Privacy Policy

Property Market Insights LLC

Effective Date: May 11, 2026

1. Data Controller and Contact

The data controller responsible for the processing of personal data within the meaning of the UAE Personal Data Protection Law (PDPL — Federal Decree-Law No. 45 of 2021), the EU General Data Protection Regulation (GDPR — Regulation (EU) 2016/679), and the California Consumer Privacy Act (CCPA/CPRA) is:

Property Market Insights LLC[Full business address, Wyoming, USA]
Registered in: Wyoming, United States of America
Registration number: [Wyoming Filing ID / No.]
Email: [Email address for privacy inquiries]
Phone: [Phone number]
(hereinafter “we”, “us”, or “Provider”)

If you have any questions regarding data protection or wish to exercise your rights, please contact us at the email address above.

2. Scope

This Privacy Policy informs you about which personal data we collect, process, and use when you use our website www.property-insights.ae and the services offered through it (in particular market reports, newsletters, and customer accounts).

Personal data refers to all information relating to an identified or identifiable natural person (e.g., name, email address, IP address).

3. Data Collected and Purposes of Processing

3.1 Website Access (Server Log Files)

Each time you access our website, the following data is automatically collected by our hosting provider and stored in so-called server log files:

  • IP address of the requesting device
  • Date and time of access
  • Name and URL of the file accessed
  • Volume of data transferred
  • Notification of successful retrieval
  • Browser type and version used
  • Operating system and device information
  • Referrer URL (previously visited page)

Purpose: Ensuring smooth connection setup, comfortable use of the website, evaluation of system security and stability, and administrative purposes.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR; comparable provisions under UAE PDPL).
Retention period: Log files are generally deleted after 14 days unless they need to be retained longer for security reasons.

3.2 Ordering Market Reports / Customer Account

When you order market reports or other paid services or create a customer account on our website, we collect the following data:

  • First and last name
  • Email address
  • Billing and, where applicable, shipping address
  • Payment data (processed via external payment service providers)
  • Order history and selected products
  • For business customers: company name, tax/VAT ID, contact person where applicable

Purpose: Contract performance, provision of market reports, invoicing, customer service.
Legal basis: Performance of contract (Art. 6(1)(b) GDPR; corresponding provisions under UAE PDPL).
Retention period: For the duration of the contractual relationship and beyond, to comply with statutory retention obligations (typically up to 10 years under U.S. tax law and depending on applicable law).

3.3 Contact Inquiries

When you contact us by email, contact form, or phone, we process the data you provide (in particular name, email address, content of the inquiry) to handle your request.

Legal basis: Performance of contract or pre-contractual measures (Art. 6(1)(b) GDPR) or legitimate interest (Art. 6(1)(f) GDPR).
Retention period: Until your inquiry has been fully processed; beyond that, only insofar as statutory retention obligations apply.

3.4 Newsletter

If you subscribe to our newsletter, we process your email address and any other voluntarily provided data to send the newsletter. The subscription is carried out using a double opt-in process.

Legal basis: Consent (Art. 6(1)(a) GDPR).
Withdrawal: You may withdraw your consent at any time with effect for the future, e.g., via the unsubscribe link in any newsletter.

4. Cookies and Similar Technologies

Our website uses cookies and similar technologies (e.g., LocalStorage). Cookies are small text files stored on your device.

We distinguish between:

  • Strictly necessary cookies: required for website operation (e.g., login, shopping cart). Legal basis: legitimate interest.
  • Functional cookies: improve usability (e.g., language preference). Legal basis: consent.
  • Analytics cookies: enable evaluation of website usage. Legal basis: consent.
  • Marketing cookies: enable personalized advertising. Legal basis: consent.

You may adjust or withdraw your consent at any time via the cookie banner or in your browser settings.

5. Use of Artificial Intelligence (AI)

We use artificial intelligence (AI) systems to create market reports and analyses. Where personal data is processed in this context (e.g., for individual inquiries or personalized reports), this is done exclusively on the basis of one of the legal grounds described above and subject to appropriate safeguards.

We do not transmit any sensitive personal data to external AI service providers unless explicit consent has been provided or this is contractually safeguarded (e.g., through Data Processing Agreements).

