Website Privacy Policy

Reviewed in May 25, 2018. GDPR version

We at Metadata UAE respect your personal data and want to be GDPR friendly. That is why, we have tried to make information in this Privacy Policy understandable and clear while boring only to the extent, required by the law.

Who are we?

Metadata UAE, United Arab Emirates is the controller. Our address is #1502 ADCP Business Tower B, Behind City Seasons Al Hamra, Electra Street, Abu Dhabi, United Arab Emirates, info(at) is the right email to contact us about any privacy issues.

Why do we process your data?

Generally, we use your data for marketing purposes.

  1. If you leave a contact request or approach us by email, we’ll use the personal data you’ve provided to contact you regarding your request. In this case, we process your personal data based on our legitimate interest to build client relations with you or your company.
  2. If you download our presentation from our website, we’ll need to collect your personal data to know who has downloaded our marketing materials and conduct some marketing analytics based on that information. We do that based on our legitimate interest to stick to effective marketing practices and know-how to promote our services in the future. The same applies to the information about what website has referred you to us.
  3. If you contact us and the sales form from the website, we’ll need to collect your personal data to know what do you need. We will conduct a presentation, documents to help you understand more about the products or services.
  4. Also, we may add your contact information, received from you through our website or by email, together with some publicly available information about you and your company to our Odoo CRM system for marketing analytics. We do that based on our legitimate interest to know our client’s profile and conduct some market analytics as well.

Please keep in mind that you can always withdraw your consent by leaving us a clear note at info(at) at any time or by clicking the Unsubscribe button under any email received from us.

Also, you may always object to our processing activities based on legitimate interest and have your data completely erased from all our systems. Just write us about your intent at info(at)

In both cases, we’ll stop the processing of your data as soon as we find your note in our Inbox, which shall not take more than a business day.

Please also know that if you withdraw your consent for direct marketing by clicking Unsubscribe button, we will not delete the rest of your data automatically. But you may request us to do so by sending us an email to the address above.

What information do we process?

Here is a complete list of the personal data we may want to know about you:

  • Your name
  • Your email address
  • Your mobile or phone number
  • The company you work at
  • Where is your company located
  • Industry of the company you work at
  • Your interest

Most of the information comes directly from you. We could add some information that is not a secret, like your interest or industry of the company you work at, if you’ve made those publicly available.

Who will share your data

Metadata Computer Systems Partners

We may disclose your information to our affiliates or subsidiaries, which may help us to process it.

Product or Service Providers

We may disclose your data to third-party vendors, service providers who perform functions on our behalfs, such as technical support and marketing analytics. We’ll make sure that they treat it as protective as we do.

Where is your data processed?

Your data is processed in the United Arab Emirates and may be transferred to the EU or the US. Nevertheless, your data will always be safe and under GDPR protection, despite where it is processed.

We treat your data as protective as the GDPR requires from the moment we’ve received it. If we transfer your data inside or outside our partners, we’ll use appropriate safeguards, such as standard contractual clauses, for personal data not to get outside of the GDPR scope.

How long will my data be kept?

We will delete your personal data as soon, as we no longer have a need or a legal basis to process it. What does it mean?

  1. We’ll always delete your data when we receive a request from you to do so. Please take a look here, to learn how to make such a request. In the unlikely event that we are still obliged under the law to keep your data, we’ll inform you about that.
  2. We will not store or otherwise process your data for an “unlimited period” in other cases. If we rely on legitimate interest for processing, your data will be kept as long as we are in a business relationship with you. If we don’t start a business relationship with you, your data will be stored in our systems for some limited time for our analytics to be done. In no case we will keep it for more than 1 year, the period which is necessary for communicating with your company as our potential client and after which we treat old analytics outdated, so your personal data is not needed anymore.

Don’t forget that you may always command us to delete all the information have about you as described here.

What are my rights?

We treat all our visitors equally according to the rules offered by the GDPR, which is believed to be the most progressive and extensive piece of privacy legislation for now.

Your rights are as follows:

  1. The right to be informed
    • You have the right to know, what is going on with your data.
  2. The right of the access
    • You have the right to request us to provide you with information that we have about you.
  3. The right of rectification
    • You have the right to command us to correct your personal data if the information we store is for some reason inaccurate or outdated.
  4. The right of erasure
    • You have the right to request us to delete all your data.
  5. The right to restrict processing
    • You have the right to ask us to stop processing your data if it is unclear whether we must delete your data.
  6. The right for data portability
    • You have the right to ask us to transfer the data that we are processing based on your consent to another controller. However, this right will not apply in the case of interaction between you and us, because it is only applicable when personal data is processed based on the consent or contract, while we are relying on your consent only to provide you with our direct marketing materials.
  7. The right to object
    • You have the right to object to our processing based on legitimate interest, as described here.
  8. Your rights in relation to automated decision making and profiling
    • You have the right not to be subject to a decision based solely on the automated means, in case the decision has a legal effect on you or significantly affects you in a similar way. However, we don’t do anything like that
  9. The right to lodge a complaint with a supervisory authority

For more information about your rights and how to exercise them, we recommend visiting this perfect resource from The EU General Data Protection Regulation(GDPR).

Do you profile me?

If you’ve consented to receive marketing materials from us, we’ll use the information we have about you, as described in this Policy, to provide you with more relevant materials. That’s all the profiling we do.

What about cookies

We don’t use cookies. Our current website is a stateless web application that does not save client data generated in session or cookies.

Is my data secured?

Metadata Computer Systems is ISO-27001 certified. Therefore, we don’t allow any unreliable practices regarding the security of the information we deal with. Consequently, we take all appropriate technical and organizational measure to keep your data safe, as required by the GDPR.

  1. All our employees or any recipients of your data are bound by confidentiality and are not authorized to process your data for the purposes other than described in this policy. We take full responsibility for that.
  2. We follow the Information Security Policy, which is mandatory and applies to all our partners, and all the other individuals who can have authorized access to information resources.
  3. Our Information Security Policy applies to all the information stored on physical or digital database.
  4. All our security practices and documents are reviewed on a yearly basis, approved by the manager and are implemented throughout the partners as well as are communicated to all our employees.
  5. We conduct mandatory training for all our employees on privacy and security.
  6. We ensure authentication and authorization controls are robust and properly treated.
  7. We continuously gather and analyze data regarding all the new and existing threats and vulnerabilities, actual attacks on other organizations, as well as information about the effectiveness of the existing security controls.
  8. Our servers, workstations, and internet gateway devices are updated periodically with the latest antivirus definitions that include zero-day anti-malware protection.

Still, have some questions?

You can reach us at [email protected]