This privacy policy (the “Policy”) describes how Emirates Telecommunications Group Company P.J.S.C. (collectively, “e&” or " we / our / us ") collect, use and share personal information collected from you as a user of the e& universe metaverse platform (accessible via the website https://www.eanduniverse.com, its related customer support functions, and/or other interactive areas or services made available to users on the foregoing website or platform (collectively, the “Services”).
e& is committed to safeguarding the privacy of the users and to protecting the personal information they share with us.
Please read this entire Policy. We may also post different privacy policies for certain components of the Services (Including the Terms & Conditions) and, when we do so, this Policy does not apply or will only apply to the extent indicated in such other policies. You should carefully review such other policies and any other agreements that apply to the Services and confirm you understand and agree to them, before using the relevant Services.
You may contact us at any time using the details provided in Section 12 (Contact Us) below if you have any questions or would like more information about this Policy or exercise your rights pursuant to it.
TABLE OF CONTENTS
WHAT INFORMATION DO WE COLLECT?
INFORMATION YOU GIVE US
INFORMATION WE AUTOMATICALLY COLLECT
INFORMATION WE CREATE OR GENERATE
INFORMATION COLLECTED THROUGH THIRD PARTIES
HOW DO WE USE INFORMATION?
HOW IS INFORMATION SHARED?
INFORMATION YOU SHARE
INFORMATION WE SHARE
STORAGE AND TRANSFER OF YOUR INFORMATION
CHILDREN
RETENTION
YOUR RIGHTS
YOUR RIGHTS PURSUANT TO THE CCPA
YOUR MARKETING AND ADVERTISING CHOICES AND CONTROLS
PROTECTION OF YOUR PERSONAL INFORMATION
CONTACT US
CHANGES TO THIS POLICY
1. WHAT INFORMATION DO WE COLLECT?
A. INFORMATION YOU GIVE US
In order to register for and use our Services, you will need to provide your name and email address to us. You may also, at your option, provide your mobile number. If you want to make a purchase through our Services, we may ask you to provide payment-related information (like your credit card number and expiration date) to complete the transaction.
We also collect the information you voluntarily provide to us, such as when you use through the Services social features like forums or chat, complete surveys, or contact us through technical support requests.
B. INFORMATION WE AUTOMATICALLY COLLECT
When you use the Services, we and/or Viveport Limited and Viveport Digital Corporation (each, a “solution provider”, which, on our behalf and as we may direct, develop and maintain certain Services) will automatically collect your Internet Protocol (IP) address, geolocation, device type, access time, page visit count, language, and certain other communication data that we are required to collect pursuant to applicable laws in the UAE (but which we compel our solution providers to delete within 24 hours of collection).
We and our service providers may also log information about you using web beacons, cookies, local shared objects (LSOs) and similar methods . We and our service providers may associate any of the information collected about you using these methods with information that you provide and any other information gathered from other sources in accordance with this Policy.
In addition to the information we and/or our service providers automatically collect, we and our service providers may collect more detailed de-identified data about your device via the Google Analytics tracker. Collecting this data helps us to understand how you use your device and improve the Services.
C. INFORMATION WE CREATE OR GENERATE.
We may infer your city, state, and country location based on your IP address.
3. INFORMATION COLLECTED THROUGH THIRD PARTIES
The Services may contain links to third-party websites and services that are not owned or controlled by e&. We are not responsible for the privacy practices related to or the content of such third party websites and services, and by choosing to visit them you do it at your own risk.
3. HOW DO WE USE INFORMATION?
e& may use your information, including personal information, as follows:
Purpose of Use
Legal Basis (UAE-based users)
Legal Basis (EU-based users)
To provide and deliver the Services and any other products or services available on e& universe that you request.
Performance of a contract
Legitimate Interests
To understand you and your preferences to enhance your experience and enjoyment using the Services
Consent
Legitimate Interests
To send you information in response to your requests and queries in connection with the Services, including confirmations, technical notices, updates, security alerts and support and administrative messages.
