This Privacy Policy sets out how GOAT Technologies collects, processes, discloses, stores and protects personal data, in accordance with Federal Decree-Law No. (45) of 2021 on the Protection of Personal Data of the United Arab Emirates.
Last updated: 24 June 2026
This Privacy Policy (the "Policy") describes how GOAT Technologies (the "Company", "we", "us" or "our") collects and processes personal data through its website (goattechnologies.ae) and in the course of providing its services. The Policy is issued in accordance with Federal Decree-Law No. (45) of 2021 on the Protection of Personal Data (the "PDPL") and its implementing regulations, and should be read together with the Company's Terms & Conditions.
1.1 The Company, established in the Emirate of Dubai, United Arab Emirates, is the controller responsible for determining the purposes and means of processing personal data described in this Policy.
1.2 All enquiries, requests and complaints relating to personal data may be addressed to info@goattechnologies.ae or +971 55 398 1992.
2.1 This Policy applies to the personal data of website visitors, prospective clients, clients and other individuals who interact with the Company.
2.2 The Company processes personal data only where a lawful basis exists under the PDPL, including: the data subject's consent; the necessity of processing for the performance of a contract; compliance with a legal obligation; and the legitimate interests of the Company, provided such interests are not overridden by the rights of the data subject.
2.3 Where processing is based on consent, the data subject may withdraw that consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.
3.1 The Company may collect: (a) identity and contact data provided by the data subject — including name, email address, telephone number, company name, country and project details — when submitting the contact form, booking a call, requesting a quotation, or otherwise corresponding with the Company; (b) transaction and billing data when a payment is made (noting that full payment-card details are processed by the payment provider and are not stored by the Company); and (c) technical and usage data collected automatically — including IP address, device and browser type, pages viewed, referring URL and approximate location — by means of cookies and similar technologies.
4.1 Personal data is processed to: respond to enquiries and prepare quotations; provide, administer and support the Services; process payments and issue invoices; communicate with the data subject regarding engagements and services; operate, secure and improve the website; maintain accounting and business records; and comply with legal, tax and regulatory obligations.
5.1 The Company may send communications necessary to the performance of an engagement. Marketing communications shall be sent only where permitted by law, and the data subject may opt out at any time by using the unsubscribe facility or by contacting info@goattechnologies.ae.
6.1 Card payments are processed by Stripe, a PCI-DSS compliant payment service provider. The Company does not view, handle or store full card numbers or security codes, which are submitted directly to the provider. The Company retains transaction and invoice records (excluding full card data) as required for accounting and legal purposes.
7.1 The Company uses cookies and similar technologies to operate the website, remember preferences and analyse usage in order to improve the website. The data subject may control or disable cookies through browser settings, though certain features may not function correctly as a result. Where required by law, consent shall be sought for non-essential cookies.
8.1 The Company does not sell personal data. Personal data may be disclosed only as necessary to: (a) processors and service providers acting on the Company's documented instructions, including email delivery (Brevo), payment processing (Stripe), website hosting and analytics providers; (b) professional advisers such as accountants and lawyers; and (c) competent authorities or regulators where required by law, or to establish, exercise or defend legal claims.
8.2 The Company requires its processors to implement appropriate safeguards and to process personal data only for the specified purposes, in accordance with Article 8 of the PDPL.
9.1 Certain processors may process personal data outside the United Arab Emirates. Where personal data is transferred internationally, the Company shall ensure that such transfer is carried out in accordance with the conditions for cross-border transfer set out in the PDPL and that appropriate safeguards are in place.
10.1 Personal data shall be retained only for as long as necessary to fulfil the purposes for which it was collected, to maintain the Company's accounting and business records, and to comply with legal and regulatory requirements, after which it shall be securely deleted or anonymised.
11.1 The Company implements appropriate technical and organisational measures designed to protect personal data against loss, destruction, misuse, and unauthorised access, alteration or disclosure, consistent with Article 20 of the PDPL.
11.2 No method of electronic transmission or storage is entirely secure, and while the Company endeavours to protect personal data, it cannot guarantee absolute security.
12.1 Subject to the conditions and exceptions of the PDPL, the data subject has the right to: be informed of, and to access, the personal data processed about them; request the correction or rectification of inaccurate data; request erasure of their data; restrict or object to certain processing; withdraw consent; request the transfer (portability) of their data; and lodge a complaint with the competent authority.
12.2 Requests may be submitted to info@goattechnologies.ae. The Company may take reasonable steps to verify the requester's identity and shall respond within the period prescribed by law.
13.1 The Company's website and Services are directed at businesses and adults. The Company does not knowingly collect personal data from any person under the age of eighteen (18). Where the Company becomes aware that such data has been collected, it shall delete it without undue delay.
14.1 In the event of a personal-data breach that would prejudice the privacy, confidentiality or security of a data subject's data, the Company shall notify the competent authority and affected data subjects where and as required under the PDPL.
15.1 The website may contain links to third-party websites not operated by the Company. This Policy does not apply to such websites, and the Company is not responsible for their data practices. Data subjects are encouraged to review the privacy policies of those websites.
16.1 The Company may amend this Policy from time to time. The version published on this website, bearing the stated date of last update, shall be the version in force.
16.2 Any question, request or complaint concerning personal data may be addressed to info@goattechnologies.ae or +971 55 398 1992.
This document has been drafted to reflect the requirements of applicable United Arab Emirates legislation in force at the date of publication. It is reviewed periodically and may be updated to reflect changes in law or in our business. For advice on a specific situation, independent legal counsel should be obtained.