Not Sign in yet?

Privacy Policy

1. INTRODUCTION

Redington Gulf FZE, a company incorporated in the United Arab Emirates (“Redington”, “We”, “Us”, “Our”), is committed to protecting the privacy and security of personal data processed through the CloudQuarks platform and associated digital services.

For the purposes of applicable data protection laws, including the UAE Personal Data Protection Law (PDPL) and, where applicable, the General Data Protection Regulation (GDPR), Redington acts as:

  • Data Controller for account, login, security and administrative data;
  • Data Processor for transactional metadata processed on behalf of Vendors/Resellers/Customer
  • Independent Controller for fraud monitoring, compliance, and platform security logs.

This Privacy Policy explains how we collect, use, process, disclose, transfer, store, and protect your personal data when you interact with CloudQuarks or other Redington digital services.

By accessing or using CloudQuarks, you acknowledge that you have read and understood this Privacy Policy any applicable Territorial Addendum governing your jurisdiction.

2. Definitions

For the purposes of this Privacy Policy:

Personal Data means any information relating to an identified or identifiable natural person.

Special Category / Sensitive Personal Data refers to data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health data, or sexual orientation.

Data Subject means an individual whose personal data is processed.

Data Controller means the entity determining the purposes and means of processing personal data.

Data Processor means an entity processing personal data on behalf of the Data Controller.

Processing means any operation performed on personal data including collection, storage, use, disclosure, or deletion.

CloudQuarks Platform means Redington’s digital marketplace and associated portals used by users, companies, partners, vendors, and customers to access, procure, manage, and administer products and services.

3. CATEGORIES OF PERSONAL DATA WE COLLECT

To comply with UAE PDPL, GDPR (where applicable), and other relevant data protection laws, the processing of personal data collected through the Platform is carried out on the following lawful bases:

  • Account creation and user authentication for Contractual necessity
  • Platform usage logs, audit trails, access records for Legitimate interest (security, fraud prevention, platform integrity) 
  • Transactional metadata (order and provisioning data) for Processor role, processed strictly under the instructions of the ISV or Reseller
  • Billing, invoicing, compliance records for Legal obligation
  • Marketing and promotional communications for Consent (where required and subject to withdrawal)

Redington acts as Data Controller only for account, login, administrative and security data, and as Data Processor for transactional metadata handled on behalf of Vendors, ISVs or Resellers.

3.1 Personal Identification Data

We may collect:

  • Full name
  • Email address
  • Contact number
  • Address
  • Designation / Job Title
  • Company affiliation

3.2 Account and Platform Data

When you use CloudQuarks, we may collect:

  • Account credentials (securely stored password hashes)
  • Multi-factor authentication status
  • Role-based access permissions
  • Login timestamps and activity logs
  • Transaction and order metadata
  • Subscription and license management records
  • Support tickets and communications
  • Audit trail records
  • Security logs

3.3 Usage and Technical Data

We automatically collect:

  • IP address
  • Browser type and version
  • Device identifiers
  • Operating system
  • Pages visited
  • Session duration
  • Diagnostic and performance data

3.4 Mobile Data

If accessed via mobile device, we may collect:

  • Device type
  • Unique device ID
  • Operating system
  • App crash logs
  • Usage analytics

4. CHILDREN

CloudQuarks is intended for business use and is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that such data has been collected without authorization, we will take appropriate steps to delete it

5. SENSITIVE PERSONAL DATA

We do not intentionally collect or process special category or sensitive personal data unless:

Required by law,

Necessary for legitimate business purposes, or

Explicitly provided with appropriate safeguards in place.

Users should avoid submitting unnecessary sensitive personal data through the Platform.

6. LAWFUL BASIS FOR PROCESSING

Processing is carried out under clearly identified legal bases, mapped in Section 3. Redington will only process Customer/End User data as Processor unless acting as independent Controller for security/fraud prevention

7. HOW WE USE PERSONAL DATA

We use personal data to:

  • Provide and maintain CloudQuarks services
  • Manage user accounts and role-based access
  • Fulfil contractual obligations
  • Process orders and manage subscriptions
  • Communicate service updates
  • Provide customer support
  • Detect and prevent fraud
  • Ensure regulatory compliance
  • Maintain audit logs
  • Improve platform functionality
  • Send marketing communications (subject to consent)

8. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies to:

  • Ensure proper functioning of our platform
  • Remember user preferences
  • Analyze usage patterns
  • Improve performance
  • Enhance security
  • Deliver marketing content (where permitted by law)

Types of Cookies

Essential Cookies

Performance & Analytics Cookies

Functionality Cookies

Targeting/Advertising Cookies

Where required by law, we obtain explicit consent before placing non-essential cookies

You may control cookie settings through your browser or our cookie management tool.

Non essential cookies will only be deployed after explicit consent via our cookie banner. Users may withdraw consent at any time

9. DISCLOSURE OF PERSONAL DATA

We may share personal data with:

  • Service providers and processors
  • Cloud hosting and infrastructure providers
  • Affiliates within the Redington Group
  • Business partners (where legally permitted)
  • Regulatory or legal authorities
  • In connection with mergers or business transfers
  • All third parties are contractually required to protect personal data.

10. CROSS-BORDER TRANSFERS

Your personal data may be transferred to and processed in:

  • The United Arab Emirates
  • Other Middle East and Africa (MEA) jurisdictions
  • The European Union
  • Other countries where Redington or its service providers operate

Where required, we implement safeguards including:

  • Standard Contractual Clauses (SCCs)
  • Data Processing Agreements (DPAs)
  • Transfer Impact Assessments
  • Contractual confidentiality obligations

Cross-border transfers will only occur using approved mechanisms, such as:

  • UAE PDPL adequacy list
  • SCCs (EU model clauses)
  • Local regulatory approvals (e.g., KSA PDPL )

A Transfer Impact Assessment (TIA) will be performed where required

11. DATA RETENTION

We retain personal data only for as long as necessary to:

  • Fulfil contractual and legal obligations
  • Resolve disputes
  • Enforce agreements
  • Meet regulatory requirements
  • Maintain audit records
  • Once no longer required, data will be securely deleted, anonymized, or pseudonymized.

12. DATA SECURITY

We implement appropriate technical and organizational safeguards including:

  • Encryption (SSL/TLS)
  • Access controls
  • Firewalls and intrusion detection systems
  • Security monitoring and logging
  • Periodic security assessments
  • Confidentiality obligations for personnel
  • Users are responsible for maintaining secure account credentials.

Redington maintains reasonable and industry-standard technical and organisational measures appropriate to the nature and purpose of processing

13. DATA BREACH MANAGEMENT

In the event of a data breach:

  • We will investigate promptly
  • Notify supervisory authorities where required
  • Inform affected individuals if there is high risk
  • Implement corrective measures

14. YOUR RIGHTS

Subject to applicable law, you have the right to:

  • Access your personal data
  • Request rectification
  • Request erasure
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent
  • Object to automated decision-making
  • Lodge complaints with relevant authorities

Data subject rights may vary depending on the laws of the Territory in which the individual is located. For example:

  • UAE (PDPL): rights of access, correction, deletion, and restriction 
  • EU (GDPR): rights of objection, portability, automated decision-making review 
  • India (DPDP): rights of access, correction, and grievance redressal 

Redington will honour applicable rights in accordance with the relevant privacy laws and will respond to requests within legally prescribed timelines

Requests may be sent to:

DPO.MEA@redingtongroup.com

We will respond within legally prescribed timelines.

15. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time.

The “Last Updated” date will reflect revisions. Continued use of the Platform after updates constitutes acknowledgment of changes.

16. CONTACT DETAILS

Grievance Officer / Data Protection Officer

Prasanth P

Email: DPO.MEA@redingtongroup.com

Mobile: +971 56 216 7232

Plot S30902
PO Box 17266
Jebel Ali Free Zone
Dubai, UAE

©2026 Redington Group | All Rights Reserved.