Protect your interests
Legitimate Interests
To send you marketing communications including about contests, promotions, rewards, upcoming events and news about products and services offered by e& and our selected partners (we do this as per your choices) in connection with the Services and to process and deliver contest entries and rewards. You may also receive targeted advertising relating to the Services on social media platforms (in accordance with your marketing preferences on those platforms).
Consent
Legitimate Interests
To operate and improve the Services and our marketing in connection with the Services.
Consent
Legitimate Interests
To compile information to be able to provide you with a personalized and customized experience, content, marketing and recommendations with respect to the Services (in line with your choices as they relate to receiving any direct marketing communications).
Consent
Consent
To link, associate or combine your personal information with other information we get about you from your use of other e& services, for the purposes that we disclose in this Policy, including to help understand you and your needs, and provide you with recommendations, better service and customized marketing.
Consent
Consent
To compile usage and other statistics and insights relating to the Services.
Consent
Legitimate Interests
To prevent, investigate and deter against fraudulent, unauthorized or illegal activity using the Services, and ensure our network and information security.
Legal obligation
Legitimate Interests
To facilitate sharing of information and content that you choose to upload via social media (for example if you choose to upload content on the e& forum or other applications, this may be made available for others to see through such forum).
Publicly available data
Legitimate Interests
To protect, investigate and deter against fraudulent, unauthorized or illegal activity.
Legal obligation
Legitimate Interests
As set out in the table above, we rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the Services and any other products you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our other customers, or fulfil other legitimate purposes in accordance with applicable data protection laws.
If you wish to obtain further details regarding our legitimate interests, please contact us by sending a request using the contact details specified at the Section “Contact Us”
Where your personal information is necessary for us to be able to provide you with requested services we make this clear on collection or otherwise in this Policy. If you decline to provide us with this information or object to continued processing of this information we will be unable to provide such requested services to you.
If you object to the processing of your personal data for marketing communication or if you withdraw your consent, we may only process certain required data (for example, name and email address) in our internal emailing system in order to ensure the ongoing observance of your objection or of your withdrawal of consent.
4. HOW IS INFORMATION SHARED?
A. INFORMATION YOU SHARE
The Services may allow you to connect and share your actions, comments, content and information publicly or with people you specify. You may also connect to, and share your information on, third-party social media platforms, websites, applications and services (“Third Party Sharing Services”) through links, “plug-ins,” widgets, buttons, and other third party features made available on and connected with our Services. Your wireless operator and/or mobile operating system provider may also collect, use and share information about you, your device and your usage of their services and/or products. Please be mindful of your own privacy needs as you choose who to connect with and what to share and make public. We cannot control the privacy or security of information that you choose to make public or share with others. We also cannot control and are not responsible for any Third-Party Sharing Services or their actions, including the data that these Third-Party Sharing Services collect from you and your device, or how they use such data. This Policy does not cover such Third-Party Sharing Services. Please review the privacy policies of all Third-Party Sharing Services to understand their privacy practices.
B. INFORMATION WE SHARE
We may share, and our service providers may share on our behalf, your personal information as follows where it is lawful to do so, including:
With your consent. For example, we may share your personal information with our partners where you have given your consent to receive such marketing. Our partners’ use of your personal information will be subject to their privacy policies.
For the purposes of a business deal (or negotiation of a business deal) involving a sale or transfer of all or a part of our business or assets. Business deals may include any merger, financing, acquisition or bankruptcy transaction or proceeding.
For legal, protection, security and safety purposes:
to comply with laws or regulatory requirements and to respond to lawful requests and legal processes, including pursuant to applicable lawful interception laws in the UAE;
to protect the rights and property of e&, our agents, customers and others, including enforcing our agreements, policies and terms of use and protecting our network and physical assets; and/or
in an emergency, including protecting the safety of our employees and agents, our customers or any other person.
