Privacy Policy

This Privacy Policy explains how BYTES GLUE SOFTWARE SERVICES AND SOLUTIONS — FZCO, operating under the brand name Bytes Glue (“Bytes Glue”, “we”, “our”, or “us”), collects, uses, stores, shares, and protects personal information.

This Privacy Policy should be read together with our Terms of Service and any separate agreement, statement of work, data processing agreement, subscription agreement, or privacy terms that apply to a specific engagement.

1. Who we are

BytesGlue provides software consulting, software development, contract engineering, integration delivery, API and platform engineering, automation implementation, SaaS products, website build services, and related technical services.

Legal entity

BYTES GLUE SOFTWARE SERVICES AND SOLUTIONS — FZCO

Brand name

Bytes Glue

Trade license / registration number

44334

Registered address

DSO-THUB-G-D-FLEX-G033D, Dubai, UAE

Country / emirate of registration

Dubai, United Arab Emirates

Phone

+971 50 531 9937

Privacy email

privacy@bytesglue.com

2. Scope of this Privacy Policy

This Privacy Policy applies to personal information processed through:

• the BytesGlue website;
• contact and briefing forms;
• grant or initiative application forms;
• booking, call, and consultation requests;
• email, phone, WhatsApp, and other communications;
• proposal, sales, and onboarding processes;
• project delivery, support, billing, and client management;
• SaaS products, product demonstrations, pilots, or service access where applicable.

This Privacy Policy does not apply to third-party websites, platforms, services, or integrations that we do not control.

3. Information we collect

We may collect the following categories of information.

3.1 Contact and inquiry information

When you contact us, request a briefing, book a call, or submit a website form, we may collect:

• name;
• company or organization name;
• job title or role;
• email address;
• phone number;
• WhatsApp number;
• country, city, emirate, or region;
• selected area of interest;
• message content;
• target outcome, current stack, deadline, constraints, integration boundaries, and requirements;
• any other information you choose to submit.

3.2 Grant or initiative application information

If you apply for a BytesGlue grant, initiative, or similar program, we may collect:

• business name;
• contact person name;
• email address;
• phone or WhatsApp number;
• emirate, area, or free zone;
• business category;
• number of employees;
• years in operation;
• trade license confirmation;
• website and social media links;
• current digital presence;
• business challenges;
• expected impact of the website or service;
• website readiness information, including logo, photos, content, preferred language, and requested pages;
• confirmations, consents, acknowledgements, and application responses.

3.3 Client and project information

During scoping, onboarding, delivery, support, or maintenance, we may collect or process:

• business contact details;
• project requirements;
• contracts, proposals, invoices, and payment records;
• meeting notes and communications;
• technical documentation;
• system architecture details;
• API specifications;
• data mapping requirements;
• test data;
• logs, issue reports, screenshots, diagnostics, and support materials;
• access details or credentials, where strictly necessary and handled through agreed secure methods;
• other information required to deliver the agreed services.

You should not submit sensitive personal data, healthcare data, financial records, production credentials, private keys, or regulated datasets through general website forms.

3.4 SaaS account and product information

If you use a BytesGlue SaaS product, subscription, pilot, or product demo, we may collect:

• account registration details;
• organization details;
• user names and email addresses;
• login, usage, and access records;
• product configuration settings;
• subscription, billing, and plan details;
• support requests;
• technical logs, diagnostics, and error reports;
• integration metadata or connected service information where applicable.

The specific data processed by a SaaS product may vary depending on the product and the applicable product terms.

3.5 Website and device information

When you visit our website, we may automatically collect:

• IP address;
• browser type and version;
• device type;
• operating system;
• pages visited;
• time and date of visit;
• referring page or source;
• approximate location derived from IP address;
• cookie, analytics, security, and similar technical information.

3.6 Communications information

If you communicate with us by email, phone, WhatsApp, booking tools, social media, or other channels, we may collect your contact details, message content, call details, attachments, and related metadata.

3.7 Billing and transaction information

For paid services or subscriptions, we may collect billing details such as company name, billing contact, invoice address, tax information, payment status, transaction references, and related records.

Payments may be handled by cash, bank transfer, Paddle, or another payment method made available by us. If payment is processed through Paddle or another merchant of record, that provider may collect and process payment, tax, invoice, fraud-prevention, and refund information under its own terms and privacy policy.

We generally do not store full payment card details.

4. How we collect information

We collect information:

• directly from you when you submit forms, contact us, apply for initiatives, book calls, sign agreements, purchase services, subscribe to products, or provide project materials;
• automatically through website technologies such as cookies, server logs, analytics, and security tools;
• from business partners, referrals, public websites, social media, or professional platforms where lawful;
• from third-party tools used for hosting, forms, booking, communications, analytics, security, accounting, payment processing, and project delivery.

5. How we use information

We may use personal information to:

• respond to inquiries and contact requests;
• assess fit for consulting, engineering, integration, automation, website, SaaS, or related services;
• prepare proposals, scopes, quotes, contracts, and project plans;
• deliver, support, secure, improve, and document services;
• provide, maintain, secure, and improve SaaS products;
• process grant or initiative applications;
• select, contact, and support grant or initiative recipients;
• conduct calls, briefings, onboarding, and project reviews;
• manage client relationships and communications;
• issue invoices, collect payments, manage accounts, and keep business records;
• provide product demonstrations, pilots, or access where applicable;
• monitor, maintain, secure, and improve the website;
• detect, prevent, and respond to misuse, fraud, spam, security incidents, and unlawful activity;
• comply with legal, accounting, tax, regulatory, contractual, and compliance obligations;
• send service-related messages;
• send marketing or updates where permitted by law or with consent where required;
• protect our rights, property, clients, users, and business.

