Privacy Policy
- Who We Are
Our website address is https://siracctv.ae.
- What Personal Data We Collect and Why
Comments
When visitors leave comments, we collect:
- The information entered in the comments form.
- The visitor’s IP address and browser user agent to help with spam detection.
Additionally, an anonymized hash of your email may be sent to the Gravatar service to verify if you are using it. Gravatar’s privacy policy can be found here. Upon comment approval, your profile picture becomes public with your comment.
Media
If you upload images, avoid embedding location data (EXIF GPS). Visitors can extract location data from images on the website.
Contact Forms
We collect the data you provide in contact forms for customer service purposes. We store this information only as long as necessary to fulfill your request.
Cookies
- Comment Cookies: If you leave a comment, you can opt-in to save your name, email, and website in cookies for convenience. These cookies last for one year.
- Login Cookies: A temporary cookie determines if your browser accepts cookies when visiting the login page. It is deleted when you close your browser.
- Login cookies last two days, and screen options cookies for one year. Selecting “Remember Me” keeps your login active for two weeks. Logging out removes these cookies.
- Publishing Cookies: If you edit or publish content, a cookie storing the article ID will be saved in your browser and expires after one day.
Embedded Content from Other Websites
Our articles may contain embedded content (e.g., videos, images). Embedded content behaves like visiting the original site, meaning these websites may collect your data, use cookies, and track interactions.
- Analytics
We can apply analytics tools to help us understand how visitors engage with our website. This keeps helping us improve the experience of a user, optimize the content we provide, and make sure that the services we offer meet the needs of our users.
Types of data analytics that might be collected include:
• All pages opened for the length of time visitors spend on each page.
• All behavioral patterns of the user, click-through behavior, and scrolling depth, navigation.
• All geographic locations of the user with the type of device they are accessing the site on, either on mobile or on desktop.
• Browser type and OS and source of referral – either Search Engine or social media.
How We Use Analytics Data
•Monitor the performance of the website and detect areas that need changes.
•Personalize content to suit visitors’ preferences.
•Identify and prepare solutions for frequently encountered problems like broken links or error.
•Monitor the effectiveness of marketing campaigns.
Third-Party Analytics Services
We may use third-party service providers, such as Google Analytics, to help us understand how our website is used. These providers use cookies and similar technologies to collect information. Learn more about how Google Analytics processes data in the Google Privacy and Terms. Opting out of analytics collection
If you’d like to opt out of analytics collection entirely, you can:
•Turn off cookies in your browser settings.
•Install a browser add-on, such as the Google Analytics Opt-out Browser Add-on.
Analytics data is anonymized, hence not directly traceable to any individual user. We only keep analytics data as long as it takes to improve our services and serve business purposes.
- Who We Share Your Data With
We respect your privacy and we do not sell or rent your personal information to third parties. We may share information with third parties whom we anticipate might be helpful in further developing or enhancing our operations, in ensuring the security of our website, or in trying to make your experience with us the best it can be.
Third-Party Service Providers
We may share information with the following third-party services:
•Analytics Providers: There’s a collection of anonymous data from analytics, shared to tools like Google Analytics for the examination of traffic and the performance of our website.
• Spam detection services: The activities of visitors who comment on our site are scanned automatically to ensure that we have an activity-free website with malicious content.
•Payment Processors (if applicable): If a purchase is being made, then we make use of secure payment gateway platforms where it becomes possible to retrieve the required billing information.
Legal and Regulative Requirements
We are in a position to share personal data if it complies with a legal requirement or a good faith response to valid legal processes such as a subpoena, court order, or search warrant. This includes sharing the data to comply with court orders, subpoenas, or other valid legal procedures.
• To comply with any law or regulations.
• To protect the rights, property, or safety of our users and website/organization.
Business Transfers
User information will be available in case of any sale, merger, or acquisition. We will first inform the users about the transfer and adopted privacy practices.
- How Long We Retain Your Data
- Comments: Comments and metadata are stored indefinitely to facilitate follow-up interactions.
- Registered Users: For users with accounts, we store personal data in profiles. Users can access, edit, or delete their information anytime, except for their username. Website administrators have the authority to manage this data.
- Your Rights Over Your Data
If you have an account or have left comments, you can:
- Request an Export: Obtain an exported file of the personal data we hold about you.
- Request Erasure: Request the deletion of your data, unless required for legal, administrative, or security reasons.
- Where We Send Your Data
We respect your privacy and will treat your data with good care, but in some instances, we have to share or transfer your data with third parties we trust when we wish to accomplish service delivery efficiently. Below is the main place where your data may be shared:
1. Third-Party Service Providers
We engage third parties to process payments, analytics, shipping, and other technical support. The third parties are contractually obligated to ensure that your data is secure with regulatory requirements.
2. Third-party Cloud Storage and Hosting Providers
Your data could be in the cloud in various geographic locations and other countries besides your home country. Those third-party storage providers operate with some standards to safeguard your information.
