Privacy Policy

Orpheus Technologies FZ LLC (“Orpheus”, “we”, “us”, or “our”) operates the website at https://orpheus-uae.com (the “Site”). We are a B2B IT consulting and enterprise software development company registered in Dubai, United Arab Emirates, specialising in Zoho business application implementations.

We act as the data controller for personal data collected through this Site. This Privacy Policy explains how we handle your personal data in accordance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (“PDPL”) and applicable international standards. By using the Site, you acknowledge the practices described in this Policy.

We use the personal data we collect for the following purposes:

• Responding to your inquiries and scoping your project requirements
• Scheduling discovery calls, product demonstrations, or consultations
• Preparing and delivering project proposals
• Sending follow-up communications relevant to your inquiry
• Improving Site performance, usability, and content relevance
• Analysing visitor behaviour to optimise conversion journeys (via Zoho PageSense)
• Complying with applicable UAE legal and regulatory obligations
• Detecting and preventing fraudulent, abusive, or unauthorised use of the Site

We process your personal data based on the following lawful grounds under the UAE PDPL and comparable international frameworks:

• Legitimate interests — responding to your B2B inquiry, operating and improving the Site, and communicating with prospective clients
• Contractual necessity — where an engagement has been agreed, processing data is necessary to fulfil our obligations to you
• Legal obligation — where processing is required to comply with UAE federal law, including record-keeping and regulatory requirements
• Consent — where you have explicitly consented (e.g., subscribing to updates), which you may withdraw at any time

We do not sell, rent, or trade your personal data to third parties for marketing or commercial purposes. We share data only where strictly necessary, with the following categories of recipients:

• Zoho Corporation Pvt. Ltd. — our CRM (Zoho CRM), analytics (Zoho PageSense), and live chat (Zoho SalesIQ) platforms process data on our behalf. Zoho operates under its own published privacy policy.
• Hostinger — our website hosting provider stores Site data on its infrastructure in accordance with its data processing agreement.
• Professional advisors — lawyers, accountants, and auditors, strictly as necessary and subject to professional confidentiality obligations.
• Regulatory authorities — where required by UAE law, a court order, or enforceable governmental request.

All third-party service providers we engage are bound by confidentiality obligations and data processing agreements. They are not permitted to use your personal data for their own independent purposes.

Some of our third-party service providers may store or process data in jurisdictions outside the United Arab Emirates. Where such transfers occur, we take appropriate steps — including contractual safeguards and service provider data processing agreements — to ensure your data is protected to a standard consistent with Article 22 of the UAE PDPL and comparable international requirements.

We retain personal data only for as long as is reasonably necessary to fulfil the purposes described in this Policy, unless a longer retention period is required or permitted by UAE law.

• Inquiry submissions — retained for up to 3 years from last contact, unless an engagement results
• Client project records — retained for 7 years from project completion, per UAE Commercial Transactions Law requirements
• Analytics data— anonymised usage data aggregated and retained in accordance with Zoho PageSense’s data retention policy

When your data is no longer required, we delete or anonymise it securely.

We implement industry-standard technical and organisational security measures to protect your personal data from unauthorised access, accidental loss, disclosure, alteration, or destruction. These measures include:

• TLS/HTTPS encryption for all data transmitted to and from the Site
• Restricted access controls — only personnel with a legitimate need may access personal data
• Secure hosting infrastructure on Hostinger’s managed servers
• Periodic security reviews and dependency updates

No information system is entirely immune to breach. If you have reason to believe that your interaction with us has been compromised, please contact us immediately at privacy@orpheus-uae.com.

Under the UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection, you have the following rights with respect to personal data we hold about you:

• Right of access — request a copy of the personal data we hold about you
• Right to correction — request that we correct inaccurate or incomplete data
• Right to deletion — request erasure of your data, subject to legal retention obligations
• Right to restriction — request that we limit processing in certain circumstances
• Right to object — object to processing based on legitimate interests
• Right to data portability — receive your data in a structured, machine-readable format where technically feasible
• Right to withdraw consent — where processing is based on your consent, withdraw it at any time without affecting prior lawful processing

Our Site uses cookies and similar tracking technologies. The following categories of cookies are in use:

• Essential cookies — required for the Site to function, including session management and security. These cannot be disabled.
• Analytics cookies — Zoho PageSense collects anonymised usage statistics to help us improve the Site and measure conversion performance.
• Live chat cookies — Zoho SalesIQ requires cookies to maintain chat session state and provide conversational continuity.

You may disable non-essential cookies through your browser settings. Note that disabling cookies may affect the functionality of certain Site features, including the live chat widget.

This Site is directed at business professionals and is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a person under 18, we will delete it promptly. If you believe we have collected data from a minor, please contact us at privacy@orpheus-uae.com.

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. The “Effective Date” displayed at the top of this page will be updated with each revision.

We encourage you to review this Policy regularly. Your continued use of the Site following any changes constitutes acceptance of the updated Policy.

If you have any questions, concerns, or requests relating to this Privacy Policy or our data processing practices, please contact our Data Protection contact: