Effective Date: 25 January 2025
Entity: Nuvra Limited (Masdar City Free Zone, Abu Dhabi, UAE)
Contact: hey@nuvra.agency
1.1 This Privacy Policy (“Policy”) sets out the principles governing the collection, processing, retention, transfer, disclosure, and protection of Personal Data by Nuvra Limited (“Nuvra”, “Nuvra Tech”, “Company”, “we”, “us”, “our”) in accordance with:
1.2 This Policy applies to all Users of the Vibe Coding Platform (“Platform”), including registered Users, subscribers, website visitors, and API consumers.
1.3 By accessing or using the Platform, the User expressly acknowledges and consents to the practices described herein.
For purposes of this Policy:
2.1 “Personal Data” means any data relating to an identified or identifiable natural person, as defined under the UAE PDPL.
2.2 “Processing” means any operation performed on Personal Data, including collection, storage, use, retrieval, disclosure, transfer, or deletion.
2.3 “Controller” means Nuvra Limited, which determines the purpose and means of processing Personal Data.
2.4 “Processor” means any third party engaged by the Company to process Personal Data on its behalf.
2.5 “User Data” means Personal Data collected from or relating to Users of the Platform.
2.6 “AI Output Data” means machine-generated content or results produced by the Platform in response to User inputs.
We process Personal Data under one or more of the lawful bases permitted by the PDPL, including:
3.1 Consent freely given and informed by the User.
3.2 Contractual necessity to provide Services under the Terms of Service.
3.3 Legitimate interests of the Company, provided they do not override User rights.
3.4 Compliance with legal obligations under UAE Law.
3.5 Protection of public interest where applicable.
Where consent is required, Users may withdraw consent at any time without affecting prior lawful processing.
We may collect the following categories of Personal Data:
4.1 Identity and Account Data
4.2 Subscription and Billing Data
4.3 Usage and Technical Data
4.4 User-Generated Inputs
4.5 AI Outputs
4.6 Communications Data
4.7 Cookies and Tracking Data
(See the Cookies Policy for full details.)
Personal Data is processed for the following purposes:
5.1 Provision of Services
To authenticate users, allocate subscription resources, process requests, and deliver technical functionality.
5.2 Administration and Operations
To manage accounts, subscriptions, billing cycles, and user activity.
5.3 Security and Fraud Prevention
To detect unauthorized activity, enforce access controls, and prevent cybercrime as required by UAE Law.
5.4 Platform Improvement and Analytics
To monitor usage trends, enhance system performance, and develop new features.
5.5 Customer Support
To respond to inquiries, troubleshoot issues, and provide technical assistance.
5.6 Legal and Regulatory Compliance
To comply with the PDPL, Cybercrime Law, tax requirements, and other statutory obligations.
5.7 AI Model Enhancement (Optional, with User Consent)
We may process anonymized and aggregated data for internal model improvement.
We do not use identifiable Personal Data for AI model training without explicit consent.
We may disclose Personal Data to the following parties:
6.1 Third-Party Processors
Including but not limited to:
All Processors operate under written agreements compliant with PDPL Article 20.
6.2 Legal and Regulatory Authorities
Where disclosure is required under UAE Law, including for:
6.3 Affiliates and Group Companies
For operational support and service delivery, provided such entities comply with this Policy.
6.4 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets, Personal Data may be transferred subject to equivalent protections.
We do not sell Personal Data under any circumstances.
7.1 Personal Data may be transferred to countries outside the UAE where necessary for service provision.
7.2 All transfers shall comply with PDPL Articles 22–24, using one of the following mechanisms:
7.3 Users acknowledge that data stored on foreign servers may be subject to the laws of the host jurisdiction.
8.1 We retain Personal Data only for the minimum period necessary to fulfill the purposes outlined in this Policy or as required by UAE Law.
8.2 Retention periods include:
Identity, Account, and Subscription Data: Retained for the duration of the User’s account and for 7 years thereafter for legal and tax compliance.
Usage Data: Retained for up to 24 months for security and analytics.
User Inputs and AI Outputs: Retained in association with the User account until deleted by the User or until account deletion.
Backups and Logs: Retained for 90 to 180 days, depending on system requirements.
Users have the following rights, subject to lawful exceptions:
9.1 Right to Access
To obtain confirmation of processing and access a copy of Personal Data.
9.2 Right to Correction
To request correction or updating of inaccurate or incomplete data.
9.3 Right to Deletion
To request deletion of Personal Data where:
9.4 Right to Restrict Processing
To request suspension of data processing.
9.5 Right to Data Portability
To receive Personal Data in a machine-readable format.
9.6 Right to Object
To object to processing based on legitimate interests.
9.7 Right Not to Be Subject to Automated Decisions
Where such decisions have legal or materially significant effects.
Submitting Requests:
Requests shall be directed to: privacy@nuvra.agency
We will respond within the timelines mandated under PDPL.
We employ administrative, technical, and organizational safeguards consistent with UAE PDPL, including:
10.1 Encryption of data at rest and in transit
10.2 Access controls and role-based permissions
10.3 Secure data centers and cloud environments
10.4 Multi-factor authentication (for administrators)
10.5 Continuous monitoring and intrusion detection
10.6 Regular penetration testing
10.7 Incident response and breach reporting procedures
11.1 In the event of any Personal Data breach that may pose a risk to Users, Nuvra Tech shall notify:
in accordance with PDPL Articles 9 and 10.
11.2 Notifications will include the nature of the breach, likely consequences, and remedial measures taken.
12.1 The Platform is not intended for individuals under the age of 18.
12.2 We do not knowingly collect Personal Data from minors. Any such data, if detected, shall be deleted promptly.
This Policy is governed by:
Nuvra Tech reserves the right to amend this Policy at any time to reflect legal, operational, or technological changes.
Updates will be posted on the Platform with a revised Effective Date.
Continued use of the Platform constitutes acceptance of the updated Policy.
For questions, requests, or concerns relating to this Policy, Users may contact:
Nuvra Limited
Masdar City Free Zone
Abu Dhabi, United Arab Emirates
Nuvra is a software creation ecosystem combining AI-Powered self-serve building with expert-led development.
Built for MENAT. Ready for Global Scale.
Products
Solutions & Resources
Copyright 2026 Nuvra Limited
Nuvra is a software creation ecosystem combining AI-Powered self-serve b uilding with expert-led development.
Built for MENAT. Ready for Global Scale.
Products
Solutions & Resources
Company
Contact
Trust Center
