Privacy Policy

I. Introduction

A. Privacy Commitment

At AFIA Insurance Brokerage Services LLC, which operates under the names "InsuranceMarket.ae™", "800 Alfred", and "Alfred", we prioritise your privacy. Our commitment extends beyond mere compliance; we aim to safeguard the confidentiality, integrity, and security of all personal information we collect, use, and store. This Privacy Policy outlines our stringent data protection practices and reflects our dedication to upholding the highest privacy standards for all our clients and users.

B. Scope of Privacy Policy

In full compliance with Federal Decree-Law No. 45/2021 regarding the Protection of Personal Data within the United Arab Emirates, our commitment extends to personal and non-personal data we collect. Operating under UAE jurisdiction, we ensure that every individual engaging with our services is protected under UAE law. This Privacy Policy specifies the various types of information we collect, including personal data like identification and financial details and non-personal data such as usage statistics. We clearly explain why we collect this data, the legal grounds for its processing, and the stringent measures we implement to protect it, ensuring compliance with UAE's rigorous data protection standards.

Our commitment extends to upholding the rights of our users, customers, and other concerned persons, as specified under UAE laws. These rights include but are not limited to the Right to Access to Information, the Right to Request Personal Data Portability, the Right to Rectification or Erasure of Personal Data, the Right to Restriction of Processing, and the Right to Processing and Automated Processing.

Furthermore, this Privacy Policy encompasses provisions related to Cross-Border Data Transfer, as per the guidelines stipulated under the UAE personal data protection law. It outlines the conditions under which personal data may be transferred to countries with similar or different data protection legislation in adherence to bilateral or multilateral agreements and other legal requirements.

The policy applies to all interactions with our users, online and offline, involving our websites, mobile applications, products, or services that refer to or link to this Privacy Policy. The UAE Data Office, as the federal data regulator in the UAE, may monitor our compliance with this policy, and we are obliged to follow their policies, legislations, and guidelines.

By engaging with us through any of these platforms, you consent to the terms outlined in this Privacy Policy and agree to comply with the respective rights and responsibilities. Any violation of these terms may lead to legal action or other penalties deemed appropriate under the prevailing UAE laws.

For more detailed information on specific rights, responsibilities, and procedures, please refer to the complete text of this Privacy Policy and the relevant legal documents.

C. Websites covered

This Privacy Policy applies exclusively to the websites and mobile applications operated by our company, including: a. https://insurancemarket.ae (the 'Site') b. Insurance Wallet on the myAlfred mobile application (the 'App') Together, these are known as the 'Services.' This policy governs our privacy practices across these platforms. It is important to note that this Privacy Policy does not extend to any third-party websites, applications, or services linked to our Services. We strongly recommend that you review the privacy policies of these third-party entities to understand their procedures for collecting, using, and safeguarding personal information.

D. Employee access to data

1. We are committed to maintaining strict controls over who can access the data we collect from our users. 2. Our employees, as well as employees of other companies involved in providing the Services, are prohibited from accessing or viewing user data except when necessary to fulfil their job duties and only to the extent required for those purposes. 3. We have implemented rigorous access controls and security measures to ensure that user data is shared only between systems and solely to provide a seamless experience across our platforms and services. By doing so, we strive to maintain user privacy and protect their information from unauthorised access.

E. Definitions

1. Personal Data: Any data relating to a natural person who can be identified directly or indirectly by linking data, including but not limited to name, voice, picture, identification number, electronic identifier, geographical location, or physical, physiological, economic, cultural, or social characteristics.

2. Sensitive Personal Data: Data that directly or indirectly reveal a natural person's family or ethnic origin, political or philosophical opinions or religious beliefs, criminal record, biometric data, and any data relating to a natural person's health.

3. Controller: A person or entity that determines the method and criteria for processing personal data and the purpose for the processing.

4. Processor: An entity that processes personal data on behalf of, under the direction of, and in accordance with the controller's instructions.

