Privacy Notice

  • Approved on: 01 January 2021
  • Next Scheduled Review: 2022

Description

This Policy outlines the Lean’s methodology and processes to collect, process and store end user data in a consistent method across the company Lean’s privacy policy is aligned to the principles set out in the Internationally accepted standards; GDPR and CCPA and compliant with SAMA’s PSPR and Cybersecurity Framework.

1. Introduction

This Privacy Notice (hereafter "Notice") describes how Lean Technologies and other companies within the Lean Group ("we", "us" "our") manages the Information that you provide to us. This Notice explains how we will use that Information, who we might share it with, and what steps we will take to make sure it stays private and secure. This Notice continues to apply even if your agreement for other products and services with us ends.

This Notice may be updated from time to time and our Site will indicate when the Notice has been updated. You may access the current version of this Notice at any time by clicking on the "Privacy" link at the footer on our Site. You are advised to review this Notice periodically for any changes. Changes to this Notice are effective when they are posted on this page. If we have provided you with separate or further information about how we collect and use your Personal Information for a particular product or service, those terms will also apply. If you interact with us in a different context, separate terms might apply to that interaction. Where we provide you with other terms, those terms will always take precedence over this Notice.

There may be times when links on our Site take you to a third party's website which is not managed or connected to Lean. When this happens, that third party's own privacy and information policies, which may be different to this Notice, will apply.

2. Definitions

In this Notice the following capitalised terms have the meaning assigned to them below unless expressly stated otherwise:

"ADGM"

means the Abu Dhabi Global Market.

"Cookies"

means the small files stored on your device (computer or mobile device).

"DIFC"

means the Dubai International Financial Centre.

"Information"

means your Personal Information and Usage Information, including any information you provide to us via webform, surveys and questionnaires.

"KSA"

means the Kingdom of Saudi Arabia.

"Lean"

means Lean Technologies. See the 'contact us' section below for more information on how to get in touch with us depending on which country you are in.

"Personal Information"

means any information that can be used to identify an individual, whether directly or indirectly, and may include, but is not limited to name, email address, postal address, mobile phone number, location information, login information, biometric, economic, cultural and social information.

"Services"

means the services and/or products offered by Lean, accessible via our Site.

"Service Providers"

means third party companies and individuals engaged by Lean to facilitate the Services, provide or perform the Services on Lean's behalf or assist us in analysing how the Services are used.

"Site"

means Lean's website at https://www.leantech.me/, widgets, portals, all attached domains and other web and mobile-based applications ("app").

"UAE"

means the United Arab Emirates.

"Usage Information"

means information which is collected automatically and is generated by your use of our Services or from our Service infrastructure itself through or by any device (for example, we may capture the duration of your visit to a particular page of our Site).

"User"

means the person who is using the Site (i.e. "you") and who is the subject of the Information we collect.

3. What information we collect about you

3.1 When you sign up for a Lean account or use any of the Services provided via our Site, we will collect the following Information about you. This Information also helps us to verify who you say you are. This will include Information, such as:

3.1.1 your name, date and place of birth;

3.1.2 contact details, such as your home address (and previous addresses), email and phone number;

3.1.3 information about your identity, such as a copy of your ID document (i.e. passport and national ID);

3.1.4 information about your right to live in the UAE;

3.1.5 any details you give us through the Lean chat feature on our Site, or Information we collect or generate about you when you get in touch with us, including Information we collect or generate when you use our Services, including any details that are submitted to us via webform, email, the Lean portal or any other digital or paper mechanism;

3.2 We will collect this information to give you Services in a safe and lawful way, and to keep improving them. This may include collecting:

3.2.1 details about payments to and from your Lean account and your savings activity;

3.2.2 details about services from us and our partners that you express interest in;

3.2.3 details about how you use our Site;

3.2.4 the mobile network and operating system you use so we can analyse how our Site works and fix any issues; and

3.2.5 your location if you've authorised tracking, so we can help protect you against fraud.