3. Obligations to the Legal Requirements
We may disclose your data to respond to legal processes, court orders, and government regulations.
4. Cross Border Data Transfers
If we transfer data to a jurisdiction outside the one where you are, we will ensure adequate and suitable protection measures are available. For example, this may include the adoption of SCCs.
- How We Protect Your Data
We use a combination of various security measures to keep your information safe. It forms part of the process that we ensure your data is protected against access and misuse as well as any unauthorized breach. Some of the measures that we have put in place to protect your data are as follows:.
1. encryption
We ensure that sensitive information is encrypted both when it is at rest and in transit through the use of industry-standard encryption protocols such that your data will be kept secure.
2. Access Control
We only grant access to personal data to authorized persons and minimize exposure via MFA and role-based access control.
3. Security Audits and Testing
We regularly perform security audits, vulnerability assessments, and penetration testing to identify vulnerabilities even before they materialize so that they can be knocked off at the earliest.
4. Firewall and Intrusion Detection System
We have implemented firewalls and intrusion detection as well as prevention systems that continually monitor malicious activities on our systems.
5. Data Anonymization and Minimization
Wherever possible, we anonymize or pseudonymize personal data to protect your privacy, ensuring only the necessary amount of data is collected and stored.
- Data Breach Procedures
We take data breaches seriously and have implemented protocols to detect, respond to, and mitigate the impact of any potential incidents. Below is our process for handling data breaches:
- Detection and Identification
- We use monitoring tools to detect unusual activity or potential breaches.
- Any suspected breach is immediately escalated to our incident response team for investigation.
- Containment and Assessment
- Once a breach is identified, we isolate the affected systems to prevent further unauthorized access.
- We assess the nature and scope of the breach to determine the type of data involved and the potential impact on users.
- Risk Mitigation
- We implement countermeasures to prevent further data leakage and secure exposed information.
- Vulnerabilities are identified and patched to prevent future incidents.
- Notification to Affected Parties
- If personal data has been compromised, we notify affected users promptly.
- Where required by law (such as GDPR or CCPA), we report the breach to relevant regulatory authorities within the stipulated timelines.
- Remediation and Support
- We provide guidance and support to users, including steps they can take to mitigate risks (e.g., changing passwords or monitoring accounts).
- In certain cases, we offer credit monitoring or identity theft protection services.
- Documentation and Reporting
- A complete record of the breach, including actions taken and outcomes, is maintained for legal and compliance purposes.
- We perform a post-incident review to evaluate our response and update security measures accordingly.
- Legal and Regulatory Compliance
- We comply with applicable data breach notification laws, ensuring transparency and cooperation with authorities.
- Automated Decision Making and Profiling
What is Automated Decision Making?
Automated decision-making involves the use of technology to make decisions without human involvement. These decisions are based on predefined rules and algorithms applied to your data.
What is Profiling
Profiling refers to the automated processing of personal data to analyze or predict your preferences, behavior, or other characteristics. This helps us tailor our services to suit your needs.
Your Rights Regarding Automated Decision-Making and Profiling
- Right to Request Human Intervention: If an automated decision significantly affects you, you have the right to request a manual review by one of our staff.
- Right to Object: You can object to the use of your data for profiling, especially for direct marketing purposes.
- Right to Access and Correct Data: You have the right to access the data used in automated decisions and ensure it is accurate.
Safeguards and Transparency
We apply safeguards to ensure fairness, accuracy, and impartiality in automated decisions. These processes are regularly reviewed to maintain compliance with data protection regulations like GDPR.
- Industry Regulatory Disclosure Requirements
We comply with applicable industry regulations and legal obligations to ensure transparency and accountability. Below are the scenarios where we may be required to disclose your data:
- Compliance with Laws and Regulations
We may disclose personal information to regulatory bodies, government agencies, or law enforcement when required by:- national or international laws
- Industry standards or regulatory frameworks (e.g., GDPR, CCPA)
- Legal processes such as subpoenas or court orders
- Audits and Certifications
As part of compliance with certifications (e.g., ISO, PCI-DSS) or government licensing, we may provide necessary information during audits to demonstrate adherence to regulatory requirements. - Law Enforcement Requests
We cooperate with law enforcement agencies by providing relevant data when required for investigations into fraud, cybercrime, or other illegal activities. - Public Safety and Security
In exceptional cases, personal data may be disclosed to protect public safety or prevent potential threats, such as cybersecurity risks or acts of terrorism. - Industry-Specific Reporting Obligations
For sectors with specific reporting requirements (e.g., financial services, healthcare), we comply with industry-specific rules, ensuring that your data is disclosed only to authorized entities. - Breach Notification Compliance
In the event of a data breach involving regulated data, we notify the appropriate regulatory authorities as required by law (e.g., GDPR mandates reporting within 72 hours). - Your Rights and Notifications
If your data is disclosed for regulatory purposes, we will notify you where legally permissible and provide you with relevant information regarding the disclosure.