5. Processing: Any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.

6. Data Subject: A natural person whose personal data is processed.

7. Data Protection Officer (DPO): An individual appointed by the controller or processor to ensure compliance with high-risk processing activities as required by the Law.

8. Data Breach: Any breach that would prejudice a data subject's privacy, confidentiality, and security.

9. Consent: A clear, simple, unambiguous, and easily accessible agreement made by the data subject through a statement or clear affirmative action, either in writing or electronically, to process their data.

10. Cross-Border Data Transfer: The transfer of personal data to countries outside the UAE, subject to the rules and mechanisms provided in the Law.

11. Anonymization: The process of rendering data so that it can no longer be associated with a specific data subject.

12. Pseudonymization: The processing of personal data so that it can no longer be attributed to a specific data subject without additional information.

13. Third-Party: Any individual, company, or entity other than the data subject, controller, or processor authorised to process personal data.

14. Cookies are small text files stored on a user's device by a web browser. They are used to track user activity and preferences.

15. Automated Processing: Processing personal data without human intervention, often involving algorithms or other automated means.

16. Profiling: Any form of automated processing of personal data to evaluate, analyse, or predict aspects concerning a natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements.

17. Data Portability: The right of the data subject to receive personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format.

18. Data Erasure (Right to be Forgotten): The right of the data subject to request the deletion or removal of personal data when there is no compelling reason for its continued processing.

19. Information Security: The practice of protecting information by mitigating information risks, including using physical and technical measures to protect personal data from unauthorised access, use, disclosure, disruption, modification, or destruction.

20. Service Providers: Third-party companies or individuals employed by the controller to facilitate the service, provide the service on behalf of the controller, or assist in analysing how the service is used.

21. User: Any individual who interacts with the services provided by the controller, including visitors, customers, clients, and other users of the service.

22. Children's Data: Personal data related to individuals under the age of consent as defined by applicable laws, often requiring special protection and consent mechanisms.

23. Legitimate Interests: A lawful basis for processing personal data necessary for the legitimate interests pursued by the controller or a third party.

24. Aggregated Data: Data that has been combined and processed to provide generalised information, often used for statistical analysis, and does not identify individual data subjects.

II. Personal Identification Information

A. Anonymous browsing

Our Services support anonymous browsing, allowing you to explore and navigate without the need to provide personal identification information. This feature is designed to ensure that you can access our Services without any obligation to reveal personally identifiable details unless you choose to engage more deeply with our offerings.

B. Voluntary data submission

1. Registration When you submit personal identification information through our Services—whether by registering for an account or signing up—you do so with explicit consent. We ensure that you are fully informed about why we collect your data and how it will be used. This transparency aims to provide a personalised experience and facilitate access to our features and services tailored to your needs.

2. Information requests Users may also voluntarily provide personal identification information when requesting information about our products and services. This enables us to respond to their inquiries with greater accuracy and efficiency.

3. Form submissions We collect personal identification information through form submissions on our Services, which may include feedback forms or support requests. This allows us to directly address your concerns and enhance the quality of our Services based on your inputs.

4. Data Retention Policy Our policy is to retain user data indefinitely to ensure a seamless and efficient experience for returning clients. This facilitates the reuse of our services without the need for repeated data submissions. We adhere to user privacy rights diligently; you may request the deletion of your data at any time, following applicable regulations. Please be aware that deleting certain data may affect your ability to utilise our services fully.

C. Data fields collected

1. Name: To personalise user experience and address them properly in our communications.

2. Email address(es): For sending account-related communications, promotional materials, or other information they have requested.

3. Phone Number(s): To contact users regarding their inquiries or provide support when needed.

4. Device Information: Information about the user's device, including the operating system and browser name, to optimise our Services for different devices and platforms.

5. Financial Information: If applicable, for processing payments and transactions related to our Services.

D. Consequences of not providing information

Users can withhold personal identification information; however, this may limit their ability to access certain features and services or engage in specific activities on our Services. We strive to balance user privacy with the best possible experience, and users are encouraged to provide the necessary information to access the full range of our Services.

