Oosal Privacy Policy
Understand how we handle provider data responsibly under the UAE Personal Data Protection Law (PDPL).
- Version
- 1.0
- Effective Date
- 1 November 2025
- Last Updated
- 1 November 2025
PDPL Commitment
Oosal Portal LLC processes personal data in accordance with Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data in the UAE. Data subject rights requests are prioritized and handled within 30 calendar days.
1. Purpose
This Privacy Policy explains how Oosal Portal LLC ("Oosal", "we", "our", or "us") collects, uses, shares, and protects the personal and business data of service providers using our B2B platform in compliance with the UAE Personal Data Protection Law (PDPL).
2. Scope
This Policy applies to all licensed UAE business providers who use the Oosal B2B platform available at oosal.app.
3. Data We Collect
We collect the following categories of information:
- Business Identification Data – Trade license, business name, and contact details.
- Account and Verification Data – Login credentials, verification documents, and uploaded profile information.
- Billing and Payment Data – Payment information processed through Stripe for subscriptions and transactions.
- Content and Portfolio Data – Media, text, and other materials you upload to showcase your services.
- Communication Records – Messages and interactions with clients or the Oosal support team.
- Automatically Collected Data – IP address, device details, cookies, and usage analytics for performance and security.
4. How We Use Your Data
Your data is used to:
- Manage and verify accounts;
- Process payments and subscriptions;
- Operate and improve the Platform;
- Ensure security and prevent fraud;
- Comply with applicable laws and regulations.
5. Legal Basis for Processing
We process data based on one or more of the following legal grounds:
- Consent – When you provide permission for specific processing activities.
- Contractual Necessity – To deliver the services you request.
- Legal Obligation – To meet UAE regulatory requirements.
- Legitimate Interest – For secure and efficient Platform operation.
7. Cross-Border Transfers
Data may be hosted or processed outside the UAE. When this occurs, Oosal ensures that contractual and technical safeguards provide PDPL-equivalent protection for your data.
8. Storage and Security
We use strong technical and organizational measures, including:
- TLS encryption for data in transit;
- AES-256 encryption for stored data;
- Restricted access for authorized personnel only.
Regular security audits help maintain data integrity and prevent unauthorized access.
10. Data Retention
We retain data for the duration of your active account and for up to six (6) years thereafter to comply with legal and accounting requirements. Data is permanently deleted within 90 days after the retention period ends.
11. Your Rights
Under the PDPL, you have the right to:
- Access your data;
- Request correction or deletion;
- Restrict or object to processing;
- Request data portability.
Requests can be sent to support@oosal.app and will be addressed within 30 days.
Need to exercise a PDPL right?
Submit a request via support@oosal.app or complete our data subject request form. We will confirm receipt and respond within 30 days.
12. Marketing
Oosal sends only operational, transactional, or security-related emails. We do not send third-party marketing messages or share data for advertising.
13. Children's Data
The Platform is intended for users aged 18 and above. If we become aware of data collected from a minor, it will be deleted immediately.
14. Updates to This Policy
This Privacy Policy may be updated periodically to reflect changes in law or Platform features. The latest version will always be available at oosal.app/privacy-policy, with the effective date clearly displayed.