Privacy Policy

Last updated: August 29, 2025

1. Introduction

AltCtrl provides AI-powered CRM and real estate technology solutions across multiple countries. We comply with global privacy laws, including:

UAE Federal Data Protection Law (PDPL)
Automation tools for lead management, WhatsApp, SMS, and email.
Saudi Arabia Personal Data Protection Law (PDPL, 2023)
Qatar Data Protection Law (Law No. 13 of 2016)
Oman Personal Data Protection Law (2022)
Morocco Law 09-08
Turkey Personal Data Protection Law (KVKK)
Georgia Law on Personal Data Protection
Azerbaijan Law on Personal Data (2010)
Singapore Personal Data Protection Act (PDPA)
Malaysia Personal Data Protection Act (PDPA, 2010)
Thailand Personal Data Protection Act (PDPA, 2022)
Indonesia Personal Data Protection Law (UU PDP, 2022)
European Union GDPR (where applicable)
California CCPA/CPRA (where applicable)

By using AltCtrl services, you consent to this Privacy Policy.

2. Data We Collect

We may collect:

Personal data: names, contact details, identity documents (if required by law).
Business data: agency, developer, property/project information.
Customer data: inquiries, leads, WhatsApp communications.
Technical data: cookies, device info, geolocation (where permitted).
Financial data: billing, transactions (processed via third-party gateways).

In countries with stricter laws (e.g., Singapore PDPA, Saudi PDPL), explicit consent is required before collection.

3. How We Use Data

To deliver CRM and communication services.
To facilitate real estate listings and transactions.
To comply with national laws (e.g., Saudi & UAE require local storage of sensitive data).
To improve AI models and automation (in anonymized form).

In countries with stricter laws (e.g., Singapore PDPA, Saudi PDPL), explicit consent is required before collection.

4. Legal Basis for Processing:

Consent (Singapore, Malaysia, Thailand, Indonesia, Morocco).
Contractual necessity (Saudi Arabia, Turkey, UAE, EU).
Legitimate interest (Georgia, Azerbaijan, EU).
Legal obligation (all listed jurisdictions).

5. Cross-Border Transfers:

Where data is transferred outside the country:

GCC: stored locally if required (Saudi PDPL, UAE PDPL).
EU & EU-aligned: transfers use Standard Contractual Clauses (SCCs).
Asia: follows APEC Cross-Border Privacy Rules where applicable.

7. Data Retention

Customer & lead data: retained only as long as needed for property transactions.
Business data: kept for regulatory compliance (tax, financial audits).
Deletion: users may request deletion; in some countries (Saudi, UAE, Turkey), data must be deleted after purpose ends.

6. User Rights

Depending on country law, users may:

Meta Platforms (WhatsApp, Instagram, Facebook) for API services.
For Saudi users: governed by the Saudi Personal Data Protection Law (PDPL) and applicable Saudi regulations.
International users: governed by the laws of the UAE unless overridden by mandatory local law. Disputes resolved via arbitration under UAE law, unless otherwise required by local jurisdiction.

9. Responsibilities of Agencies & Developers:

Must comply with local consent laws before uploading customer data.
Cannot export or misuse customer data across borders unlawfully.
Remain fully liable under local data protection regulators if misused.

10. Security Measures:

Data may be shared with:

Encryption in transit and storage.
Role-based access control.
Compliance with ISO 27001 standards.
Data localization in countries requiring it (e.g., Saudi Arabia, UAE).

11. International Coverage Disclaimer:

Users acknowledge that laws vary across jurisdictions. AltCtrl aligns operations to the strictest applicable law in each market. In case of conflict between this Privacy Policy and national law, the stricter law prevails.

Contact Us

For questions or legal matters, contact:

Email: support@altctrl.ai