E. Third-party data acquisition

We do not acquire personal identification information directly from third parties. We only collect information that users voluntarily submit to us and ensure that their data is protected according to this Privacy Policy.

III. Non-personal Identification Information

1. Browser Name: Information about the web browser used by the user, helping to analyse trends and improve our Services.

2. Operating System: Details about the user's operating system to optimise our Services for different devices and platforms.

3. Usage Information: Data related to how users interact with our Services, including pages visited, time spent, links clicked, and other usage statistics.

4. IP Address: The Internet Protocol (IP) address of the user's device, used for diagnostics and analytics but not linked to personal identification.

5. Geolocation Data: General location information based on the user's IP address used to provide localised content and services.

6. Device Information: Information about the user's device, such as device type, screen size, and model, to enhance user experience.

7. Cookies and Similar Technologies: Data collected through cookies, pixel tags, and other tracking technologies to understand user preferences and tailor content.

8. Referral URLs: Information about the webpage that led the user to our Services, helping to understand user navigation and interests.

9. Connection to User Identity: Non-personal identification information is not connected to the user's identity and cannot be used to identify or trace them as an individual.

10. Aggregated Data: Combined data that may include statistics, demographics, and other information that does not reveal a user's specific identity.

11. Third-Party Analytics: We gather diverse non-personal identification information related to your interactions with our Services, including browser types, operating systems, IP addresses, and usage patterns. This data, which is not linked to your identification, helps us enhance the functionality and accessibility of our Services.

12. Server Logs: Information collected by our servers, including request times, pages requested, HTTP status codes, and other server-related information.

13. Security Information: Data related to user interactions with security features, such as authentication methods and access controls.

IV. Usage of "Cookies"

A. Purpose of cookies

Cookies are employed to improve your experience on our Services, identify repeat visitors, track user behavior, and gather aggregate data about site traffic and interactions. This aids in refining our Services and developing better tools and experiences in the future.

B. Browser settings

You can adjust your browser settings to decline cookies or receive alerts when cookies are being sent. This gives you control over your cookie preferences and enhances your privacy measures.

C. Impact on site functionality

Restricting or refusing cookies may result in a loss of functionality in certain areas of our Services. Users should be aware that their choice to restrict cookies could impact the overall experience and may limit their access to specific features or services.

V. Data Collection Purposes

We collect both personal and non-personal identification information to serve multiple objectives: enhancing customer service by responding more effectively to your service requests and support needs, improving our website through more tailored features and content, and providing you with periodic updates, promotions, and other relevant information to keep you informed and engaged with our services.

A. Customer service improvement

1. Collecting personal identification information allows us to deliver efficient and accurate customer service by responding promptly to user requests and inquiries.

2. This data helps us identify areas for improvement and enables us to understand our users' needs better.

B. Site enhancement

1. By collecting non-personal identification information and user feedback, we can continuously refine and optimise our Services to offer a more user-friendly and engaging experience.

2. This information allows us to make data-driven decisions and prioritise updates that benefit our users the most.

C. Periodic communications

1. We may use collected data to send users periodic communications regarding promotions, updates, or other relevant information.

2. These communications are designed to keep users informed and engaged, and users can opt out of receiving them at any time.

VI. Data Protection

A. Collection, storage, and processing measures

We employ robust security measures to protect your personal information whenever you enter, submit, or access it through our Services. These measures are designed to prevent unauthorised access, disclosure, and other risks to ensure the safety and privacy of your data.

B. Security measures against unauthorised access or alteration

1. We employ various security measures, including encryption, access controls, and secure server environments, to protect user data from unauthorised access, alteration, or misuse.

2. Our security protocols are regularly reviewed and updated to maintain the highest level of protection for our users' information.

C. Data retention policy

1. We retain personal information only for the duration necessary to fulfil the purposes described in this Privacy Policy. Subsequently, the information is either securely disposed of or anonymised to prevent potential misuse, aligning with best data management and protection practices.

