Terms of Service

Privacy Policy MaviBot L.L.C-FZ Company Address: Meydan Grandstand, 6th floor, Meydan Road, Nad Al Sheba, Dubai, U.A.E. 09/09/2025 The administration of the MaviBot.ai website ("the Company," "MaviBot," "we," or "us") is committed to protecting your privacy on the Internet. We place a high priority on securing the personal and other data you provide to us. Our privacy practices are based on the European Union’s General Data Protection Regulation (GDPR) and the United Arab Emirates' Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (the "Personal Data Protection Law"). These regulations form an integrated framework designed to ensure the confidentiality of information and protect the privacy of individuals in the UAE. Purpose of this Policy This Policy is designed to protect the fundamental rights of data subjects, with specific consideration for how these rights apply to the protection of personal data within emerging technologies. Data Processing Personal data on the Service is processed in two ways: 1. As a Data Controller: We process the personal data of Users where the User is directly the owner of the provided personal data. 2. As a Data Processor: We process the personal data of our users' clients on behalf of and according to the instructions of the User. Under the second method of personal data processing, users are obligated to collect consents for the processing of personal data from their own clients INDEPENDENTLY! When processing data on behalf of our users, the data is uploaded and stored within the Service in compliance with applicable data protection laws and regulations. A Key Distinction It is important to note that when acting as a data processor, we strictly adhere to our Users' instructions. We do not use such data for any purpose other than to provide, secure, and maintain the Service. The purposes for which we collect your personal data are: 1. To Operate and Improve Our Service page 2 of 10 We use your data to enter into an agreement with you, to operate, maintain, and administer your account, and to communicate with you for service-related purposes. This includes sending announcements, technical notices, updates, security alerts, and support and administrative messages. We also use your data to respond to your requests, questions, and feedback, and to perform our billing and invoicing obligations. 2. To Provide the Service We process Customer Content on your behalf and under your instructions to deliver the functionality of the Service. 1. Communication and Service Information If you request information from us, register for the Service, submit a form, provide feedback on our Site, or participate in our surveys, promotions, or events, we may send you MaviBot-related marketing communications, but only where permitted by law. In every such communication, we will provide you with a clear option to opt-out. Furthermore, we may use the personal data we collect about you to manage and display advertising campaigns on social media platforms. 2. To organize events and communicate with you We use the personal data you provided during event registration to send you event reminders, communications related to the event and our services, and to request your feedback. All such communications will include a clear option to opt-out. 3. To Comply with Legal Obligations. We use your personal data as necessary to comply with applicable laws and legal obligations. This includes fulfilling sanction screening requirements, meeting accounting and tax standards, responding to legal processes or audits, and complying with legally binding requests from government authorities, such as subpoenas. Prior to disclosing any personal data in response to a government request, we carefully check its validity and legal basis. 4. To Negotiate, Enter, and Perform Agreements We collect and process information about our counterparties and their representatives to facilitate negotiations, enter into legally binding agreements, and ensure successful cooperation and contract performance. 5. For Compliance, Security, and Safety. We use your personal data as we believe necessary or appropriate to: (a) enforce the terms and conditions that govern the Service; (b) protect our rights, privacy, safety, and property, and/or those of you or others; and (c) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity. page 3 of 10 6. Product Improvement and Analytics. We may use anonymized or aggregated Customer Content for internal purposes such as product improvement, development, and analytical research. The Personal Data should be: ● Processed lawfully, fairly, and transparently in relation to the data subject. ● Collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes. ● Adequate, relevant, and limited to what is necessary for the purposes for which it is processed (data minimization). ● Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that inaccurate data, having regard to the purposes for which it is processed, is erased or rectified without delay. ● Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed. ● Processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage, using appropriate technical and organizational measures. ● Processed in accordance with the rights of the data subject under applicable law, including the GDPR and the laws of the UAE. This Privacy Policy describes how we process personal data for the following categories of data subjects: - Our Users, their end-users, and representatives; - Website visitors; - Newsletter subscribers; - Prospective customers; - Our counterparties and their representatives. This Policy applies to information collected through: ● Our Service; ● Our website and any other websites administered