3.3 We may also get Information about you from external sources to help us verify your identity and manage our business risk. This may include engaging with credit reference or fraud prevention agencies and KYC (Know Your Customer) and AML (Anti Money Laundering) service providers to fulfil our legal duties.

4. How we use your information

4.1 Lean collects and uses your Information for various purposes, and will always have a lawful basis for doing so. We may need to use your Personal Information for an agreement we have with you, or to enter into an agreement with you, to enable us to comply with the law; or we may use your Personal Information for our legitimate interests, or those of a third party (for example, to help product development and marketing, to manage our business risk, financial affairs and to protect our staff, or for security and maintenance).

4.2 We may also use your Information to:

4.2.1 develop, operate, provide, maintain, and improve our Services, now and in the future;

4.2.2 keep you up to date on the latest Service announcements, system enhancements, special offers, and other information;

4.2.3 provide and receive information, support, feedback and assistance related to our Services;

4.2.4 enable you to create personal profile areas and view protected content;

4.2.5 analyse usage trends and the preferences of our Users, and to conduct questionnaires and surveys, in order to provide better Services (your completion of these questionnaires will always be voluntary);

4.2.6 contact you for administrative purposes, such as customer support;

4.2.7 send communications, including updates on promotions and events, relating to products and services offered by us;

4.2.8 personalise content and advertising to your preferences; and

4.2.9 protect, investigate, and deter against fraudulent, unauthorised, or illegal activity.

4.3 If you participate in a Lean activity or forum on our Site, the information that you provide will be made visible to others.

5. Your rights in relation to your personal information

5.1 You have a number of rights in relation to the Personal Information that we hold about you. These rights include:

5.1.1 the right to obtain information regarding the processing of your Personal Information and access to the Personal Information which we hold about you (we will notify you of the personal data in our databases, including available details about the origin of the data, the purpose and, where appropriate, the legal basis for the processing and the categories of the processed data, the parties involved in the data collection and the data recipients. Please send us requests for information in writing, together with a clearly legible copy of a valid official ID document (e.g., passport, ID card, driving licence);

5.1.2 in certain circumstances, the right to withdraw your consent to our processing of your Personal Information. Please note, we may still be entitled to process your Personal Information if we have another legitimate reason for doing so and your withdrawal of consent will not affect the lawfulness of processing taken place previously;

5.1.3 in some circumstances, the right to receive copies of your Personal Information electronically and/or request that we transmit the Personal Information to a third party where this is technically feasible. Please note that this right only applies to Personal Information which you have provided to us;

5.1.4 the right to request that we rectify your Personal Information if it is inaccurate or incomplete;

5.1.5 the right to request that we erase your Personal Information in certain circumstances. Please note that there may be circumstances where you ask us to erase your information but we are legally entitled to retain it;

5.1.6 the right to lodge a complaint with the relevant regulator (for example, in the DIFC, you may lodge a complaint with the DIFC Commissioner of Data Protection if you think that any of your rights have been infringed by us. In the DIFC, you can find out more information about your rights by visiting www.difc.ae/laws-regulations/data-protection).

6. What we expect from you

6.1 You are responsible for making sure the information you give us is accurate and up to date. And you must tell us if anything changes, as soon as possible. If we ask you for any information and you do not provide it to us, we may stop providing existing Services to you.

6.2 If you give us any information about another person connected to your account, you must tell them what information you have given to us, and make sure they are informed of the contents of this Notice and agree that we can use it as set out in this Notice. You must also tell them how they can see what information we have about them and how to correct any mistakes.

7. Unsubscribing and opting out

7.1 We may use your Information for marketing purposes. Each promotional email you receive from Lean or any of our affiliated third parties will include instructions on how you can unsubscribe from that category of mailing or from receiving emails from that third party. You may also unsubscribe from Lean's promotional emails by sending an email, including your name and email address to the contact details below.

8. Profiling, usage information and location data

8.1 We may analyse and evaluate your Information in an automated manner so as to identify significant personal characteristics of yourself or to predict developments and to create user profiles. These may be used for business-related checks, individual management, advisory or financial services and the provision of offers and information that we, or our third party affiliates, may make available to you.