2. When data is no longer needed, we securely dispose of or anonymise it to prevent potential misuse or unauthorised access.

UAE Digital Laws

In compliance with the digital and data protection laws of the United Arab Emirates (UAE), we adhere to the following principles and regulations:

1. Electronic Transactions and Trust Services (Federal Law No. 1 of 2006):
Under the UAE's Law on Electronic Transactions and Trust Services, we recognise digital signatures as valid as handwritten signatures. This facilitates seamless and secure digital transactions, ensuring clients can confidently engage with our services online.

2. Online Security Law (Federal Decree-Law No. 34 of 2021 on Combatting Rumours and Cybercrimes): We are committed to upholding the UAE's Online Security Law standards. Our digital platforms are designed to protect against online crimes, unauthorised access, and the spread of misinformation. We prioritise the security of our public-facing digital assets and take measures to combat electronic fraud, ensuring the privacy and rights of our users.

3. Personal Data Protection Law (Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data): Abiding by the UAE's Personal Data Protection Law, we have established an integrated framework to safeguard the confidentiality of user information. We strictly adhere to the controls for processing personal data and fulfil our obligations as a data-handling entity. We also ensure that any cross-border transfer or sharing of personal data for processing purposes meets the requirements set by the law.

4. UAE Data Office Compliance: We recognise the role of the UAE Data Office, established under the directives of the UAE government, in ensuring the protection of personal data. While we operate autonomously, we align our data protection policies and practices with the guidelines and instructions issued by the UAE Data Office. We are dedicated to ensuring that our practices are transparent, secure, and fully compliant with the UAE's digital laws. Our commitment extends to regularly updating our policies in response to any legislative changes or updates in the UAE.

Liability Limitations:

While we employ the highest standards of security and adhere to stringent data protection regulations, there are inherent risks associated with online transactions and data storage. In the event of a data breach, unauthorised access, or any other unforeseen circumstance beyond our reasonable control:

1. Limited Liability: Our liability will be limited to the fullest extent permitted by law. This limitation applies as long as the company has taken all reasonable and necessary security measures to protect user data.

2. Notification: We commit to promptly notifying affected users in case of a confirmed security breach that may compromise personal data following applicable laws and regulations.

3. User Responsibility: Users are also responsible for ensuring the security of their account credentials and personal devices. We are not liable for breaches resulting from a user's negligence in safeguarding their data.

4. Dispute Resolution: Any disputes arising from these liability clauses will be resolved through arbitration or mediation, as detailed in our 'Dispute Resolution' section.

Users acknowledge and agree to these liability limitations and responsibilities by using our services.

VII. Data Sharing and Collaboration

To ensure the efficient delivery of our services, InsuranceMarket.ae collaborates with various entities, including myAlfred LLC. These collaborations are designed to facilitate specific requests, orders, and fulfilment of services tailored to your needs.

A. Current and Future Collaborations

We work closely with myAlfred LLC to manage and facilitate insurance and non-insurance transactions. In the future, we may partner with other entities to further enhance our service offerings. Any data shared with these entities is strictly to execute and deliver the services you have requested.

B. Data Handling and Security

Our commitment to your privacy and data security is paramount. We ensure that:

• Data sharing is limited to what is necessary to fulfil service requests.

• All partner entities are bound by confidentiality agreements to ensure the security and privacy of your data.

• Data transfers are encrypted and protected using the latest security protocols.

List of Collaborative Entities:

• myAlfred LLC: Engages in handling non-insurance-related transactions and rewards programs.

C. User Consent and Transparency

When you use our services, you agree to the controlled and secure sharing of your data with the entities listed under the terms outlined:

• You will always be informed when new entities are added to our collaboration list and will have the opportunity to review and consent to these changes.

• You can withdraw your consent to data sharing at any time, which may affect the delivery of certain services and accesses.

D. Changes to Collaborative Entities

We will update this section as our partnerships evolve and notify the entities with which we share data of any significant changes. This is part of our commitment to transparency and compliance with applicable data protection laws.