by the Company that display this Policy; ● Our mobile applications; ● Other sources as described herein. We do not sell your personal data to third parties for commercial or advertising purposes. We only share your data as described in this Privacy Policy or with your explicit consent. We disclose personal data to third parties under the following circumstances: Service Providers page 4 of 10 We engage third-party companies and individuals to facilitate our Service and perform certain functions on our behalf (e.g., payment processing, data analysis, and cloud hosting). These service providers are only permitted to process your personal data: ● To perform the specific tasks we have engaged them for; ● In accordance with our written instructions and the terms of our agreements with them; ● For lawful business purposes; and ● For no other purpose. Third-Party Applications and Integrations Our Service allows Users to connect with third-party applications and services (e.g., Facebook, Instagram, TikTok, Stripe, PayPal). Compliance with Laws and Law Enforcement; Protection of Rights The Company may disclose information about you to government or law enforcement officials or private parties as required by law. We may also disclose and use such information as we believe necessary or appropriate to: (a) comply with applicable laws, lawful requests, and legal processes, including responding to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern the Service; (c) protect our rights, privacy, safety, or property, and/or that of you or others; and (d) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity. Personal Data Storage and Processing The personal data collected by MaviBot depends on the nature of your interaction with our Service. This data can be categorized as follows: 1. Data Collected Through Your Use of the Service When you use MaviBot or interact with an entity that uses our Service, we store the content you provide, including personal information related to you as a customer or end user. We collect this data directly from you when you input it, or through integrations you have linked to the Service (e.g., Facebook, Instagram, TikTok). We may also receive information about you from third-party sources, such as payment processors who confirm the status of your transaction. 2. Data from Communications When you contact us via email or through a chat function, we store the content of your messages, any attachments, and your contact details. 3. Data from Forms and Events page 5 of 10 When you submit forms on our website (e.g., for contact, subscriptions, or demo requests), we collect the contact details and information you provide. If you participate in events we host jointly with partners, we may receive your information from those partners. 4. Data from Website Use When you use our website, we automatically collect certain information that may, alone or in combination with other data, constitute personal data. This includes data collected via cookies and similar technologies, as described in more detail in our Cookie Policy section. 5. Data from Social Media and Communities When you interact with our social media channels or online communities (e.g., by following us on Instagram or joining our groups), we may have access to the public data on your profile and process the comments or content you post. We collect and process your personal data only with your willing consent. With your permission, we can collect and process the following data: - Last name, first name; - Email address – in case of registration via email, as well as for the exchange of documents and other important information (including legal information) with the MaviBot.ai service; - Apple ID – only in case of registration via Apple ID; - Mobile phone number or email address – only in case of registration via Facebook; - Your personal photographs – only if you registered via Facebook, uploaded your personal photo in your account settings, or uploaded your personal photos in another section of the MaviBot.ai service; - Video – only if you upload video files to MaviBot.ai where your face or part of it is visible; - Bank account details: Bank account number, bank name, bank's correspondent account, bank's Tax Identification Number, bank's Registration Reason Code, bank's Identification Code – only for making payments to the Company and for refunding your balance of unused funds according to the Terms of Service; - Legal entity details for representatives of legal entities: Representative's position, legal entity name, legal entity details – in case you are a representative of a legal entity and pay for the Service's services via issued invoices; - Data from messenger/social media accounts: This includes, but is not limited to, photos, videos, unique username, profile description, access tokens and keys (for integrations), etc. – in other words, data from messenger or social media accounts that you use to: - either register on the Mavibot.ai website; - or connect a messenger, social network, or payment service to Mavibot.ai for using the Service. The collection and processing of your personal information is conducted in accordance with the laws of the United Arab Emirates and the European Union. If you are located in the European Economic Area (“EEA”), the UK, Brazil, or Switzerland, you have the right to: page 6 of 10 ● Object to the processing of your personal data. ● Request the restriction of processing of your personal data. ● Request the portability of your personal data, where technically feasible. Furthermore, if we have collected and processed your personal data based on your consent, you have the right to withdraw your consent at any time. Withdrawing your consent does not affect the lawfulness of processing based on consent before its withdrawal, nor does it affect the processing of your personal data conducted on other lawful grounds. You also have the right to obtain additional information regarding the international transfers of your personal data and to access the safeguards and contractual clauses that regulate such transfers. 