Personiti
Personiti

Privacy Policy

1. INTRODUCTION AND SCOPE 

Personiti FZ-LLC (“Personiti”, “we”, “us”, or “our”) is committed to protecting the privacy and Personal Data of individuals who interact with our digital platform. 

This Privacy Policy describes how we collect, use, store, disclose, and otherwise process Personal Data when you access or use: 

  • our website(s); 
  • our mobile applications; 
  • our provider dashboards and analytics tools; 
  • our communication channels; and 
  • any related products or services
    (collectively, the “Platform”). 

This Privacy Policy applies to: 

  • Travellers and individual users of the Platform; 
  • Experience Providers, accommodation providers, guides, and other businesses using the Platform; 
  • Destination Management Organisations (DMOs) and institutional partners; and 
  • other business partners and contacts. 

This Privacy Policy is intended to comply with applicable data protection laws, including but not limited to: 

  • EU General Data Protection Regulation (GDPR); 
  • UK GDPR; 
  • UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL); and 
  • other applicable international data protection laws. 

Where local law requires additional disclosures, those disclosures apply in addition to this Policy. 

2. DEFINITIONS 

For the purposes of this Privacy Policy: 

  • “Personal Data” means any information relating to an identified or identifiable natural person. 
  • “Traveller Profile” means the psychographic, preference-based, and behavioural profile generated through assessments, interactions, and inferred data. 
  • “Personality & Psychographic Data” means data relating to personality traits, behavioural patterns, motivations, interests, and inferred characteristics (including where aligned with recognised models such as the Big Five). 
  • “Experience Provider” means an independent third party offering tours, activities, or experiences through or via the Platform. 
  • “DMO” means a destination management organisation or similar public or private entity responsible for destination oversight or promotion. 
  • “Processing” has the meaning given to it under GDPR and includes any operation performed on Personal Data. 

3. DATA CONTROLLER AND ROLES 

3.1 Data Controller 

The data controller responsible for processing Personal Data under this Privacy Policy is: 

Personiti FZ-LLC
Dubai Internet City, United Arab Emirates
Email: hello@personiti.com 

3.2 Independent Controllers 

  • Experience Providers are independent data controllers for Personal Data they process in connection with the fulfilment, delivery, safety, or legal compliance of Experiences. 
  • DMOs act as independent data controllers for any Personal Data they collect directly outside the Platform. 

Personiti is not responsible for the privacy practices of independent controllers. Users should review the relevant third party’s privacy policies. 

4. CATEGORIES OF PERSONAL DATA WE COLLECT 

4.1 Personal Data Provided by Travellers 

  • Full name 
  • Email address 
  • Password (hashed and encrypted) 
  • Optional demographic data (e.g. age range, nationality) 
  • Personality assessment responses 
  • Travel motivations, interests, preferences 
  • Messages sent through in-platform communication features 
  • Reviews, ratings, and feedback 

4.2 Personality & Psychographic Data 

We collect and infer Personality & Psychographic Data, including: 

  • responses to onboarding questionnaires; 
  • personality indicators and trait groupings; 
  • behavioural patterns (e.g. interaction history, preferences expressed); 
  • inferred interests and motivations. 

This data is used to generate and continuously refine your Traveller Profile. 

4.3 Usage, Technical, and Device Data 

  • IP address 
  • Device identifiers 
  • Operating system and browser type 
  • App usage logs and interaction timestamps 
  • Crash reports and diagnostic data 

4.4 Location Data 

  • Approximate location (derived from IP address); 
  • Precise GPS location only where you have provided explicit consent. 

You may withdraw location permissions at any time via your device settings. 

4.5 Data from Affiliates and Partners 

Where you interact with third-party affiliates (e.g. booking or referral partners), we may receive: 

  • booking confirmation references; 
  • referral or click-through identifiers; 
  • commission attribution data. 

We do not receive full payment card details from affiliates. 

5. PERSONAL DATA OF PROVIDERS, BUSINESSES, AND PARTNERS 

Where you act as an Experience Provider, DMO, or business partner, we may collect: 

  • business name and registration details; 
  • authorised contact person details; 
  • login credentials; 
  • listing content and metadata; 
  • availability and categorisation data; 
  • analytics and dashboard usage data; 
  • communications with travellers and with Personiti. 