E. Legal Compliance and Data Protection

All data-sharing practices comply with the Federal Decree-Law No. 45/2021 on the Protection of Personal Data in the UAE and any other applicable regulations. We ensure that all collaborative entities adhere to similar data protection standards, regardless of location.

VIII. Unsolicited Communications

A. In-house marketing

1. We manage our marketing activities in-house and are committed to providing users with relevant, targeted communications.

2. Our marketing team carefully curates content and promotional materials to ensure they align with user interests and preferences.

B. Subscription-based communications

1. We offer subscription-based communications, including newsletters, promotional emails, and alerts, to users who have opted-in to receive them.

2. Users can manage their subscription preferences at any time to control the types of communications they receive.

C. Opt-out options

You have several rights concerning your data, including the right to access it, request corrections, and seek deletion of your data at any time. You can also opt out of future communications, giving you full control over your personal information and how it is used.

D. Employee guidelines on unsolicited messages

1. Our employees are trained and instructed not to send users unsolicited messages without their consent.

2. We take any complaints regarding unsolicited messages seriously and will take appropriate action to address any violations of our guidelines.

E. Complaint handling

1. We have a dedicated process to address any complaints regarding unsolicited communications or other violations of our Privacy Policy.

2. Users can report any concerns or complaints by contacting us through the appropriate channels, such as email or our customer support team.

3. Upon receiving a complaint, we will promptly investigate the matter, take appropriate corrective action if necessary, and respond to the user with an explanation of our findings and any steps taken to address the issue.

4. We are committed to maintaining transparency and open communication with our users, and we strive to promptly resolve any concerns or complaints to the best of our ability.

IX. Access and Control of Personal Information

A. Opting in and out of alerts and newsletters

Users can subscribe or unsubscribe from alerts, newsletters, and other promotional materials, ensuring control over the communications they receive from us. Users can manage their preferences through their account settings or by following the instructions provided in the communications.

B. Unsubscribing from promotional communications

Users can easily opt out of receiving promotional communications by clicking the "unsubscribe" link at the bottom of the email or by contacting our customer support team. Upon receiving an opt-out request, we will remove the user from our mailing list and cease sending promotional materials.

C. Updating or deleting personal information

Users can review, update, or request the deletion of their personal information by accessing their account settings or contacting our customer support team. We will respond to such requests promptly and take the necessary steps to fulfil the user's request.

D. Information retention after opt-out or deletion request

Once a user has opted out or requested the deletion of their personal information, we will not retain their data on our systems, except for the log/email of their request or as required by law. We may retain anonymised or aggregated data for analytical purposes, ensuring that it cannot be traced back to individual users.

E. Retention for legal or regulatory purposes

We may exclusively share your information with third parties as this Privacy Policy outlines. This may involve collaborating with service providers who help us enhance our services and comply with legal obligations that require information sharing with authorities., such as claims handling or liability insurance records. We will store such information securely and only for the duration necessary to fulfil these obligations. Access and Control of Personal Information: Users can access, rectify, erase, and port their data. We respect these rights and provide mechanisms for users to exercise them. Any requests related to user rights will be addressed promptly and transparently.

X. Information Sharing and Disclosure

A. Checks and exchange of information

We may perform checks or exchange information with various databases as part of our standard business operations, such as underwriting insurance products or verifying user identities. We will provide further details about these checks or exchanges within our website or in written communications with users.

B. Credit-referencing agency checks

We may conduct a credit check with a licensed credit-referencing agency as part of our underwriting process for certain products or services. This search will be recorded, and users will be informed of this process in advance.

C. Third-party data sharing policy

1. We maintain a strict policy of not selling, sharing, or disclosing customer data to third parties without the user's express consent or as required by law. We are committed to protecting the privacy and security of our user's personal information and take this responsibility seriously.

2. When we engage with third-party service providers, we carefully vet and select partners who share our data privacy and security commitment. We enter into contractual agreements with these providers that outline the terms of data protection, ensuring they comply with our privacy standards and applicable data protection laws.