6. Disclosure of Data to Third Parties

Your personal data is only disclosed to third parties in the following cases:

  • to data processors (e.g., hosting providers, payment service providers, email delivery services, AI service providers) who support us in providing our services and who act on the basis of corresponding contracts;
  • to comply with legal obligations (e.g., toward tax authorities or law enforcement);
  • with your express consent;
  • to assert, exercise, or defend legal claims.

We do not disclose your data to third parties for commercial purposes.

7. International Data Transfers

As our company is based in the United States of America (Wyoming), personal data is processed in the U.S. When data from the European Economic Area (EEA), the United Arab Emirates, or other third countries is processed, this constitutes an international data transfer.

We ensure an appropriate level of data protection through:

  • Standard Contractual Clauses of the EU Commission (for transfers from the EEA);
  • Comparable contractual safeguards under UAE PDPL (for transfers from the UAE);
  • Additional technical and organizational measures (encryption, access controls).

Upon request, we will provide you with a copy of these safeguards.

8. Your Rights

Depending on the applicable law (UAE PDPL, GDPR, CCPA/CPRA), you have the following rights:

  • Right of access: You have the right to know whether and which personal data we process about you.
  • Right to rectification: You may request the correction of inaccurate data.
  • Right to erasure (“right to be forgotten”): You may request the deletion of your data under certain conditions.
  • Right to restriction of processing: You may request the restriction of processing.
  • Right to data portability: You may request the transfer of your data in a structured, commonly used format.
  • Right to object: You may object to the processing of your data where it is based on a legitimate interest.
  • Withdrawal of consent: You may withdraw consent at any time with effect for the future.
  • Right to lodge a complaint: You have the right to file a complaint with a data protection supervisory authority — e.g., the UAE Data Office, an EU data protection authority, or the competent authority in your country.

Specifically for California users (CCPA/CPRA): You additionally have the right to opt out of the “sale” or “sharing” of your personal information (“Do Not Sell or Share My Personal Information”). However, we do not sell or share your data within the meaning of CCPA/CPRA.

To exercise your rights, please contact us at the email address provided above.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against accidental or intentional loss, destruction, manipulation, or unauthorized access. These include in particular:

  • SSL/TLS encryption of the website
  • Access controls and permission management
  • Regular security updates
  • Secure data storage with encryption
  • Regular backups

In the event of a data breach, we will inform affected individuals and the competent supervisory authorities in accordance with applicable legal requirements.

10. Retention Period

We store personal data only for as long as is necessary to fulfill the respective purposes or as required by statutory retention obligations. Once the purpose ceases and any retention obligations have expired, the data is deleted or anonymized.

11. Minors

Our offerings are not directed at persons under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from minors, we will delete it without delay.

12. Embedded Third-Party Services

The following third-party services may be embedded on our website. Details of the respective data processing can be found in the privacy policies of the respective providers:

  • Hosting provider: [Insert hosting provider name]
  • Payment service providers: [e.g., Stripe, PayPal, Telr — to be specified]
  • Web analytics: [e.g., Google Analytics, Plausible, Matomo — to be specified]
  • Newsletter delivery: [e.g., Mailchimp, Brevo — to be specified]
  • AI service providers: [e.g., OpenAI, Anthropic — to be specified]

13. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy at any time to reflect changes in the legal situation, features, or data processing operations. The current version is always available on our website. In case of significant changes, we will notify you separately.

Important Implementation Notice

This Privacy Policy has been drafted as a template and contains placeholders for specific service providers and processing operations. Prior to publication, this Privacy Policy must be individually adapted to the actual data processing operations of Property Market Insights LLC and reviewed by a UAE-licensed attorney and a U.S. data protection expert.

In particular, the following aspects must be added/specified:

  • Specific list of all service providers used, with hosting location and Data Processing Agreements
  • Specific cookie list with name, provider, purpose, and retention period (cookie table)
  • Description of specific AI service providers used and data flows
  • Adaptation to the current versions of UAE PDPL, GDPR, and CCPA/CPRA
  • Addition of provisions from other jurisdictions where users may reside (e.g., UK GDPR, Swiss DSG)
  • Implementation of a GDPR-compliant cookie banner (Consent Management Platform)