At Buzzin, we are working hard to make access to residential and commercial buildings, communities and campuses easier, quicker and more secure. Looking after the personal data you share with us is a hugely important part of this. We want you to be confident that your data is safe and secure with us, and that you understand how we use it to offer you our Solution / App.
This page is used to inform visitors regarding our policies with the collection, use, and disclosure of personal data if anyone decides to use our Solution / App. If you choose to use our Solution / App, then you agree to the collection and use of information in relation to this policy. The Personal Information that we collect is used for providing the Solution / App. We will not use or share your information with anyone except as described in this Privacy Policy. The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, which is accessible at www.buzzin.ae unless otherwise defined in this Privacy Policy.

1. What this policy covers

The data controller (who determines the purpose and manner in which your personal data is used) is Buzzin FZCO (referred to in this policy as “the Company”, “we” or “us”).
We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. That is why we have developed this Privacy Policy (“Policy”), which:
Sets out the different ways you interact with us and the types of personal data that we collect;

• Explains the reasons why we use the data we collect;
• Explains when and why we will share personal data with other organizations;
• Explains the rights and choices you have when it comes to your personal data.

This Policy applies to you if you use our Solution / App (referred to in this Policy as “our Services”). Using our Services means providing access to third parties, managing access and receiving access to residential and commercial buildings, communities and campuses ( “Buzzin Access-Controlled Premises”), or otherwise using our website (“our Website”) or mobile applications (“our Apps”) where this Policy is posted.
This Policy also applies if you contact us or we contact you about our Services. Our Website or App may contain links to other websites operated by other organisations that have their own privacy policies. Please make sure you read the terms and conditions and privacy policy carefully before providing any personal data on a website as we do not accept any responsibility or liability for websites of other organisations.

2. Personal data we collect when we interact with you

This section tells you what personal data we may collect from you when you use our Services and what other personal data we may receive from other sources.

3. Types of data

We amend these terms from time to time. Every time you wish to use our Solution/App, please check these terms to ensure you understand the terms that apply at that time.

4. When you register for our Services

You may provide us with:

• Your personal details, including your email address, phone number and Emirates ID
• Your account login details, such as your username and the password that you have chosen

We may collect:

• Identity data
• Contact data
• Technical data
• User data
• Communications data

5. When you use our Apps

We may collect:

• Information about access (for example, access to a Buzzin Access-Controlled Premise you have received by another App user, or access that you have given to a guest whether they are an App user or not)
• Information about any devices you have used to access our Services (including the make, model and operating system, IP address, browser type and mobile device identifiers)

What type of data might be collected:

• Identity data
• Contact data
• Access data
• Technical data
• User data
• Interaction data
• Communications data

6. When you browse our Website

We may collect:

• Information about any devices you have used to access our Services (including the make, model and operating system, IP address, browser type and mobile device identifiers).
• Information about your online browsing behaviour on our Website.

What type of data might be collected:

• Technical data
• Interaction data

7. When you contact us or we contact you or you take part in surveys or reviews about our Services

We may collect:

• Personal data you provide about yourself anytime you contact us about our Services (for example, your name and contact details), including by phone or email or when you speak with us through social media.
• Details of the emails and other digital communications we send to you that you open, including any links in them that you click on.
• Your feedback and contributions to customer surveys or reviews.

What type of data might be collected:

• Identity data
• Contact data
• User data

8. When you visit a Buzzin Access-Controlled Premise

We may collect:

• Image of you which may be captured on our app.
• Personal data you provide about yourself. if you have not previously registered on the App.
• Details of time and location of access.

What type of data might be collected:

• Access data
• Identity data
• Contact data
• Technical data
• User data
• Communications data

Other sources of personal data:

We may also use personal data from other sources, such as the building management that supplies us with residents’ information, or when an access invite has been sent to you by a Buzzin user. For example, this other personal data helps us to:

• Manage your access (including you providing access to third parties).
• Review and improve the accuracy of the data we hold.
• Improve and measure the effectiveness of our access systems.

9. Why we collect the data we collect and why we are allowed to use that personal data

This section explains in detail how and why we use personal data. We use personal data to:

Make our Services available to you

This means that processing your personal data allows us to manage the account you hold with us and process your access, access you have provided to others, etc.

Why do we process your personal data in this way? We need to process your personal data so that we can manage your access, provide your guests with access, and help you with any issues or questions you have.

Why are we using this data?

• Contractual Obligations – we will not be able to provide you with our Service if you do not provide us with this data
• Legitimate Interests

Detect and prevent unauthorized access

This means that processing your personal data allows us to process your access and access you have provided to others, to protect Buzzin Access-Controlled Premises from unauthorized access. If you access by car, we may utilize Automatic Number Plate Recognition Technologies (ANPR) to identify if your vehicle has approved access.

Why do we process your personal data in this way?

We need to process your personal data so that we can manage your access and provide your guests with access.

Why are we using this data?

• Contractual Obligations – we will not be able to provide you with our Service if you do not provide us with this data
• Legitimate Interests

Contact and interact with you

This means that processing your personal data allows us to contact you about our Services, invite you to take part in and manage customer surveys and reviews,

Why do we process your personal data in this way?