3. We implement robust security measures and access controls to ensure that only authorised personnel have access to user data and that it is used strictly for the purposes outlined in our Privacy Policy. This includes regularly auditing our data management practices to identify and address potential risks or vulnerabilities.

4. In case of a data breach or unauthorised disclosure involving third parties, we will promptly notify affected users and take necessary steps to mitigate the impact, including working closely with the relevant authorities to investigate the incident and prevent its recurrence.

5. Any third-party data sharing will be subject to the third party's privacy policy and terms, which we encourage users to review. We remain transparent with our users about the third parties we engage with and the purposes for which their data may be shared, and we strive to ensure that our partners adhere to the highest data privacy and protection standards.

6. We continuously review and update our data protection policies and practices in response to evolving industry standards, regulatory requirements, and emerging threats, demonstrating our unwavering commitment to safeguarding our users' personal information from unauthorised access or disclosure.

D. Legal requirements for data disclosure

We may disclose user information to comply with legal obligations, protect our rights or property, or ensure the safety and security of our users and the public. In such cases, we will make every effort to notify users of the disclosure unless prohibited by law or court order.

XI. Third-Party Websites

A. Content linking to external sites

Our website may include links to external websites, services, or resources managed by third parties, provided solely for your convenience. Please be aware that these third-party sites operate independently from us and we do not control their content or privacy practices. We encourage you to review their privacy policies to understand how they handle your information. The myAlfred app and InsuranceMarket.ae are independent entities, and neither will store the other party's data. The app is designed to provide access to myAlfred rewards while allowing users to access their insurance information through the Insurance Wallet. The Company ensures that appropriate security measures are in place to protect user data and maintain the confidentiality of information shared between myAlfred and InsuranceMarket.ae. This secure data exchange enables users to enjoy a seamless experience across both platforms. Any data sharing between myAlfred and InsuranceMarket.ae will follow applicable privacy policies and data protection regulations, ensuring the highest privacy and security standards for users.

B. User responsibility for third-party site interactions

We are not responsible for any third-party websites' content, privacy practices, or terms and conditions. Users are responsible for their interactions and engagements with these third-party websites and should exercise caution when visiting them.

C. Encouragement to review third-party privacy policies

We encourage users to review the respective privacy policies of third-party websites to understand how they handle and protect user data, as their privacy practices may differ from ours.

XII. EU Residents/GDPR Policy

A. Rights of EU residents

We adhere to the General Data Protection Regulation (GDPR) standards for users residing in the European Union. This commitment ensures that EU residents can fully exercise their rights, such as accessing, correcting, deleting, and limiting data processing, aligning with the rigorous protections afforded under GDPR. These rights include:

1. Right to Access: EU residents have the right to request access to their data and obtain a copy.

2. Right to Rectification: EU residents can request the correction of inaccurate personal data.

3. Right to Erasure (‘Right to be Forgotten’): EU residents can request the deletion of their data in certain circumstances.

4. Right to Restrict Processing: EU residents can request the restriction of processing their data.

5. Right to Data Portability: EU residents can request the transfer of their data to another organisation.

6. Right to Object: EU residents can object to processing their personal data for direct marketing purposes.

7. Rights related to Automated Decision Making and Profiling: EU residents have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects concerning them.

B. Data access, use, and disclosure limitations

When dealing with an EU resident, our default policy is not to share data with anyone without express consent or unless authorised by law. We are committed to ensuring that the personal data of EU residents is protected following GDPR requirements. We also ensure that any third-party service providers we work with are GDPR compliant.

C. Requesting access or limiting data use and disclosure

EU residents can refer to the "Access and Control of Personal Information" section in our Privacy Policy to learn more about requesting access to, modifying, or limiting the use and disclosure of their data.

D. Data Transfer Outside the EU:

We ensure that any transfer of personal data outside the European Union is done with adequate safeguards in place, as required by the GDPR. This includes ensuring that the country where the data is being transferred has adequate data protection laws or that the organisation receiving the data has implemented standard contractual clauses or binding corporate rules.

