Last updated: August 12, 2025
This Privacy Policy explains how personal data is collected, used, disclosed, and protected when users visit the website itspuremagic.me and interact with contact forms, analytics, and related features, in accordance with the UAE PDPL and relevant Dubai guidance, taking cues from regional IT/marketing services practices. It applies to visitors, prospects, and business contacts who browse the site, submit inquiries, or otherwise provide personal data through site features or integrated service providers. The company acts as a data controller for site interactions and may engage vetted processors for hosting, analytics, marketing, and communications support consistent with this policy.
The company is a Dubai-based provider of IT and marketing services, offering solutions such as AI integration, business intelligence, cybersecurity, CI/CD, SEO, and custom software, and serves global brands from the UAE. For privacy inquiries or to exercise rights, a dedicated contact email and a data request form should be provided and monitored; under PDPL, a Data Protection Officer may be appointed where processing presents high risk or is large-scale.
Personal data collected includes information provided directly via forms (such as name, business email, phone, company, role, message content) and information collected automatically (such as IP address, device and browser details, pages viewed, referral URLs, approximate location, and identifiers stored via cookies or similar technologies). Where marketing tools are enabled, inferred interest segments and campaign attribution data may also be created to improve relevance of communications. If optional uploads or demo requests are offered, any content provided may be processed solely to fulfil the request and for records consistent with this policy.
Data is sourced from website forms, email or phone outreach initiated by prospects, automatic collection via the website and its cookies/SDKs, and from service providers supporting analytics, CRM, and customer communications that generate or enrich usage metrics. Public business contact information or lead data obtained in a B2B context may be processed in accordance with PDPL principles and transparency requirements.
Data is processed to respond to inquiries, provide requested information, prepare proposals, deliver services, and manage client relationships, relying on contractual necessity or steps prior to entering a contract. Site operation, security, debugging, and fraud prevention rely on legitimate interests to ensure availability and integrity, balanced against user privacy. Analytics, service improvement, and measuring campaign effectiveness rely on legitimate interests, with cookie-based tracking subject to consent where required and configurable via a consent banner. Marketing communications are sent with consent where applicable, and always include an unsubscribe option and an ability to withdraw consent at any time.
The website uses necessary cookies for core functionality and may use analytics and marketing cookies/SDKs to measure traffic, improve content, and tailor outreach; non-essential cookies are deployed after user consent via a cookie banner in line with PDPL transparency and consent practices. A cookie preference center should allow acceptance, rejection, or granular control, and the cookie list should be periodically scanned and updated to reflect current technologies in use.
Personal data may be shared with hosting, security, analytics, CRM, marketing automation, email delivery, and customer support vendors acting under instructions as processors with appropriate contractual safeguards. Where necessary, limited business contact details may be shared with partners to co-deliver solutions requested by a prospect or client, with clear purpose limitation and accountability. Data is not sold, and any third-party advertising use is limited to consented, purpose-bound processing consistent with this policy.
Where data is stored or accessed outside the UAE, transfers occur subject to PDPL requirements, including assessment of destination protections and the use of appropriate safeguards such as contractual clauses and security controls. Processors hosting or accessing data internationally are required to implement measures that ensure confidentiality, integrity, availability, and compliance with PDPL standards.
Personal data is retained only for as long as necessary for the purposes described, including the duration needed to respond to inquiries, maintain records of interactions, perform services, meet legal obligations, and resolve disputes, after which data is securely deleted or anonymized. Retention criteria consider the nature of the data, the context of collection, and statutory requirements applicable in the UAE.
Appropriate technical and organizational measures are implemented to protect personal data, including access controls, encryption in transit and at rest where feasible, network security, monitoring, and vendor due diligence; measures are reviewed and enhanced regularly in line with risk. In case of a personal data breach, notifications to the UAE Data Office and, where warranted, to affected individuals will be made consistent with PDPL requirements and internal incident response procedures.
Under the PDPL, individuals have rights including access, rectification, erasure, restriction, objection to processing, and portability where applicable; mechanisms are provided to submit requests without creating an account, and identification may be required to protect privacy. Where processing is based on consent, it can be withdrawn at any time without affecting prior lawful processing; preferences for cookies and marketing communications can be updated via the banner and unsubscribe links.