Request for Demo

Privacy Policy

Introduction

This Privacy Policy outlines how Sentimeter ("we", "our", or "the Company") collects, processes, stores, and safeguards personal data, including personally identifiable information (PII), such as names, email addresses, contact numbers, and cookies, across our operations in Pakistan, Qatar, Saudi Arabia, and the United Arab Emirates (UAE).

We are committed to ensuring the privacy and security of data subjects' information in compliance with the relevant national data protection and privacy laws of each jurisdiction in which we operate.

Purpose

The purpose of creating a privacy policy is to inform users about how their personal data is collected, used, stored, and protected. It ensures transparency, builds trust, and helps organisations comply with legal and regulatory data protection requirements. A privacy policy also defines user rights and outlines the organisation’s responsibilities for safeguarding sensitive information.

Scope

This policy applies to all processing activities involving personal data handled by Sentimeter and its third-party processors, service providers, and affiliates in:

  • Pakistan
  • Qatar
  • Saudi Arabia
  • United Arab Emirates (UAE)

It covers the collection and use of data such as:

  • Full name
  • Email address
  • Contact number
  • Cookies and other online identifiers

Legal Frameworks

We adhere to the following national privacy laws and frameworks:

  • Pakistan
    • Prevention of Electronic Crimes Act (PECA) 2016
    • Draft Personal Data Protection Bill (2023 - under approval)
    • Obtain consent before collecting PII
    • Implement adequate security controls to protect data
    • Ensure data is used for specified, legitimate purposes only
  • Qatar
    • Law No. 13 of 2016 concerning Personal Data Protection
    • Mandatory consent for data collection
    • Registration of data controllers and processors
    • Right of access, correction, and objection
  • Saudi Arabia
    • Personal Data Protection Law (PDPL) 2021 (regulated by SDAIA)
    • Consent-based processing of personal data
    • Data minimisation and accuracy requirements
    • Cross-border transfer restrictions
  • United Arab Emirates (UAE)
    • Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL)
    • Purpose limitation and data subject rights
    • Appointment of a Data Protection Officer (DPO)
    • Obligations to notify of data breaches

Categories of Personal Data Collected

  • Identifying Information: Full name, email address, phone number, and other contact details for communication, verification, and support.
  • Device and Browsing Information: IP address, browser type, OS, device identifiers, and browsing behavior via cookies and tracking tools.
  • Communication and Correspondence Records: Emails, chat logs, support tickets, etc., used for service continuity and compliance.

Purpose of Processing

We process personal data to support business operations such as communication, service improvement, marketing (with consent), website optimization, and legal compliance.

This includes analyzing behavior, visited pages, and content interactions to personalize ads and content. Cookies and third-party tools may be used. We also track ad effectiveness and engagement.

Data Sharing and Transfers

  • Authorized Personnel: Limited access for relevant employees under strict internal policies.
  • Third-Party Providers: Vendors like hosting, IT, and analytics partners under data protection agreements.
  • Regulatory Authorities: Disclosures made in compliance with applicable laws and only when necessary.

Cross-border transfers are performed according to jurisdiction-specific data protection requirements.

Data Security Measures

We use encryption (in transit and at rest), access controls, role-based authentication, regular security audits, and vulnerability scans to ensure high standards of data protection.

Data Subject Rights

  • Right to access and confirm processing of personal data.
  • Right to correct inaccuracies or delete data no longer needed.
  • Right to object to or restrict certain processing activities.
  • Right to withdraw consent at any time, without affecting prior processing lawfulness.

Data Retention

We retain personal data only for as long as necessary to fulfill its purpose or meet legal obligations. When no longer needed, data is securely deleted, anonymized, or archived in line with applicable laws.

Policy Review and Updates

This policy is reviewed annually or when laws or operations change. Updates will be posted with the effective date. Significant changes will be communicated via email or notifications.

Contact Information

For any inquiries or concerns regarding data protection, please contact:

Email: dpo@sentimeter.io

Address: 25 Canal Rd, Westwood Colony Lahore, Punjab 54000

Sentimeter reserves the right to amend this policy to comply with future changes in applicable laws and regulations.