E. Data Protection Officer (DPO):

We have appointed a Data Protection Officer (DPO) to oversee our GDPR compliance efforts. EU residents can contact the DPO directly for any concerns or queries related to their data.

F. Breach Notification:

In the unlikely event of a data breach that might jeopardise the rights and freedoms of EU residents, we commit to notifying the affected individuals and the relevant supervisory authority within 72 hours of becoming aware of the breach.

XIII. Consent and Inquiries

A. Acceptance of Privacy Policy terms

Users accept the terms and conditions of this Privacy Policy by using our website and agreeing to the relevant terms and conditions checkbox.

B. Policy updates and notifications

We may update this Privacy Policy from time to time. When we make changes, we will post the updated policy on our website and provide notices on other pages to ensure users know of any modifications. We regularly review and update our Privacy Policy to reflect changes in the legal landscape, company policies, and user feedback. Continued use of the website signifies acceptance of the updated terms.

C. Consent for data transfer outside the GCC

As the internet is a global medium, users' information may be transferred outside the GCC. By submitting their information, users consent to such a transfer.

D. Dispute resolution:

In the event of any disputes, disagreements, or claims arising out of or relating to this Privacy Policy:

1. Initial Resolution: Both parties commit to resolving the dispute amicably through open dialogue and negotiation.

2. Mediation: If the dispute cannot be resolved through direct negotiation, both parties agree to participate in good faith in a mediation process.

3. Arbitration: If mediation is unsuccessful, the dispute will be referred to and finally resolved by arbitration following the rules of the jurisdiction where the company is based. The arbitration will be conducted in English, and the arbitrator's decision will be final and binding. The arbitration process will follow UAE Laws, and both parties will bear any costs associated with the arbitration.

4. Jurisdiction: Unless otherwise agreed upon, the jurisdiction for such proceedings will be the United Arab Emirates.

Using our services, users acknowledge and agree to this dispute resolution process, ensuring that conflicts are addressed in a structured and fair manner.

E. Transparency:

We are committed to maintaining transparency in all our operations and user interactions. This includes:

1. Clear Communication: All our policies, terms, and conditions are communicated in clear, straightforward language, ensuring that users fully understand their rights and our responsibilities.

2. Openness about Data Practices: We provide detailed information about how we collect, use, and store user data, ensuring that there are no hidden practices.

3. Updates and Changes: Any changes to our policies or practices will be communicated promptly to our users, explaining the changes. By using our services, users acknowledge our commitment to transparency and our efforts to maintain an open line of communication at all times.

F. Contact information for questions or concerns

We value the feedback and insights of our users and believe that they play a crucial role in our continuous improvement. To facilitate this:

1. Feedback Channels: We provide multiple channels, such as email, customer support, and online forms, for users to share their feedback, concerns, or suggestions.

2. Timely Responses: We commit to acknowledging and addressing feedback promptly, ensuring that users feel heard and valued.

3. Incorporation of Feedback: Where feasible, we will incorporate user feedback into our services, policies, and practices, further enhancing our offerings. Using our services, users acknowledge the importance we place on their feedback and our commitment to continuous improvement based on their insights. We implement rigorous security measures to protect your data, recognising that no transmission over the Internet is entirely secure. While we strive to safeguard your information, absolute security cannot be guaranteed, and we commit to responding swiftly to any security breaches.

G. Contact information for questions or concerns

Should you have any inquiries or concerns regarding our privacy practices or specifics of this Privacy Policy, please do not hesitate to contact us via the provided email address or phone number. We are committed to promptly addressing your questions and concerns.

Please reach out to: Data Protection Officer - Akash Ravindranath Email - akash.ravindranath@insurancemarket.ae InsuranceMarket.ae™ AFIA Insurance Brokerage Services LLC 27th floor, Control tower, Motor City, Dubai, United Arab Emirates. PO BOX 26423 Contact number: 800-ALFRED (800-253-733)

Email: quality.assurance@insurancemarket.ae