do not provide us with your name, contact details or any other Personal Information about yourself.
The Data Protection Law is based on data protection principles that we, as an establishment, comply with. This Policy hereinunder sets out how we aim to comply with these principles:
- The Personal Data must be processed lawfully, fairly and in a transparent manner.
- The data that is being processed is for a specified, explicit, and legitimate purposes determined at the
- time of collection of Personal Data.
- The Personal Data is processed in accordance with the consent of the Client.
- Personal Data must be accurate and, where necessary, kept up to date, including via erasure or
- rectification, without undue delay.
- The information should be kept in a form that permits identification of the Client, for no longer than
- what is necessary for the purposes, including being protected and secure against unauthorized or unlawful Processing, and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
8. DATA PROTECTION RIGHTS OF THE INDIVIDUAL
Our aim is to empower individuals and give them control over the Personal Data that they provide through our Website, mentioned hereinunder are their rights:
- The Clients have the option to request to not to process their Personal Data for marketing purposes and to remove it from our database. They can also opt not to receive any future communications and not receive any of our Services.
- The Client has the right to withdraw their consent at any time.
- The Client can ask us to rectify, erase or restrict the Processing of their Personal Data.
- Request a copy of agreements under which their Personal Data is stored.
- The Client can object to decisions based solely on automated decision-making or profiling. (Decisions
- taken with no human involvement that might negatively affect the Client)
- Be notified of a data breach in certain circumstances.
- Clients should submit any request to exercise these rights to the DPO.
9. ACCESS TO AND CORRECTION OF YOUR PERSONAL INFORMATION
9.1 We ensure that the Client has the right to access the information about them, for any reason at any time, in accordance with the applicable laws.
9.2 The Client has the right to ask us to rectify information that they think is inaccurate and have the right to ask to complete information that they perceive to be incomplete.
9.3 They can request to restrict the processing of, erase, or transfer of the information that is provided to us, all changes which are requested by the Client will generally be at no cost.
9.4 In an event that the Client contacts us about a potential Personal Data error or query, we will endeavor to confirm or verify the information in question, then correct verified inaccuracies and respond to the original inquiry. We will endeavor to send a correction notice to businesses or others whom we know to have received inaccurate data, where required and/or appropriate. However, some third parties and third-party sites may continue to process inaccurate data until their databases and display of data are refreshed in accordance with their update schedules or until they have been contacted by personally to ensure the correction is validated.
10. CONSENT
10.1 When registering on our Website and providing information to us, you consent to our collection, storing and processing of your information in accordance with this Policy. You are entitled to request a withdrawal of consent, and we will stop any consent-based processing of your Personal Information.
10.2 You are entitled to ask us not to process your personal information for marketing purposes.
10.3 With regard to Personal Information from minors, the Website is not intended for individuals under the age of eighteen (18) years of age. We do not intentionally collect personal information from children. Protecting the online privacy of children is important to us. If you are under (18) years of age, please do not provide us with your name, contact details or any other Personal Information about yourself.
11.DATA SECURITY AND STORAGE OF RECORDS
We collect information directly from the Client, who provides it to us automatically through the use of our Website. We ensure to protect such personal data and keep it safe from unauthorized, unlawful access, alteration, processing, disclosure, accidental or unlawful loss, destruction, and damage. We have the following mentioned below:
12.COMPLIANCE WITH LAWS
12.1 This Policy and your use of this Website shall be governed by and construed in accordance with the laws of Dubai, U.A.E, and will be in compliance with any obligations of the UAE Data Protection Laws, which is in relation to the processing of the Personal Data.
12.2 The Client shall immediately inform if, in its opinion, the performance of the Services and regulation infringes, or might reasonably be considered to infringe, the Data Protection Laws.
13.DATA SECURITY STANDARDS
13.1We ensure that there are appropriate Security Safeguards in terms of confidentiality and technical, physical, and organisational measures are taken against unauthorised or unlawful acquisition, access, or processing of or accidental loss, destruction, alteration, or damage to the individual’s Personal Data. Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure. As a result, we cannot guarantee the security of any Personal Data you transmit through the Website, and you do so at your own risk.
13.2 If you have any further questions about our security and processing activities, please contact the Data Protection Officer’s team under Clause 6 of this Policy. To the extent permitted by applicable law, we expressly disclaim any liability that may arise. Should any other third parties obtain the Personal Data you submit through or otherwise, it will be no fault ours.
14. COOKIES
14.1 A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Website. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the Website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the Website or browse from one page to another. Cookies also provide information on how people use the Website.
14.2 The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing, and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between thirty (30) minutes and two (2) years from the date they are downloaded to your device.
14.3 You can control and manage cookies in various ways. Please keep in mind that removing or blocking
cookies can negatively impact your user experience, and parts of our Website may no longer be fully
accessible.
