PRIVACY POLICY
Zice (“Taur Technology L.L.C, Dubai, UAE”,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, store, use, disclose and safeguard your personal information when you use our platform (“Software”). By using our Software, you agree to the collection and use of information in accordance with this policy.
By accessing or using the Platform, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.
1DATA CONTROLLER & CONTACT DETAILS
ZICE is the data controller for the purposes of applicable data protection laws.
Support Email: support@zice.it
Business Address: Office No. 303-110, Sultan Business Centre, Oud Mehta, Bur Dubai
Customer Support: Email support and on-platform contact form
1.1 DATA CONTROLLER & DATA PROCESSING ROLE
For account, billing, and platform administration data, Taur Technology L.L.C acts as the Data Controller.
For customer-uploaded ESG data, documents, reports, and evidence, Taur Technology L.L.C acts as a Data Processor, processing such data strictly in accordance with customer instructions and contractual obligations. Customers remain the Data Controller for all ESG, sustainability, and organizational data uploaded to ZICE.
2INFORMATION WE COLLECT
We collect personal and organizational data strictly necessary to operate ZICE, an ESG reporting and compliance platform designed for enterprise and professional users.
a) Account & User Information
- Name
- Business email address
- Job title and role
- Company name
- Login credentials
- Profile image (optional)
This information is used for account creation, role-based access control, audit trails, and user authentication.
b) Organizational & ESG Reporting Data
- ESG metrics, disclosures, and indicators entered by users
- Uploaded documentation and evidence files (e.g. policies, reports, certificates)
- Version history, change logs, and audit trails
- Framework mappings
ZICE processes this data solely on behalf of the customer to generate structured, audit-ready ESG reports.
c) AI & Intelligence Features
When users interact with ZICE’s AI-assisted features (e.g. writing assistance, benchmarking, gap analysis), the system may process:
- User-submitted text inputs
- Contextual ESG data within the customer’s workspace
AI features do not operate autonomously and do not make binding decisions. Outputs are advisory and subject to user review.
d) Payment & Billing Information
Payments are processed securely via third party payment gateway. Taur Technology LLC does not store credit or debit card numbers.
e) Technical & Usage Data
- IP address
- Browser type
- Device and operating system
- Log files and access timestamps
Collected for platform security, performance monitoring, and fraud prevention.
2.1 Cookies & Tracking Technologies
We use cookies and similar technologies to:
- Authenticate users
- Improve performance
- Analyze usage trends
You may control cookies through your browser settings.
3HOW WE COLLECT YOUR DATA:
- ✓When you register on our Platform and provide details.
- ✓When you use our services and interact with features.
- ✓When you make payments via third-party payment processors.
- ✓When you contact customer support.
- ✓Via cookies, analytics, and tracking technologies.
4PURPOSE OF DATA COLLECTION
We process personal data exclusively for the following purposes:
- Operating and maintaining the ZICE platform Enabling ESG data collection, validation, reporting, and audit readiness
- Managing role-based access, version control, and evidence workflows
- Providing AI-assisted drafting, benchmarking, and gap analysis features.
- Ensuring platform security, integrity, and regulatory compliance
- Processing payments and managing subscriptions
- Providing customer support and technical assistance
- Maintaining audit logs, traceability, and accountability
- Complying with legal obligations and enforcing platform terms and policies
- Improving platform performance and usability using aggregated and anonymized data
“We do not use customer ESG data for advertising, resale, or unrelated analytics.”
5LEGAL BASIS FOR PROCESSING
For users in Dubai and the United Arab Emirates, our processing of personal data is carried out in accordance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and where applicable, the data protection frameworks of the DIFC and ADGM
The lawful bases for processing include:
Where we obtain clear and explicit consent for specific purposes, such as product updates and service communication, profiling, or processing of sensitive personal data.
Where processing is required to perform a contract with the user, including service provision, account management and payment processing.
