1. Overview
acSys Technologies LLC ("acSys", "we", "us" or "our") is committed to protecting the personal data of everyone who interacts with our software products, website and services. This Privacy Policy explains what personal data we collect, why we collect it, how it is processed, and the rights you have under the UAE Personal Data Protection Law (PDPL) and, where applicable, the General Data Protection Regulation (GDPR).
This policy applies to: www.acsysit.com, acSys ERP, acSys CRM, acSys HRMS, acSys HMS and all associated mobile applications.
2. Data We Collect
Contact & Identity Data
Full name, job title, company name, business email, phone β collected on demo requests, contact forms and newsletter sign-ups.
Technical & Usage Data
IP address, browser type, device identifiers, pages visited, session duration β collected via cookies and server logs to improve performance.
Software Product Data
Data entered into acSys ERP, CRM, HRMS or HMS by your organisation β processed on your behalf as data processor under a Data Processing Agreement.
Communication Data
Records of emails, support tickets and chat sessions maintained for service continuity and quality assurance.
3. Legal Basis for Processing
- βContractual necessity β processing required to deliver the contracted software or service
- βLegitimate interests β website analytics, security monitoring and product improvement
- βConsent β marketing emails, newsletters and optional analytics cookies (withdrawable any time)
- βLegal obligation β financial records, VAT data and employee records as required by UAE law
4. Data Sharing
We do not sell personal data. We share data only where necessary:
- βInfrastructure providers β UAE/GCC hosting, backup and CDN under strict data processing agreements
- βGoogle Analytics 4 β anonymised website usage analysis (IP anonymisation enabled)
- βLegal authorities β when required by UAE law or court order
5. Data Retention
Typical retention periods: CRM enquiries β 3 years; active client data β contract duration plus 5 years; financial records β 5 years (UAE FTA requirement); website analytics β 14 months; support communications β 2 years. Data is securely deleted or anonymised upon expiry.
6. Your Rights
Access
Request a copy of data we hold
Rectification
Correct inaccurate data
Erasure
Request deletion where no legal basis exists
Portability
Receive data in machine-readable format
Objection
Object to legitimate-interest processing
Withdraw Consent
Withdraw marketing consent at any time
Submit requests to dpo@acsysit.com. Responses within 30 days per UAE PDPL.
7. Security
acSys employs AES-256 encryption at rest, TLS 1.3 in transit, RBAC, MFA, annual penetration testing, 24/7 threat monitoring and ISO-aligned incident response. On-premise deployments are subject to identical security standards.
8. Contact & DPO
Data Protection Officer
acSys Technologies LLC Β· #904 Dubai Pearl Building, Deira, Dubai, UAE
dpo@acsysit.com Β· +971 56 10 11 915
acSys Technologies LLC · #904, Dubai Pearl Building, Deira, Dubai, UAE · dpo@acsysit.com