1. The User's request to withdraw consent may be made in free form as a written document (including in electronic form), which may be: - sent to the Operator by postal mail; - sent to the email address [email protected]; - sent to the Company's technical support chat. 2. The Company does not disclose and disseminate personal data to third parties without the consent of the personal data subject, unless otherwise provided by law. 3. The Company ensures the security of personal data processed in the MaviBot’s information systems. This security is achieved by preventing unauthorized, including accidental, access to such data, as well as by implementing the following security measures: - identifying current threats to the security of personal data and to the information technologies used in the information systems; - the implementation of organizational and technical measures to ensure the security of personal data during its processing in the Company’s information systems, necessary to comply with data protection requirements — the fulfillment of which guarantees the levels of protection established by the Government of the UAE; - the implementation of procedures for assessing the compliance of information security measures; - the assessment of the effectiveness of the security measures implemented to protect personal data prior to the commissioning of the information system; - ensuring the operable functioning of computer equipment handling personal data in accordance with the operational and technical documentation of the computer equipment and taking into account the technical requirements of information systems and information security tools; - detection and recording of unauthorized access to personal data, unauthorized re-recording and additional recording of information after its extraction from the information system, and taking appropriate measures; - restoration of personal data that has been modified, deleted, or destroyed as a result of unauthorized access; page 7 of 10 - establishment of access rules for personal data processed in the Operator’s information systems, as well as ensuring the logging and recording of all actions performed with personal data in the Operator’s information systems; - the use of antivirus tools and tools for restoring the personal data protection system; - the use of firewall tools, and, where necessary, intrusion detection systems, vulnerability analysis, and other technical means of information protection. Data Storage, Alteration, and Removal The user who has provided their personal data to MaviBot.ai has the right to modify or delete it, as well as the right to withdraw their consent to data processing. The period for which user personal data is processed is: - The period of the user's use of the MaviBot Service. After the user has finally ceased using the MaviBot Service, the site administration will irrevocably delete the user's personal data and the data of their clients. The administration retains the personal data of users and their clients' data for a period of one year after the expiration of a subscription on any of the three Plans, including the free Plan. After this period, the data will be permanently deleted or anonymized. You have the right to request information about the consequences of refusing to provide your consent for data processing where such processing is based on consent. We will provide this information at the time of requesting your consent. To access your personal data, you can contact the administration on: [email protected]. We will be able to pass your data to a third party only with your willing consent. If the data was transferred to a third party, which is not associated with our organization, we cannot perform any changes to that data. Processing of VisitingTechnical Data Our website automatically collects and stores technical information in our database when you visit MaviBot.ai. This includes your IP address, time of visit, browser type, operating system, and other similar data. This data is necessary for the correct display of the website’s content. It is impossible to identify the person of the visitor using this data. Children’s personal information If you are a parent or a legal guardian of an underage child, and you know that the child has provided us with their personal information without your consent, please contact us on: [email protected]. It is forbidden to enter personal data of underage users without the agreement of parents or lawful guardians. Cookies We use cookies solely for authorization and logging into your account. This means that after your initial registration on the Company's Website or after your first login on the Company's Website from any device page 8 of 10 or browser, you will be able to automatically log into your account on that specific device and browser during subsequent visits. If you clear your browser's cache on that device, the cookies will also be cleared, and your login session will be terminated. The Company does not use cookies for any other purposes. Furthermore, the Company guarantees that it does not use cookies to track users or to display any advertising to users. Processing of Personal Data by Other Services This website uses third-party online services, which perform data collecting, independent from us. Such services include: , partnership