Where processing is necessary to pursue our legitimate business purposes, such as service improvement, security, analytics and fraud prevention, provided such interests do not override users’ rights and freedoms.
Where we are required to comply with applicable UAE laws, regulations, governmental or judicial orders.
Where processing is necessary to protect the public interest or for matters of public health and safety.
6DATA STORAGE AND INTERNATIONAL TRANSFERS:
Your personal data will be generally stored at Dubai, UAE (cloud and physical servers). However, your personal data may be stored and processed in any country where we have facilities or in which we engage third party service providers. By using the Services, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules than in your country.
While such information is outside of UAE, Dubai, it is subject to the laws of the country in which it is held, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country. However, our practices regarding your personal information will at all times continue to be governed by this Privacy Policy.
7DATA SHARING AND DISCLOSURE:
We do not sell or rent your personal data.
However, we may share it with:
Service Providers:
Payment processors, hosting services, analytics providers.
Legal Authorities:
If required by law or to protect legal rights.
Business Transfers:
In case of mergers, acquisitions, or sales.
When we disclose personal information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. We also take reasonable measures to ensure that these third parties provide sufficient guarantees to implement appropriate technical and organizational measures.
8USER RIGHTS:
UAE Users the have rights under the PDPL (and under DIFC/ADGM laws where applicable), including the right to access, correct, erase, restrict, or object to the processing of their personal data and the right to withdraw consent where processing is based on consent.
To exercise your rights
support@zice.it9DATA SECURITY & GOVERNANCE MEASURES:
ZICE is designed with security, auditability, and governance at its core. Measures include:
Encryption
Encryption in transit (SSL/TLS) and at rest.
Access Control
Role-based access controls and permission management.
Audit Trails
Audit trails, version history, and activity logs.
Monitoring
Secure evidence storage and access monitoring. Regular security reviews and system testing.
While we apply industry-standard safeguards, no system can be guaranteed to be completely secure.
9.1 DATA BREACH MANAGEMENT
In the event of a confirmed personal data breach, Taur Technology L.L.C will:
- 01Investigate and contain the incident promptly
- 02Notify affected customers in accordance with applicable data protection laws and contractual obligations
- 03Provide relevant information required under applicable data protection laws
- 04Cooperate with regulatory authorities where legally required
10DATA RETENTION POLICY:
Zice retain personal and organizational data only for as long as necessary to:
- Provide and operate ZICE services
- Meet contractual, legal, regulatory, and audit obligations
ESG data, reports, and related documentation are retained for the duration of the customer relationship and for up to two (2) years following account termination, unless a longer retention period is required by applicable law or agreed contractually.
During this post-termination retention period, customer data is securely stored and access is restricted. Upon expiry of the retention period, data may be deleted or anonymized in accordance with ZICE’s internal data retention and disposal policies.
System logs, audit trails, and security-related records are retained for defined and limited periods solely for compliance, security monitoring, and incident investigation purposes.
11THIRD-PARTY LINKS & INTEGRATIONS:
Our Platform may contain links to third-party websites or services. We are not responsible for their privacy practices. Please review their policies separately.
13AUTOMATED PROCESSING & AI USE
ZICE includes AI-assisted features designed to support ESG reporting efficiency. These tools:
- ✕ Do not produce legally binding decisions
- ✕ Do not replace human judgment
- ✓ Operate solely on user-provided inputs
All AI outputs are advisory and remain under customer control.
14CHANGES TO THIS PRIVACY POLICY:
We may update this policy periodically. Any significant changes will be notified via email or in-app notification.
15CONTACT US:
If you have any questions or comments about this Policy or your personal information, to make an access or correction request, to exercise any applicable rights, to make a complaint, or to obtain information about our policies, our Data Protection Officer can be reached by mail or email using the following:
Email:
support@zice.itAddress:
Office No. 303-110, Sultan Business Centre, Oud Mehta, Bur Dubai