8.2 When providing you with our Services, we may make decisions about you by automated means. For example, we use technology that helps us identify the level of risk involved in User or account activity (i.e. for credit, fraud or financial crime reasons). We may also use information received by third party providers to identify if someone else is using your Lean account without your permission.

8.3 You have a right to certain information about how we make these decisions. We ensure that a suitable contact person is available if you wish to express a view on any automated individual decision where such opportunity to express a view is required by law. Please contact us using the contact details below for more information.

8.4 In some instances, Lean may collect non-personal (aggregate or demographic) data through cookies, web logs, and web beacons. This Information may include, but is not limited to, information such as your computer's internet protocol address (e.g. IP address), browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

8.5 When you access our Site with a device, the Information may also include information such as the type of device you use, your device unique ID, the IP address of your device, your device operating system, the type of internet browser you use, unique device identifiers and other diagnostic data.

8.6 This information allows us to better understand and improve the usability, performance, and effectiveness of our Site and to correct any problems that may occur. Please read the "Cookies" section below for more information. We may also collect and store your location data when you access our Site via a mobile device or computer. You can enable or disable location services when you use our Site at any time through your device settings.

9. Sharing your personal information

9.1 We will never sell or rent your Personal Information to third parties for marketing purposes. We may share and transfer your Personal Information within the Lean Group and with our affiliated companies, Service Providers and any third parties engaged by us where:

9.1.1 we need to for the purposes of providing you with products or services you have requested (i.e. application development and providing User support);

9.1.2 we have a public or legal duty to do so (i.e. to assist with detecting fraud, regulatory reporting, litigation or defending our legal rights);

9.1.3 we have a legitimate reason for doing so (i.e. to manage risk, verify your identity, or assess your suitability for products and services); or

9.1.4 we have asked you for your permission to share it, and you have agreed.

9.2 We only share your Personal Information to the extent that the other party reasonably needs it to complete or utilise the requested product or transaction, or to perform their function. All of our affiliated companies, Service Providers and any third parties engaged by us are not permitted to use your Personal Information except for the specific purposes, as agreed with Lean.

9.3 On occasion we may transfer and disclose your Information in other cases including:

9.3.1 in response to subpoenas, court orders, legal process or according to the requirements of applicable laws. We will only share such Information if required to do so, if we in good faith believe it is necessary, or if it is otherwise advisable to cooperate with law enforcement or other governmental agencies;

9.3.2 to establish or exercise our legal rights or defend against legal claims;

9.3.3 to investigate, prevent, or take action against illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Lean's terms of service, or as otherwise that we believe in good faith is required by applicable law;

9.3.4 when there is a sale or transfer of all or part of Lean's business or assets (which could include any merger, financing, acquisition, or bankruptcy); or

9.3.5 we may also share aggregated and/or anonymised data with others, such as our financial institution partners, for their own uses, or to meet our reporting obligations, or to indicate our Users' interests, habits, and usage patterns. For example, we may share such information publicly to show trends about the general use of our Services. However, you will not be able to be individually identified from this information.

10. Cross border transfers of your personal information

10.1 Our Site is hosted in the United Kingdom but can be accessed by any Lean affiliate worldwide. Accordingly, your information may be transferred to, and stored at, a destination outside of the country or jurisdiction in which it was collected by us (for example, outside of the DIFC), including locations which may not have the same level of protection for your Personal Information. We may need to transfer your Personal Information in this way to perform our contract with you, to fulfil a legal obligation, to protect the public interest and/or for our legitimate business interests, for example in the context of an outsourcing arrangement with our Service Providers or affiliates.

10.2 Where we transfer your Personal Information outside of the country or jurisdiction in which it was collected, we will ensure that it is protected by us in a manner that is consistent with how your Personal Information will be protected by us in that country. We will always do this in a way that is permissible under applicable data protection rules.

10.3 Depending on the kind of product or Service that is used, your Personal Information may also be disclosed to third parties domiciled in jurisdictions which do not have an appropriate level of data protection. If data is transferred to such a country, we take appropriate measures (for example, relying on contractual arrangements such as the DIFC Standard Contractual Clauses or other precautions or justifications) so that your Personal Information continues to receive the appropriate protection.

