Privacy Policy
العربيةLast updated: 9 March 2026
StartupUAE.guide ("we", "us", "our") operates the website www.startupuae.guide. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and, where applicable, the EU General Data Protection Regulation (GDPR).
1. Data We Collect
| Data | Source | Purpose |
|---|---|---|
| Name & email address | LinkedIn / Google OAuth login | Account authentication |
| Email & city preference | Newsletter subscription form | Sending relevant updates |
| Listing submissions | Submit form (name, type, website, description) | Curating the directory |
| Feedback messages | In-app feedback widget | Improving the product |
| Page views & click events | Automatic (anonymized) | Analytics & improving content |
| Session recordings | Microsoft Clarity | Understanding user experience |
2. Legal Basis for Processing
Under the UAE PDPL and GDPR, we process your data based on:
- Consent — when you sign in via LinkedIn/Google, subscribe to our newsletter, or submit feedback.
- Legitimate interest — anonymized analytics to improve our service.
- Contractual necessity — to provide the service you signed up for.
3. Cookies & Tracking
We use the following cookies and tracking technologies:
- Authentication cookies (Supabase) — essential for keeping you signed in. These are strictly necessary and cannot be disabled.
- Microsoft Clarity — session recording and heatmaps to understand how users interact with the site. Clarity may record mouse movements, clicks, and scrolling. No passwords or sensitive input fields are recorded.
- Google Analytics & Firebase Analytics — anonymized page view and event tracking.
- Vercel Analytics & Speed Insights — anonymized performance monitoring.
4. Third-Party Services
We share data with the following third-party processors:
- Supabase (database & authentication) — hosted in AWS, Singapore region
- Vercel (hosting & analytics) — global CDN
- Google (OAuth & Analytics) — USA
- LinkedIn (OAuth) — USA
- Microsoft Clarity (session analytics) — USA
By using our service, you consent to the transfer of your data to these processors outside the UAE, in accordance with Article 22 of the PDPL. Each processor maintains appropriate data protection measures.
5. Data Retention
- Account data — retained while your account is active. Deleted within 30 days of account deletion request.
- Newsletter subscriptions — retained until you unsubscribe.
- Analytics data — retained for up to 26 months (Google Analytics default), then automatically deleted.
- Feedback & submissions — retained indefinitely for product improvement, unless you request deletion.
6. Your Rights
Under the UAE PDPL (and GDPR for EU residents), you have the right to:
- Access your personal data we hold
- Rectify inaccurate or incomplete data
- Delete your personal data ("right to be forgotten")
- Restrict or object to processing of your data
- Data portability — receive your data in a machine-readable format
- Withdraw consent at any time
- Lodge a complaint with the UAE Data Office
To exercise any of these rights, email us at hello@startupuae.guide. We will respond within 14 days.
7. Data Security
We implement appropriate technical and organizational measures to protect your data, including HTTPS encryption, secure authentication via OAuth 2.0, row-level security on our database, and Content Security Policy headers.
8. Children's Privacy
Our service is not directed at individuals under 18 years of age. We do not knowingly collect personal data from children.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of material changes by posting the updated policy on this page with a new "Last updated" date.
10. Contact
For privacy-related inquiries, contact us at: hello@startupuae.guide