6. Legal bases for processing

Where applicable law requires a legal basis, we may process personal information based on:

• your consent;
• the need to perform or prepare a contract with you or your organization;
• our legitimate business interests, such as responding to inquiries, securing the website, improving services, managing client relationships, and developing our business;
• compliance with legal obligations;
• protection of legal rights, security, and fraud prevention;
• any other lawful basis available under applicable law.

You may withdraw consent where processing is based on consent. Withdrawal does not affect processing that occurred before withdrawal or processing based on another lawful basis.

7. Cookies, analytics, and security tools

Our website may use cookies, pixels, logs, analytics tools, performance tools, and security technologies to operate the website, understand usage, improve performance, and protect against spam, abuse, and unauthorized activity.

Our forms may use Google reCAPTCHA or similar tools to help protect against spam and misuse. These tools may collect device, browser, interaction, and usage information and are subject to the third-party provider’s own privacy terms.

You can usually control cookies through your browser settings. Disabling cookies may affect website functionality.

8. How we share information

We may share personal information with:

• employees, contractors, consultants, and technical collaborators who need access for legitimate business purposes;
• hosting, cloud, form, CRM, email, communication, booking, analytics, security, payment, and project management providers;
• Paddle or other payment processors and merchants of record;
• banks, accounting providers, and tax advisers;
• legal, compliance, insurance, audit, and professional advisers;
• subcontractors or implementation partners involved in a specific project, where appropriate;
• third-party platforms or vendors selected or approved by you for a project;
• authorities, regulators, courts, or law enforcement where required or permitted by law;
• parties involved in a business transfer, restructuring, merger, acquisition, financing, or sale of assets.

We do not sell personal information.

9. International transfers

Because software delivery, SaaS products, hosting, cloud infrastructure, communication tools, and vendor services may operate across countries, your information may be processed or stored outside your country of residence.

Where required by applicable law, we use appropriate safeguards for international transfers, such as contractual protections, vendor due diligence, access controls, and other lawful transfer mechanisms.

10. Data retention

We keep personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law, contract, tax, accounting, dispute, security, or compliance obligations.

Retention periods may vary depending on the type of information, relationship, legal requirements, and business need.

Examples:

• general inquiries may be retained for a reasonable period to manage communications and follow-up;
• unsuccessful grant or initiative applications may be retained for review, audit, fraud prevention, and future initiative administration;
• client, contract, invoice, and accounting records may be retained as required for business, legal, tax, and accounting purposes;
• SaaS account and usage records may be retained for account management, security, billing, product improvement, and legal purposes;
• technical project records may be retained according to the applicable agreement or support requirements;
• security logs may be retained for security monitoring, incident response, and system integrity.

When information is no longer required, we will delete, anonymize, or securely archive it where appropriate.

11. Security

We use reasonable technical, organizational, and administrative measures designed to protect personal information against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

These measures may include access controls, least-privilege practices, secure communications, credential handling procedures, vendor controls, monitoring, backups, and internal security practices.

No website, SaaS product, network, storage system, or transmission method is completely secure. You should not send sensitive information through general website forms or unsecured channels.

12. Regulated data and sensitive systems

BytesGlue does not process healthcare, financial, or regulated client data in production under this general Privacy Policy.

If a project requires regulated data, healthcare data, financial data, sensitive personal data, production credentials, private keys, or other high-risk information, this must be addressed in a separate written contract with specific terms based on the project type.

Additional privacy, security, data processing, access control, retention, audit, and compliance terms may be required before such work begins.

13. Client data and processor role

For some projects or SaaS services, BytesGlue may process data on behalf of a client as a service provider or processor. In those cases, the client is generally responsible for determining the purpose and lawful basis of processing, and BytesGlue processes the data according to the client’s documented instructions and the applicable agreement.

If a project involves regulated data or high-risk information, separate terms will apply.

14. Your privacy rights

Depending on applicable law and your location, you may have rights to:

• request access to personal information we hold about you;
• request correction of inaccurate or incomplete information;
• request deletion of personal information;
• request restriction of processing;
• object to certain processing;
• withdraw consent where processing is based on consent;
• request a copy or transfer of certain information;
• opt out of marketing communications;
• lodge a complaint with a relevant data protection authority where applicable.

To exercise rights, contact us at privacy@bytesglue.com. We may need to verify your identity before responding. Some rights may be limited by legal, contractual, security, confidentiality, or business record requirements.

15. Marketing communications

We may send business updates, service information, or marketing communications where permitted by law or where you have consented if consent is required.

You can opt out of marketing emails by using the unsubscribe method provided or by contacting us. We may still send non-marketing messages related to services, contracts, invoices, subscriptions, security, support, or ongoing business communications.

16. Children

Our website and services are intended for business users and adults. We do not knowingly collect personal information from children under 18. If you believe a child has provided personal information to us, please contact us so we can take appropriate steps.

17. Third-party links and services

Our website may link to third-party websites, tools, platforms, or services. We are not responsible for the privacy practices, content, security, or terms of third parties.

You should review the privacy policy and terms of any third-party service before using it or submitting information.

18. Updates to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised “Last updated” date.

Material changes may be communicated through the website or other appropriate channels where required.

19. Contact us