Legal

Privacy Policy

YPD Technology Services FZCO is committed to protecting your personal and business data. This policy explains how we collect, use, and safeguard information across our dual-jurisdiction operations.

Last Updated: May 2026UAE PDPL 2021: Primary JurisdictionIndia DPDP Act 2023: Secondary Jurisdiction

01

About This Policy

This Privacy Policy applies to all visitors to the YPD Technology Services website, prospective and current clients, and any individual whose personal data is processed in connection with our AI consulting engagements. It covers our AI-powered advisory tools (including the Aria and Aryan AI advisors on this website), client discovery and onboarding processes, consulting project delivery, and all associated communications.

YPD Technology Services FZCO operates under a dual-jurisdiction data protection framework. Our primary obligations arise under UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL). For engagements involving individuals in India, we additionally comply with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000.

This policy is written in English. An Arabic version is available upon request. Contact legal@youthpulsedigital.com.

02

Who We Are

YPD Technology Services FZCO is a specialist AI adoption studio registered in the United Arab Emirates. We diagnose, design, and deploy working AI systems for UAE and India businesses across five service lines: AI Readiness Audit, AI Workflow Automation, AI Training & Enablement, AI Customer Systems, and AI Strategy & Roadmap.

Legal EntityYPD Technology Services FZCO
Trade License70804, Dubai Silicon Oasis Authority
Corporate Tax Registration105203337800001 (UAE Federal Tax Authority)
Registered AddressA1, IFZA Business Park, Dubai Digital Park, Dubai Silicon Oasis, Dubai, UAE
Phone+971 55 747 0097

03

Information We Collect

Business Contact Information

Name, business email address, phone number, company name, job title, and country, collected when you submit an inquiry, book a discovery call, or use our contact form.

Engagement & Project Data

Business process documentation, operational data, workflow descriptions, and strategic information shared during the course of a consulting engagement. This data is treated as strictly confidential and subject to the Non-Disclosure provisions in our Terms of Service.

AI Interaction Data

Conversations with our AI advisors (Aria and Aryan) on this website, including questions asked, information voluntarily provided, and feedback on AI-generated responses. These interactions are session-based and processed to deliver your requested guidance.

Client Employee & Operational Data (as Data Processor)

During AI system deployment engagements, we may process data relating to your employees, customers, or operational workflows solely to deliver the contracted service. In this context, we act as a Data Processor on your behalf. See Section 6 for our dual-role disclosure.

Technical & Website Data

IP address, browser type, device information, referring URLs, and page interaction data, collected automatically via standard web analytics to improve site performance and security.

04

How We Use Your Information

  • Service Delivery: Conducting AI readiness audits, designing automation workflows, delivering training programmes, building customer AI systems, and producing strategic roadmaps for your business.
  • Client Communication: Responding to inquiries, scheduling engagements, providing project updates, and post-delivery support.
  • AI Advisory: Powering our website AI advisors to answer your questions and route you to the right service.
  • Proposal & Scoping: Preparing engagement proposals, Statements of Work, and pricing based on your disclosed business requirements.
  • Legal & Compliance: Meeting our obligations under UAE federal law, DPDP India, and any applicable sector regulations.
  • Service Improvement: Using anonymised, aggregated analytics to improve our AI models, website experience, and service methodology; never using identifiable client data for model training without explicit written consent.
  • Marketing: Sending occasional insights, case studies, or service announcements where you have opted in or where we have a legitimate interest. You may opt out at any time.

06

Our Dual Role: Data Controller & Data Processor

YPD Technology Services operates in two distinct data roles depending on the context:

Data Controller

When we determine the purposes and means of processing: for example, processing data from website visitors, managing prospective client inquiries, maintaining our own business records, and sending marketing communications. In this role, we are directly accountable to you under applicable data protection laws.

Data Processor

When we process personal data on behalf of a client organisation during an AI deployment engagement: for example, processing your employees' workflow data or customer interaction records to build and train an AI system. In this role, we act strictly on your documented instructions and do not use client data for any independent purpose.

Enterprise clients whose engagements involve the processing of their employees' or customers' personal data are required to execute a Data Processing Agreement (DPA) with YPD prior to the commencement of work. Contact legal@youthpulsedigital.com to request our standard DPA.

07

AI Technology Disclaimer

Important Notice

Our website AI advisors (Aria and Aryan) and the AI systems we build for clients use large language models and proprietary AI frameworks to generate guidance and recommendations. AI-generated content is for informational and advisory purposes only and does not constitute professional legal, financial, medical, or regulatory advice. Business decisions should not be made solely on the basis of AI-generated outputs without appropriate human expert review.

AI interaction logs from website conversations are retained for a limited period solely for service quality and security purposes, then anonymised or deleted. We do not use personal AI conversation data to train our models without your explicit written consent.

Third-party AI infrastructure providers engaged by YPD (such as large language model API providers) are bound by data protection agreements aligned with our standards and applicable law.