14.4 If you want to disable cookies, you need to change your Website browser settings to reject cookies. How you can do this will depend on the browser you use. Further details on how to disable cookies for the most popular desktop browser links are set out below:
Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer Internet
Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-
manage-cookies
Chrome: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
Safari: https://support.apple.com/en-ae/guide/safari/sfri11471/mac
Microsoft Edge: https://support.microsoft.com/en-us/help/4468242/microsoft-edge-browsing-data-and- privacy
If you use a different web browser, please contact the browser maker for instructions on disabling cookies. Please note that if you disable cookies in your browser, some aspects of our Website and other sites may stop functioning.
15. CHANGES TO THIS POLICY
We may change this Policy from time to time and without notice. If we make significant changes in the way we treat your Personal Data or to the Policy, we will provide you notice through our Website. After such notice constitutes, you agree to understand the changes. We encourage you to periodically review this data protection Policy for the latest update.
16. CONTACT
For more information about our data protection practices, if you have any questions, concerns, comments or complaints regarding the Website or this Policy, please contact us by e-mail at yatra@masterskaya22.com, by phone at +971 55 226 4653 or by using the details provided below:
IFZA Properties
Dubai Silicon Oasis
DDP, Building A1
Dubai, United Arab Emirates
Last updated: 1/09/2023
We collect information directly from the Client, who provides it to us automatically through the use of our Website. We ensure to protect such personal data and keep it safe from unauthorized, unlawful access, alteration, processing, disclosure, accidental or unlawful loss, destruction, and damage. We have the following mentioned below:
- We shall have a documented and approved data classification about the users information.
- We shall design, implement, and operate adequate security controls to protect the confidentiality, integrity and availability of data and/or information. Security controls for adequate protection shall include but not limited to access control, cryptography, data backups, data loss prevention, digital rights
- management, and anti-malware.
- We shall only transmit, Process, store, or Transfer Personal Data for a limited purpose for which it is
- intended.
- Encryption software is used to protect all portable devices and removable media, such as laptops.
- Individuals or parents who store personal information on their personal devices are expected to follow
- the same security procedures.
- Where in an event, we need to share Personal Data with a third party, we carry out due diligence and
- take reasonable steps to ensure it is stored securely and adequately protected.
12.COMPLIANCE WITH LAWS
12.1 This Policy and your use of this Website shall be governed by and construed in accordance with the laws of Dubai, U.A.E, and will be in compliance with any obligations of the UAE Data Protection Laws, which is in relation to the processing of the Personal Data.
12.2 The Client shall immediately inform if, in its opinion, the performance of the Services and regulation infringes, or might reasonably be considered to infringe, the Data Protection Laws.
13.DATA SECURITY STANDARDS
13.1We ensure that there are appropriate Security Safeguards in terms of confidentiality and technical, physical, and organisational measures are taken against unauthorised or unlawful acquisition, access, or processing of or accidental loss, destruction, alteration, or damage to the individual’s Personal Data. Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure. As a result, we cannot guarantee the security of any Personal Data you transmit through the Website, and you do so at your own risk.
13.2 If you have any further questions about our security and processing activities, please contact the Data Protection Officer’s team under Clause 6 of this Policy. To the extent permitted by applicable law, we expressly disclaim any liability that may arise. Should any other third parties obtain the Personal Data you submit through or otherwise, it will be no fault ours.
14. COOKIES
14.1 A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Website. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the Website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the Website or browse from one page to another. Cookies also provide information on how people use the Website.
14.2 The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing, and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between thirty (30) minutes and two (2) years from the date they are downloaded to your device.
14.3 You can control and manage cookies in various ways. Please keep in mind that removing or blocking
cookies can negatively impact your user experience, and parts of our Website may no longer be fully
accessible.
14.4 If you want to disable cookies, you need to change your Website browser settings to reject cookies. How you can do this will depend on the browser you use. Further details on how to disable cookies for the most popular desktop browser links are set out below:
Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer Internet
Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-
manage-cookies
Chrome: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
Safari: https://support.apple.com/en-ae/guide/safari/sfri11471/mac
Microsoft Edge: https://support.microsoft.com/en-us/help/4468242/microsoft-edge-browsing-data-and- privacy
If you use a different web browser, please contact the browser maker for instructions on disabling cookies. Please note that if you disable cookies in your browser, some aspects of our Website and other sites may stop functioning.
15. CHANGES TO THIS POLICY
We may change this Policy from time to time and without notice. If we make significant changes in the way we treat your Personal Data or to the Policy, we will provide you notice through our Website. After such notice constitutes, you agree to understand the changes. We encourage you to periodically review this data protection Policy for the latest update.
16. CONTACT
For more information about our data protection practices, if you have any questions, concerns, comments or complaints regarding the Website or this Policy, please contact us by e-mail at yatra@masterskaya22.com, by phone at +971 55 226 4653 or by using the details provided below:
IFZA Properties
Dubai Silicon Oasis
DDP, Building A1
Dubai, United Arab Emirates
Last updated: 1/09/2023