top of page

PRIVACY POLICY

Last updated: January 1st, 2026

1. SCOPE AND APPLICABLE LAW

This Privacy Policy applies to the processing of personal data by Hipibi in connection with its consultancy services, business operations, conferences and events, websites, applications, and communications that link to this Privacy Policy.

This Privacy Policy is intended to comply with applicable data protection laws, including:

  • UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL);

  • EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR);

  • UK GDPR and the UK Data Protection Act 2018;

  • California Consumer Privacy Act (CCPA), where applicable.

Where local mandatory laws impose higher or additional requirements, those requirements shall prevail.

2. DATA CONTROLLERS

For the purposes of applicable data protection laws:

  • Hipibi LLC, Office 10, Level 1, Sharjah Media City, Sharjah, UAE, acts as the primary Data Controller for operations in the Middle East and globally, unless otherwise specified.

  • Hipibi Ventures LTD acts as an independent or joint Data Controller for activities conducted in the United Kingdom and the European Economic Area, where applicable.

Where Hipibi entities act as joint controllers, responsibilities are allocated in accordance with Article 26 of the GDPR.

3. INFORMATION WE COLLECT

Hipibi collects personal data in the course of its business activities, including consultancy services, client engagement, events, recruitment, and website usage.

Personal data may include, depending on the context:

  • Identification and contact details (e.g., name, email address, telephone number);

  • Professional and employment information;

  • Business correspondence and communications;

  • Marketing and communication preferences;

  • Technical data, including IP address, device identifiers, browser type, and usage data;

  • Recruitment-related information, such as resumes and background information.

Hipibi does not intentionally collect special categories of personal data unless required by law or explicitly provided by individuals with appropriate safeguards in place.

4. COOKIES AND TRACKING TECHNOLOGIES

Hipibi uses cookies and similar tracking technologies to operate, secure, and improve its websites and digital services.

Where required by applicable law, non-essential cookies (including analytics and marketing cookies) are used only after obtaining user consent. Users may manage or withdraw their cookie preferences at any time via the cookie preference center.

For further information on the types of cookies used and their purposes, please refer to our Cookie Policy.

Hipibi does not engage in cross-site behavioral advertising without consent.

 

5. PURPOSES AND LEGAL BASES FOR PROCESSING

Hipibi processes personal data for the following purposes and on the following legal bases, as applicable:

  • Contractual necessity: to provide consultancy services, manage client relationships, administer events, and process applications.

  • Legitimate interests: to operate and improve our business, conduct B2B marketing, prevent fraud, ensure network and information security, and improve service quality.

  • Consent: to send newsletters, marketing communications, and to deploy non-essential cookies where required.

  • Legal obligation: to comply with applicable legal, regulatory, tax, and corporate governance requirements.

Where processing is based on legitimate interests, individuals have the right to object to such processing.

6. PROFILING AND AUTOMATED DECISION-MAKING

Hipibi may conduct limited analytics and benchmarking activities to improve its services. Hipibi does not engage in automated decision-making or profiling that produces legal or similarly significant effects on individuals.

 

 

7. DISCLOSURE OF PERSONAL DATA AND INTERNATIONAL TRANSFERS

 

Personal data may be shared with Hipibi subsidiaries, affiliates, and authorized personnel, as well as with third-party service providers who process data on our behalf in accordance with contractual obligations and applicable law.

Hipibi may also disclose personal data where required to do so by law, legal process, or regulatory authorities, or where necessary to protect legal rights, prevent fraud, or ensure compliance.

International transfers of personal data are carried out using appropriate safeguards, including:

  • EU Standard Contractual Clauses;

  • UK International Data Transfer Agreements;

  • Adequacy decisions where applicable;

  • Intra-group data transfer agreements.

Hipibi does not rely on consent as the primary legal basis for routine international data transfers.

 

 

8. DATA RETENTION

 

Hipibi retains personal data in accordance with documented retention schedules, including:

  • Client data: for the duration of the contractual relationship and up to seven (7) years thereafter;

  • Marketing data: up to twenty-four (24) months from the last interaction;

  • Recruitment data: up to twelve (12) months;

  • Legal and compliance records: for periods required by applicable law.

Data may be retained for longer periods where necessary to establish, exercise, or defend legal claims.

 

9. DATA SECURITY

 

Hipibi implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or destruction. Access to personal data is limited to authorized personnel and service providers who are subject to confidentiality obligations.

While reasonable safeguards are in place, no data transmission or storage system can be guaranteed to be completely secure.

 

10. CHILDREN'S PRIVACY

The Sites are not designed for or directed at children under the age of 16 (or such lower age as permitted by applicable law). Hipibi does not knowingly collect personal data from children.

 

11. YOUR RIGHTS

Depending on your jurisdiction, you may have the right to:

  • Request access to your personal data;

  • Request correction of inaccurate or incomplete data;

  • Request deletion of personal data;

  • Request restriction or object to processing;

  • Withdraw consent at any time, where processing is based on consent;

  • Request data portability (EU/UK only).

Requests may be submitted to privacy@hipibi.com. Hipibi will respond to verified requests within thirty (30) days, unless an extension is permitted by law.

 

12. COMPLAINTS AND SUPERVISORY AUTHORITIES

 

You have the right to lodge a complaint with the relevant supervisory authority, including:

  • The UAE Data Office;

  • The data protection authority of your EU member state of residence;

  • The UK Information Commissioner’s Office (ICO).

 

13. CALIFORNIA PRIVACY RIGHTS

This section applies only where Hipibi qualifies as a “business” under the California Consumer Privacy Act.

California residents may have the right to request information regarding the categories and specific pieces of personal data collected, disclosed, or sold, as well as the right to request deletion of personal data, subject to legal limitations.

Requests may be submitted to privacy@hipibi.com

14. CHANGES TO THIS PRIVACY POLICY

Hipibi may update this Privacy Policy from time to time. Material changes will be communicated through the Sites or by other appropriate means where required by law. Continued use of the Sites following updates constitutes acceptance of the revised Privacy Policy.

15. CONTACT US

 

If you have any questions about this Privacy Policy or our data protection practices, please contact:

Hipibi LLC
Office 10, Level 1
Sharjah Media City
Sharjah – United Arab Emirates
📧 privacy@hipibi.com

bottom of page