Privacy Policy
Last updated June 26, 2025
Bus1 Technology Motors L.L.C S.O.C – Privacy Notice (English)
Last updated 17 July 2025
Arabic version available. Click the footer link “سياسة الخصوصية (AR)” for the official Arabic text.
1. Scope and Governing Law
This Notice is issued pursuant to UAE Federal Decree‑Law No. 45 of 2021 on the Protection of Personal Data (“PDPL”), together with (where relevant) the DIFC Data Protection Law No. 5 of 2020 and the ADGM Data Protection Regulations 2021.
It applies to all personal data that Bus1 Technology Motors L.L.C S.O.C (“Bus1”, “we”, “us”) processes when you:
visit employee-transportation.com/dubai or any site linking to this Notice;
interact with us at events, via social media, or through customer support channels.
2. Definitions
Controller / Processor – as defined in PDPL Articles 1 & 4.
Personal Data – any information relating to an identified or identifiable natural person.
Sensitive Personal Data – data revealing health, biometric identifiers, religion, etc. (Staff-delivery does not process these categories).
3. Lawful Bases for Processing
Purpose | Lawful basis (PDPL Art. 4) | Typical data elements | Retention* |
Account creation | Contractual necessity | Name, email, mobile no., driver licence no. | 7 yrs (legal time‑bar) |
Marketing e‑mails & SMS | Consent (opt‑in) | Name, email, marketing preferences | Until withdrawn + 30 days |
Fraud prevention & security logs | Legitimate interests | IP address, device ID, behavioural logs | 2 yrs |
Regulatory reporting (e.g., VAT) | Legal obligation | Invoice data | 10 yrs |
4. What Information We Collect
4.1 Data you provide – name, postal address, email, mobile number, driving‑licence details, payment information, marketing preferences.
4.2 Data we collect automatically – IP address, browser type, device identifiers, time‑stamps, click‑path.
4.3 Data from third parties – public business registers, social‑media profiles, marketing partners.
4.4 Google API – Our use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
5. How We Use Your Information
We use personal data to:
deliver and administer our web and mobility services;
verify identity, manage payments and prevent fraud;
personalise content, send service messages and—when you have opted‑in—marketing communications;
analyse usage to improve performance and safety;
comply with auditing, tax, anti‑money‑laundering and other legal duties;
defend or exercise legal claims;
perform any other purpose for which we have obtained your explicit consent.
6. Cookies & Similar Technologies
Non‑essential cookies, analytics tags and advertising pixels are set only after you grant explicit consent via our cookie banner, in line with TDRA guidance. You may withdraw or granularly adjust consent at any time through “Cookie Settings” in the website footer.
We do not currently respond to DO-NOT-TRACK (DNT) browser signals or any other mechanism that automatically communicates your choice not to be tracked online.
7. Sharing Your Information
We disclose data solely to:
Service providers (cloud hosting, payment processors, marketing platforms, etc.) bound by written Data‑Processing Agreements (“DPAs”) that provide “sufficient guarantees” under PDPL.
Authorities or courts when required by applicable law.
Group companies for internal administration on the same lawful bases listed above.
We never sell personal data.
8. International Transfers
Bus1’s primary servers are hosted in the UAE. Where we must transfer personal data outside the UAE (e.g., to EU or US service providers), we:
rely on an adequacy decision of the UAE Data Office (where available), or
implement Standard Contractual Clauses plus a documented Transfer Impact Assessment to ensure an equivalent level of protection.
A summary of our current transfer safeguards is available upon request at manager@employee-transportation.com
9. Security Measures & Breach Notification
We maintain ISO 27001‑aligned technical and organisational measures (encryption in transit and at rest, role‑based access control, continuous monitoring).
If a personal‑data breach likely to involve high risk occurs, we will notify the UAE Data Office (and DIFC/ADGM Commissioners where applicable) and affected individuals without undue delay and within 72 hours of becoming aware.
10. Minors’ data processing
We do not knowingly collect, solicit data from, or market to children under 18 years of age.
11. Your PDPL Rights
You may, subject to verification:
Access your personal data;
Rectify inaccurate or incomplete data;
Erase data (“right to be forgotten”);
Restrict processing;
Port data to another controller;
Object to processing based on legitimate interests or to direct marketing;
Object to automated decision‑making or profiling;
Withdraw consent at any time;
Lodge a complaint with the UAE Data Office or, where applicable, DIFC/ADGM regulators.
12. Exercising Your Rights
Submit a request via e‑mail manager@employee-transportation.com, or write to the postal address below. We respond within 30 days (extendable by 30 days for complex requests).
13. Data Protection Officer
Name: Amira Al‑Haddad, CIPP/M
E‑mail: manager@employee-transportation.com
Postal: Office A‑67, Hor Al Anz, Dubai, UAE
14. Marketing Communications
We send electronic marketing only with your opt‑in consent. Each message contains a 1‑click “Unsubscribe” link. Withdrawal of consent does not affect service messages.
17. Updates and Version History
We review this Policy annually and whenever processing changes.
Version | Date | Key changes |
2.0 | 17 Jul 2025 | PDPL alignment, DPO details, rights portal, cookie consent, cross‑border clause |
1.0 | 26 Jun 2025 | Initial issue |
18. Contact & Complaints
E‑mail: manager@employee-transportation.com
Post: Bus1 Technology Motors L.L.C S.O.C, Office A‑67, Hor Al Anz, Dubai, UAE
If you believe your rights have been infringed, you can complain to the UAE Data Office (dataoffice@gov.ae) or the DIFC Commissioner of Data Protection (commissioner@difc.ae) / ADGM Office of Data Protection as appropriate.