programs, analytical services. Data collected by these services may be provided to other services within those organizations. They can use the data for advertising personalization of their own advertising network. You can learn about user agreements of those organizations on their websites. You can also refuse their collection of your personal data. For example, Google Analytics Opt-out Browser Add-on can be found here. We do not pass any personal data to other organizations or services, which are not listed in this privacy policy. As an exception, the collected data may be provided on a lawful request of state authorities that are authorized to request such information. Links to Other Websites Our website MaviBot.ai may contain links to other websites, which are not under our control. We are not responsible for the content of these websites. We recommend you familiarize yourself with the privacy policy of every website that you visit, if such policy exists. Changes to the Privacy Policy From time to time, our website MaviBot.ai may update our Privacy Policy. We inform you about any changes to the privacy policy, placed on this webpage. We are monitoring any changes in legislation, which is related to personal data in the European Union and the UAE. If you have entered any of your personal data on our website, we will inform you about the changes in our privacy policy. If your personal data, and more specifically, your contact information was entered incorrectly, we will not be able to contact you. Feedback and Final Clauses You can contact the administration of MaviBot.ai regarding any questions related to privacy policy on: [email protected], or by filling a contact form specified in a corresponding section of this website. If you do not agree with this privacy policy, you cannot use the services of MaviBot.ai. In this case you should avoid visiting our website Data Protection and Security Measures The Company develops and continuously employs various security measures to protect data. These measures are divided into two categories: technical security measures and organizational security measures. The technical measures for the protection of personal data include: page 9 of 10 1. a firewall (such as Cloudflare), that blocks external access to the database and the software — a system designed to prevent unauthorized access through the information and telecommunications network (the Internet); 2. a request verification service (SmartCaptcha) used to identify real users and prevent unauthorized access to the service by malicious bots; 3. access restriction through authentication mechanisms in the database using software tools and methods; 4. access restriction to the server via Linux OS tools, including configuring security parameters of configuration files: users, user groups, and processes using built-in system permissions and user groups; 5. working with the database using ORM; 6. IP-based access restriction; 7. a developed user account access system — two-factor authentication; 8. validation of usernames, passwords, and email addresses entered during registration and authentication; 9. checking email addresses for spam using spam filters and for other suspicious activities associated with the given email address; 10. the use of secure hosting services, which provide: a) object version locking (object lock); b) encryption of objects (object storage), ensuring prevention of accidental or intentional publication of content in the information and telecommunications network (the Internet); c) TLS protocol, ensuring security data transmission; d) access policy for secure management of resource access; e) setting access keys; f) others. Organizational measures for the protection of personal data include: 1. issuance of internal organizational acts concerning the processing and protection of personal data, and familiarization of employees to perform their job functions and fulfill duties established by job regulations and/or employment contracts; 2. determination of the scope and list of personal data; 3. development and implementation of the Privacy Police within the organization; 4. establishment of access rules and logging of accesses to the administrative part of the "MaviBott" software; 5. organization of activities to search for and identify software vulnerabilities by technical staff possessing specialized knowledge and skills; 6. establishment of methods for preventing unauthorized access and a set of measures to prevent security incidents; 7. informing users by: ● issuing recommendations for setting password complexity levels and enabling two-factor authentication; ● reminding the "MaviBot" software users about the prohibition of sharing passwords and access credentials to their accounts with third parties; 8. warning users by providing information in documentation about potential risks associated with sharing account access with third parties. These recommendations are publicly available on the documentation website; page 10 of 10 9. conducting training sessions for organization employees on ensuring the protection and security of personal data when using the "MaviBot" software; 10. establishing rules and requirements for emergency system recovery and backup of the "MaviBott" software system; 11. ensuring the transmission of closing documents (UPD), acts and invoices for payment, other payment orders, and documents containing personal data of personal data subjects, as well as the storage of electronic documents containing personal data and transferred for processing, via the operator’s secure electronic document management channel. MaviBot L.L.C-FZ Company Address: Meydan Grandstand, 6th floor, Meydan Road, Nad Al Sheba, Dubai, U.A.E. 09/09/2025