11. Security of your personal information

11.1 Lean is committed to protecting the Personal Information you share with us. We rely on a combination of industry-standard security technologies, procedures, and organisational measures to help protect your Personal Information from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your Personal Information transmitted, stored or otherwise processed by us.

11.2 We advise that you take every precaution to protect your Personal Information when you are accessing our Site and using our Services. For example, we recommend that you change your passwords regularly, use a combination of letters and numbers when creating passwords, and make sure you use a secure browser.

12. Cookies

12.1 Lean uses technologies such as Cookies and web beacons, which allow us to make your visit to our Site easier, more efficient and more valuable by providing you with a customised experience and recognising you when you return.

12.2 A Cookie cannot read Personal Information off your hard disk or read Cookie files created by other websites. The only Personal Information a Cookie can contain is information you supply yourself. Accepting the Cookies used on our Site may give us access to information about your browsing behaviour, which we may use to personalise your experience and track your User traffic patterns, and to merge this information when you register. We do this in order to determine the usefulness of our Site information to our Users and to see how effective our navigational structure is in helping Users reach that information.

12.3 In addition, Lean uses web beacons in conjunction with Cookies to understand User behaviour. Web beacons are simply a convenient way of gathering basic statistics and managing Cookies and do not give away any extra information from your computer. Turning off your browser's Cookies will prevent web beacons from tracking your specific activity.

12.4 If you prefer not to receive Cookies while browsing our Site or via our HTML-formatted emails, you can set your browser to warn you before it accepts Cookies or refuse the Cookie when your browser alerts you to its presence. You may browse most of our Site without accepting Cookies; however, some Site functionality may be lost by disabling Cookies on your computer. Certain features of the Site, particularly those which require a login and password, require Cookies and cannot be used when you have disabled Cookies in your browser.

13. Linked websites and services

13.1 Our Site and Services may provide links to other third party websites and services which are outside our control and are not covered by this Notice. Lean bears no responsibility for the information collected or used by any third party website, and you release us from any liability for the conduct of these third parties. We encourage you to review the privacy policies and notices of any third party website that you access.

14. Service providers

14.1 Lean may engage third party Service Providers from time to time. These Service Providers will have access to your Personal Information only to the extent necessary to perform the tasks assigned to them by us. All Service Providers engaged by Lean are legally required to maintain the confidentially of your Personal Information, have in place systems and controls to protect against any loss or damage to your Personal information, and must not disclose or use your Personal Information for any other purpose other than as they are instructed.

15. Children's privacy

15.1 Our Site is not intended for use by individuals under the age of 18 ("Child" or "Children"). We do not knowingly collect Personal Information from Children. If you become aware that a Child has provided us with Personal Information, please contact us immediately. If we become aware that we have collected Personal Information from a Child without parental consent, we will take steps to remove that information from our servers.

16. How long we will keep your personal information

16.1 We will only retain your Personal Information for as long as reasonably necessary to fulfil the purposes we collected it for, including to satisfy any legal, regulatory, tax, accounting or reporting requirements.

16.2 On occasion, we may retain your Personal Information for a longer period, and even after you stop using our Services, in order to: (i) to respond to enquiries and complaints; (ii) to comply with laws and regulations; (iii) in accordance with our internal policies and procedures; or (iv) to protect our interests.

17. Contact us

17.1 Should you have any privacy-related questions or comments related to this Notice, please send an email to privacy@leantech.me or you may contact us at the relevant address below:

Country where you receive the ServicesData ControllerContact details
KSALean TechnologiesLean Technologies 2409, No 84, Al Olaya Dist, Unit No 1802, Riyadh 12214-8994
DIFCLean Technologies LtdUnit 208 Level 1 Gate Avenue - South Zone Dubai International Financial Centre Dubai, United Arab Emirates
ADGMLean Technologies LtdDD-16-121-032 • 1, 9, Al Khatem Tower, ADGM Square, Al Maryah Island, Abu Dhabi, United Arab Emirates