08

Information Sharing & Disclosure

We do not sell, rent, or trade your personal or business data. Disclosure to third parties occurs only in the following limited circumstances:

  • Service Providers: Trusted technology partners (cloud hosting, security, analytics, communication tools) operating under strict contractual data protection obligations.
  • AI Infrastructure Providers: Third-party LLM API providers used to power our advisory tools and client AI systems, bound by data processing agreements with appropriate safeguards.
  • Domain Specialists: Subject-matter experts engaged on specific client assignments, who operate under confidentiality agreements and process only the minimum data necessary for the engagement.
  • Legal Requirements: Where required by UAE law, Indian law, court order, or regulatory authority; we will notify you of such requests to the extent legally permitted.
  • Professional Advisers: Our legal counsel, auditors, and insurers, subject to professional confidentiality obligations.

09

Cross-Border Data Transfers

Our operations span the UAE and India. Data may therefore flow between these jurisdictions in the ordinary course of providing our services. We ensure all such transfers are governed by adequate contractual safeguards consistent with UAE PDPL and DPDP requirements.

Where data is transferred to third-party AI service providers operating outside the UAE or India (for example, LLM API providers), we ensure such transfers are subject to data processing agreements providing protections equivalent to those required under applicable law.

We maintain primary data hosting within the UAE. Backup and redundancy infrastructure may be located in other jurisdictions with equivalent security standards.

10

Data Security

We implement technical and organisational measures aligned with industry best practices to protect personal and business data against unauthorised access, disclosure, alteration, or destruction. These include:

  • End-to-end encryption for data in transit and encryption at rest for sensitive data
  • Role-based access controls with least-privilege principles
  • Logical segregation of client data environments
  • Regular security assessments and vulnerability reviews
  • Secure AI model deployment with prompt and output safeguards
  • Confidentiality agreements for all personnel and specialists with access to client data

For our full security framework and certifications status, see our Data Policy.

11

Data Retention

We retain data only for as long as necessary for the purpose for which it was collected, or as required by applicable law.

Data TypeRetention PeriodBasis
Business contact / lead data3 years from last interactionLegitimate interest (business development)
Engagement & project data5 years from project closeUAE Commercial Transactions Law
Client operational data (as Processor)Contract duration + 90 days, then deletedDPA terms; client instruction
AI interaction logs (website)30–90 days, then anonymisedService improvement; security
Financial & invoicing records8 yearsUAE & Indian tax law
Legal correspondence & contracts7 years from contract endUAE limitation periods
Grievance & complaint records3 yearsDPDP & consumer law compliance
Website technical logs12 monthsSecurity monitoring

12

Your Rights & Choices

Under UAE PDPL 2021

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request rectification of inaccurate or incomplete data
  • Erasure: Request deletion of your data (subject to legal retention obligations)
  • Restriction: Request that we limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Where processing is based on consent, withdraw it at any time

Additional Rights Under India DPDP Act 2023

  • Information: Right to information about processing activities
  • Nomination: Right to nominate another person to exercise rights on your behalf
  • Grievance Redressal: Right to a timely response to your privacy concerns

To exercise any of these rights, contact our Data Protection Officer at dpo@youthpulsedigital.com. We will acknowledge your request within 72 hours and respond within 30 days (UAE PDPL) or 30 days (DPDP), as applicable.

13

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we are obligated under the UAE PDPL 2021 to notify the UAE Data Office within 72 hours of becoming aware of the breach. Where the breach is likely to result in high risk to affected individuals, we will also notify you directly without undue delay.

For engagements involving Indian data subjects, parallel notification obligations under the DPDP Act and the Cert-In framework apply.

If you discover or suspect a data security issue involving YPD, please contact us immediately at dpo@youthpulsedigital.com.

14

Cookies & Tracking

We use essential cookies to maintain website functionality and session state. We may use analytics cookies to understand aggregate site usage patterns; these do not identify you personally.

We do not use advertising or third-party tracking cookies. We do not sell or share your browsing data with advertising networks.

You can control cookie settings through your browser preferences. Disabling cookies may affect certain site features.

15

Children's Privacy

YPD Technology Services is a business-to-business AI consulting firm. Our services are directed exclusively at business organisations and their authorised adult representatives. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently received data relating to a minor, please contact us at dpo@youthpulsedigital.com and we will delete it promptly.

16

Policy Updates

We may update this Privacy Policy to reflect changes in our services, applicable laws, or data protection practices. Material changes will be communicated via email notification to active clients and by updating the "Last Updated" date on this page. We encourage you to review this policy periodically.

Continued use of our services following notification of a material change constitutes acceptance of the updated policy.

17

Contact & Grievance Redressal

For any privacy-related questions, data subject rights requests, or grievances, please contact our Data Protection Officer:

Data Protection OfficerAniruddha Basu Choudhari
DPO Emaildpo@youthpulsedigital.com
General Supportsupport@youthpulsedigital.com
Legal Matterslegal@youthpulsedigital.com
Response TimeAcknowledgement within 72 hours · Resolution within 30 working days

If you are unsatisfied with our response to a data protection grievance, you may escalate to:

  • UAE: The UAE Data Office (uaedataoffice.gov.ae) established under the UAE PDPL 2021
  • India: The Data Protection Board of India, established under the DPDP Act 2023

Registered Address

YPD Technology Services FZCO
A1, IFZA Business Park, Dubai Digital Park
Dubai Silicon Oasis, Dubai, UAE
Phone: +971 55 747 0097

This Privacy Policy is governed by the laws of the United Arab Emirates as primary jurisdiction. By using our services, you acknowledge that you have read and understood this policy.

Ask me anything