We want to serve you better as a customer so we use personal data to provide clarification or assistance in response to your communications. We may also carry out research to improve our Services. However, if we contact you about this, you do not have to take part in the activities. If you tell us that you do not want us to contact you for market research, we will respect this choice. This will not affect your ability to use our Services.

Why are we using this data?

Our Legitimate Interests and Contractual Obligations in processing your personal data.

Where we have mentioned above our use of your personal data is based on our “Legitimate Interests”, these are:

• To protect and support residential and community management and security;
• To promote and market our Services;
• To service your account, manage complaints and resolve any issues. Where we have mentioned above our use of your personal data is based on our “Contractual Obligations”
• To service the needs of our customers in managing access of Buzzin Access-Controlled Premises
• To service our users’ needs, including providing access to Buzzin Access-Controlled Premises to their guests and to service companies.

10. Sharing personal data with Retail Partners and Service Providers

This section explains how and why we share personal data with Service Providers. When we share personal data with these companies, we require them to keep it safe, and they must not use your personal data for their own marketing purposes.

We work with service providers who are managing Buzzin Access-Controlled Premises. We also work with carefully selected service providers that carry out certain functions on our behalf. These include, for example, companies that help us with technology services, storing, combining and analysing data. We only share personal data that enable our service providers to provide their services. One example of our service providers is Amazon Web Services.

11. Sharing personal data with other organisations

This section explains how and why we share personal data with other organisations.

We may also share personal data with other organisations, such as:

• If the law or a public authority says we must share the personal data or for the administration of justice;
• If we need to share personal data in order to establish, exercise or defend our legal rights;
• Where we restructure, sell or transfer our business (or a part of it).

12. How we protect your personal data

We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place.

• We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
• We protect the security of your information while it is being transmitted by encrypting it;
• We use computer safeguards such as firewalls and data encryption to keep this data safe;
• We only authorize access to employees and trusted partners who need it to carry out their responsibilities;
• We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security;
• We will ask for proof of identity before we share your personal data with you.

Whilst we take appropriate technical and organisational measures to safeguard your personal data, it is important that you keep your login details and devices protected from unauthorised access.

The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. If we do this, we ensure that your privacy rights are respected in line with this Policy. The most common way we do this is to put in place a specific type of contract, a copy of this type of contract can be found here or through an approved scheme such as the Privacy Shield.

13. How long we use personal data for

We will not keep your personal data longer than we need to, and will only use your personal data for the purposes set out in this Policy. We will always keep your personal data in accordance with applicable legal and regulatory requirements.
In most circumstances this means we will not keep your personal data for more than 5 years after the end of your relationship with us. However, for certain data sets we have the following retention periods:

• Customer complaints and feedback will be deleted 3 years after the date of last communication.
• Information you submit when participating in research panels/market surveys will be deleted 3 years after its creation.
• Images captured by ANPR will be deleted 1 year after its creation.
• Incident reports (such as unauthorized access) will be deleted 5 years after their creation.
• Where your personal data is needed because we are in serious dispute with you (such as litigation), your personal data will be deleted 5 years after closure of the matter.

14. Cookies and similar technologies

We do not use cookies and similar technologies, such as tags and pixels (“cookies”).

15. Subject access rights

You have the right to see the personal data we hold about you. This is called a Subject Access Request. If you would like a copy of the personal data we hold about you, please email: compliance@buzzin.ae

16. Other data protection rights

In relation to your personal data, you also have the right to have inaccurate information corrected. If you believe we hold inaccurate or missing information, please let us know and we will correct it.

Object to our use of it.

• General objection: We will then consider your objection to our use of your personal data. If on balance, your rights outweigh our interests in using your personal data, then we will at your request restrict our use of it. However, it should be noted we cannot offer you our Services if you object.
• Objection in relation to direct marketing: If you make such an objection, we will stop using your personal data for direct marketing purposes.

Restrict our use of it: There are several situations when you can restrict our use of your personal data, this includes (but is not limited to):

• You have successfully made a general objection (as detailed above).
• You are challenging the accuracy of the personal data we hold.
• We have used your personal data unlawfully, but you do not want us to delete it.

Have us delete it: There are several situations when you can have us delete your personal data, this includes (but is not limited to):

• We no longer need to keep your personal data;
• You have successfully made a general objection (as detailed above);
• You have withdrawn your consent to us using your personal data (and we do not have any other grounds to use it);
• We have unlawfully processed your personal data.

It should be noted that, upon request, we will delete all personal data except personal data which is part of Buzzin Access-Controlled Premise’s access log. The access log includes information on your access, your name and you ID number, and will be kept in line with data retention requirements of the Buzzin Access-Controlled Premise.

Have us provide you with a copy of it. We will request to see an identification document to confirm your identity before we provide you with a copy.

17. How to contact us

If you have any questions about how we collect, store and use personal data please contact us by email: compliance@buzzin.ae

18. Right to Policy amendments

We reserve the right to change the policy at any time, so please check back regularly to keep informed of updates to this Policy.