With service providers and vendors who collect and process personal information as part of the various types of services that they provide to us, including IT services, necessary for the achievement of the purposes described in this Policy. In addition, as described above, we have partnered with our solution provider to provide the Services, who may collect and process personal information on our behalf. These providers are only permitted to use your personal information to the extent necessary to enable them to provide their services. They are subject to appropriate contractual obligations and they are required to follow our instructions and to comply with appropriate security measures to protect your personal information.
5. STORAGE AND TRANSFER OF YOUR INFORMATION
As we are based in the UAE, your personal information needs to be transferred to the UAE where it will be stored and processed by personnel of our processor, Viverse Limited, having its principal place of business at 10 Earlsfort Terrace, Dublin 2, Dublin, D02 T380, Ireland.
In addition, when we share your personal information as mentioned in Section 3 above, it may imply transfers of your personal information overseas, which may include transfers to countries outside the country of collection or the UAE whose laws provide levels of protection for personal information that are not always equivalent to the level of protection that may be provided in your own country.
Where your personal information is transferred outside the country of collection or the UAE, security measures and appropriate safeguards are put in place to protect your information and we ensure that all transfers of your information comply with applicable data protection law, and are carried out in accordance with our instructions. As applicable, such appropriate safeguards may include standard contractual clauses issued by the European Commission. To find out more about the transfers and the applicable safeguards , please contact us using the details provided in Section 12 (Contact Us) below.
6. CHILDREN
The Services are not directed towards children under the age of 16, and we do not seek to or knowingly collect personal information from or about children under the age of 16, and do not sell or share personal information from or about children under the age of 16.
7. RETENTION
We will retain your personal information for no longer than is necessary to fulfil the purposes outlined in Section 3 (How do we use information?) above, or for a period of time specifically required by applicable regulations or laws (such as retaining the information for tax and accounting purposes).
When determining the relevant retention periods, we will take into account factors including:
our contractual obligations and rights in relation to the information involved;
our legal obligation(s) under applicable laws to retain data for a certain period of time;
the application of a statute of limitations under applicable laws;
existing or potential disputes; and
guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your information once it is no longer needed. If you would like more information on how long we retain your information, please contact us using the details provided in Section 12 (Contact Us) below.
8. YOUR RIGHTS
Subject to the applicable data protection laws (including any conditions and exceptions contained therein), you may have a number of rights when it comes to your personal information. Further information and advice about your rights can be obtained from the data protection regulator in your jurisdiction. You can request to exercise any of these rights by contacting us using the details provided in Section 12 (Contact Us) below. These rights may include:
The right to object to processing. Right to object to certain types of processing, including processing for direct marketing (i.e. receiving emails from us notifying you about other services which we think will be of interest to you or being contacted with potential opportunities).
The right of access. Right to obtain confirmation as to whether your personal information is processed by us and if so, to request and obtain copy of it.
The right to rectification. Right to have your personal information corrected if it is inaccurate or incomplete.
The right to erasure/deletion. Right to request the deletion or erasure of your personal information depending on the circumstances. For example, this right does not apply if the processing is necessary to establish, exercise, or defend legal claims.
The right to restrict processing. Right to restrict the use of your personal information. When processing is restricted pursuant to this right, we can still store your information, but will not use it further except with your consent, for the establishment, exercise or defense of legal claims, for the protection of the rights of another person or for reasons of important public interest.
The right to data portability. For processing carried out by automated means, right to obtain a copy of your personal information provided to us, for example if you decide to switch to a new provider.
The right to lodge a complaint. Right to lodge a complaint about the way we handle or process your information with the competent data protection authority, in particular in the country of your habitual residence, place of work, or place of an alleged infringement if you consider that the processing of your personal information carried out by us infringes any applicable privacy laws.
The right to withdraw consent. If processing of your personal data is based upon your consent, right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful).
