Privacy Policy

Home Privacy Policy

In order to conduct its business activities, it is necessary for Bazaart to act as a data controller with respect to gathering and using the personal data of individuals. These can include clients, suppliers, freelancers, employees and other people the company has a relationship with or may need to contact. This policy sets out how we collect, use and protect any information you give us when using our website and/or our services. We are committed to safeguarding your privacy. Should we ask you to provide certain information, you can be assured that it will only be used in accordance with this policy. We may be required to update this policy from time to time in order to remain legal and compliant. You should check this page periodically to ensure that you are happy with any changes.


WHY THIS POLICY EXISTS

This data protection & privacy policy ensures Bazaart:

•   Complies with UAE Laws and follows good practice

•   Protects the rights of employees, suppliers & clients

•   Is open about how it stores and processes individuals’ data

•   Protects itself from the risks of a data breach


WHAT WE COLLECT

We may collect the following information:

 

Clients & Suppliers:

•   Name, company name and job title

•   Contact information including telephone number and email address

•   Business or personal address and postcode

•   Other information relevant to your enquiry or to enable us to fulfil a contract

 

Employees and Freelancers:

•   Name

•   Contact information including address, telephone number and email address

•   Details of previous work and/or employment

•   Other information to enable us to fulfill a contract or terms & conditions


LAWFUL REASONS FOR PROCESSING

Clients & Suppliers

 

For Business to Business clients and contacts, our lawful reason for processing your personal information will usually in the first instance be “legitimate interests”. Under this we can process your information if we have a genuine and legitimate business reason and we are not harming any of your rights and interests. Once you enter into a contract with us our lawful reason becomes “contractual obligation”. This also includes steps taken at your request before entering into a contract.

 

Freelancers & Employees

 

For Business to Consumer clients and contacts, our lawful reason for processing your personal information will usually be “contractual obligation” e.g. to supply services you have requested, or to fulfill obligations under an employment contract. This also includes steps taken at your request before entering into a contract.


WHAT WE DO WITH THE INFORMATION WE COLLECT

Clients

We require this information to understand your needs and provide you with a better service and in particular, for the following reasons:

•   To provide ongoing customer service and maintain internal record keeping including for accounting purposes

•   To enable contact by email or phone in relation to the enquiry you have made with us

•   To periodically send update emails about new products/services or other information relevant to your enquiry. You may unsubscribe from receiving these emails at any time by clicking the unsubscribe link which is included at the bottom of all our update emails

Employees

We require this information, in order to fulfill your employment contract.


RETENTION

We are required to keep documents, contracts etc. for the length of the contract as a minimum and for up to seven years afterwards as a maximum. We will determine this on a case-by-case basis after taking into account the individual circumstances and will only keep data which is necessary for us to fulfill our contractual obligations. Any personal data held by us for marketing updates will be kept by us until such time that you notify us you no longer wish to receive this information.


SECURITY

We are committed to ensuring that your information is secure and protected against unauthorized or unlawful processing, accidental loss, destruction and damage. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, technical and managerial procedures to safeguard and secure the information we collect.


PAPERWORK

Personal data collected in paper form is stored in locked filing cabinets and shredded when no longer required.

SECURITY BREACHES

Despite all the controls we have put in place to address all the key GDPR principles, there is still always a risk a data breach may happen.


DATA REFERRALS

Our work for you may occasionally require us to pass your information to our service providers and for the purpose of delivering our services to you. Where we are entering into an engagement with a third party, we will seek to be satisfied that they have secure measures in place so your privacy rights continue to be protected as outlined in this policy.  We only disclose information that is necessary to deliver our services and we never allow your personal data to be used by any third party for any market research, marketing or other commercial purposes.  Under GDPR law, we may be required to disclose your data for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also be required to disclose your personal data where such disclosure is necessary for the establishment or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.  In the unlikely event of this, the breach will be notified to all data subjects affected without undue delay. If appropriate, this will also be reported to the ICO within 72 hours of us becoming aware. The person who should be informed of any breaches is named at the bottom of this policy and is contactable by email at all times.