1. Introduction

Certify-U ("we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information in compliance with the UAE Data Protection Law (PDPL), the UAE Child Digital Safety Law, and other applicable GCC regulations.

2. Data Protection Officer (DPO)

In accordance with UAE Federal Decree-Law No. 45/2021 (PDPL), we have appointed a Data Protection Officer. You may contact our DPO for any privacy-related inquiries at privacy@certify-u.com.

3. Information We Collect

We may collect various types of information from you, including:

• Identity Data: Name, Emirates ID or Passport number (for certification), and nationality.
• Contact Data: Email address and phone number.
• Learner Progress: Course completion, quiz scores, and certificate history.
• Minor's Data: For users under 18, we collect parental/guardian consent and contact details.

4. Child Digital Safety (Users Under 18)

Pursuant to Federal Decree-Law No. 26 of 2025, we implement strict safeguards for minors:

• Parental Consent: Explicit, documented parental consent is required for users under 18 before any data collection.
• Under-13 Ban: We do not collect or process data for children under 13 without verifiable, documented evidence meeting Cabinet-issued exceptions.
• Privacy by Design: Minor accounts have default high-privacy settings and are excluded from all targeted advertising and profiling.

5. Data Residency & Sovereignty

All learner data collected within the UAE is hosted on UAE-based cloud infrastructure (Microsoft Azure UAE North / AWS UAE Region) as required by national data residency regulations. Cross-border transfers are only conducted under binding data transfer agreements ensuring equivalent protection.

6. Your Rights (Learner Data Rights)

Under the PDPL, you have the right to:

• Access and obtain a copy of your personal data.
• Correct or update inaccurate data.
• Delete your data (Right to Erasure) subject to regulatory retention requirements for certifications.
• Restrict or object to processing.

7. Data Security

We implement a variety of security measures to protect your personal information. We use AES-256 encryption at rest and TLS 1.2+ for data in transit. Multi-Factor Authentication (MFA) is mandatory for assessment and certification workflows.

8. Contact Us

If you have any questions or concerns regarding this Privacy Policy, please contact us at info@certify-u.com or visit our office at 2972 Westheimer Rd. Santa Ana, UAE.