9. YOUR RIGHTS PURSUANT TO THE CCPA
If you are a California resident, you may have the following rights with respect to the processing of personal information about you under the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”):
The right to transparency. The right to be informed of the categories of personal information we collect; the purposes for collecting and using such personal information; whether such personal information is “sold” or “shared”; and the length of time we intend to retain each such category of personal information, or if that is not possible, the criteria we used to determine that period, among other information. Please read this Policy and any other terms provided to you at or before the collection of your personal information carefully, as they contain such information.
The right to access. The right to access the categories and specific pieces of personal information that we have collected about you, the categories of sources from which we have collected your personal information, our business purposes for collecting your personal information, and the categories of third parties with whom we have shared your personal information.
The right to correct. The right to have your personal information corrected if it is inaccurate or incomplete.
The right to deletion. The right to request that we delete your personal information under certain circumstances, subject to a number of exceptions.
The right to opt out of the “sale” and “sharing” of your personal information. Right to opt out of the “sale” and “sharing” of your personal information. Although we do not sell personal information in the traditional sense (i.e., for money), the CCPA/CPRA defines “sell” and “share” very broadly, and our use of third party cookies and Google Analytics may be considered a “sale” or “sharing” under that definition.
Right to non-discrimination. Right not to be discriminated against for exercising your rights as set out in the CCPA/CPRA.
To exercise your right to access, correct or deletion, and/or to opt out of the “sale” and “sharing” of your personal information, you can contact us using the details provided in Section 12 (Contact Us) below.
You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA/CPRA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
We need to verify your identity in order to respond to your requests. We may do so by requiring you to give a declaration as to your identity under penalty of perjury and/or provide additional information.
We will acknowledge receipt of your request within 10 business days and will substantively respond to your request or notify you of an extension period (up to 45 calendar days) and reason therefor within 45 calendar days.
10. YOUR MARKETING AND ADVERTISING CHOICES AND CONTROLS
Our marketing emails tell you how to “opt out” of receiving further marketing emails. If you opt out, we may still send you non-marketing emails. Non-marketing emails include emails about your accounts and our business dealings with you, and may include a request that you participate in surveys related to your use of, and satisfaction with, the Services.
You can request through the contact details specified in Section 12 (Contact Us) to change your contact details or marketing choices and to update, access, delete or make other changes regarding your personal information or content that you post using the Services in accordance with your applicable rights described in Section 8 (Your Rights). We will honor all such requests in accordance with our obligations under applicable laws.
We also use cookies through the Services.
11. PROTECTION OF YOUR PERSONAL INFORMATION
We are committed to protect personal information by taking appropriate physical, technical and organizational measures to help guard against unauthorized or unlawful access, use, processing or alteration of your personal information and against any breaches or loss of such personal information, such as anonymization, pseudonymization, encryption (such as encrypted by Transport Layer Security (HTTPS) during transmission), and restricted access. Although we take steps to use and improve various safeguards, no system or technology is completely secure. If you become aware of a technical vulnerability affecting the Services or have a concern related to the protection of personal information, please email care@etisalat.ae or visit our website to report it.
Please protect your user names and passwords to help prevent anyone from accessing your accounts and your personal information.
We are not responsible for the security of any independent third-party applications and services or the data those third-party applications and services may collect about you. Please ask those third parties how they keep your data safe.
12. CONTACT
We welcome your comments or questions about this Policy. For that purpose or if you want to exercise any of your rights, please email us at care@etisalat.ae or contact us in writing at the address listed below:
Emirates Telecommunications Group Company (Etisalat Group) P.J.S.C.
P.O. Box 3838, Abu Dhabi
United Arab Emirates
13. CHANGES TO THIS POLICY
We may add to, or amend, this Policy with other notices. If we make any changes to this Policy they will be posted on this page and we will change the “Last Updated” date below. If such change to this Policy requires your consent, you will have a choice to consent as to whether or not we may use your personal information in the revised manner.
THIS PRIVACY POLICY WAS LAST UPDATED ON 26 June 2023.