6. PURPOSES OF PROCESSING 

We process Personal Data for the following purposes: 

6.1 Platform Operation and Service Delivery 

  • account creation and management; 
  • personalisation of content and recommendations; 
  • traveller–traveller and traveller–provider matching (where enabled); 
  • booking facilitation and communications; 
  • customer support. 

6.2 AI, Analytics, and Platform Improvement 

  • improving recommendation accuracy; 
  • refining AI models; 
  • product development and testing; 
  • usage analytics and performance optimisation. 

6.3 Destination Intelligence and Insights 

We may generate aggregated and anonymised insights for DMOs and partners, including: 

  • visitor flow trends; 
  • behavioural segmentation; 
  • demand patterns and congestion indicators. 

No directly identifiable Personal Data is shared with DMOs. 

6.4 Marketing and Communications 

  • newsletters and updates; 
  • invitations and product announcements; 
  • promotional communications (where legally permitted). 

6.5 Legal, Security, and Compliance 

  • fraud detection and prevention; 
  • security monitoring; 
  • compliance with legal obligations; 
  • enforcement of terms and protection of rights. 

7. LEGAL BASES FOR PROCESSING 

Where GDPR / UK GDPR applies, we rely on: 

  • Contractual necessity (Art. 6(1)(b)); 
  • Consent (Art. 6(1)(a)); 
  • Legitimate interests (Art. 6(1)(f)), balanced against your rights; 
  • Legal obligations (Art. 6(1)(c)). 

Under UAE PDPL, processing is based on consent, contractual necessity, or other lawful grounds recognised under applicable law. 

8. AUTOMATED DECISION-MAKING AND PROFILING 

Personiti uses automated processing and AI systems to: 

  • generate Traveller Profiles; 
  • personalise recommendations; 
  • suggest matches; 
  • produce aggregated behavioural analytics. 

These processes do not produce legal or similarly significant effects on individuals. 

You may request: 

  • human intervention; 
  • an explanation of processing logic (to the extent legally required); 
  • correction or deletion of your profile. 

9. PAYMENTS 

Personiti operates as a technology platform and marketplace facilitator. 

  • Experience Providers remain responsible for delivering Experiences. 
  • Payments are processed by third-party payment service providers and/or affiliates. 
  • Personiti does not store full payment card information. 

Payment providers process Personal Data in accordance with their own privacy policies. 

10. DATA SHARING AND DISCLOSURE 

We may disclose Personal Data to: 

  • service providers acting as processors (hosting, analytics, communications); 
  • Experience Providers (where necessary to facilitate interactions or bookings); 
  • DMOs (aggregated and anonymised data only); 
  • professional advisers and authorities where required by law. 

We do not sell Personal Data. 

11. INTERNATIONAL DATA TRANSFERS 

Personal Data may be transferred to and processed in jurisdictions outside your country of residence, including the UAE, EU/EEA, UK, and United States. 

Where required, transfers are protected by: 

  • adequacy decisions; 
  • Standard Contractual Clauses; 
  • equivalent legal safeguards. 

12. DATA RETENTION 

We retain Personal Data only for as long as necessary: 

  • account data: while active; 
  • Traveller Profiles: until deletion or 24 months of inactivity; 
  • provider accounts: while active and thereafter as required; 
  • analytics logs: anonymised after 12 months where feasible; 
  • legal records: up to 7 years where required. 

13. DATA SUBJECT RIGHTS 

Where applicable, you have the right to: 

  • access your Personal Data; 
  • rectification; 
  • erasure; 
  • restriction of processing; 
  • objection; 
  • data portability; 
  • withdrawal of consent; 
  • lodge a complaint with a supervisory authority. 

Requests may be made to hello@personiti.com. 

14. SECURITY MEASURES 

We implement appropriate technical and organisational measures, including: 

  • encryption; 
  • access controls; 
  • audit logging; 
  • anomaly detection; 
  • secure development practices. 

15. CHILDREN’S DATA 

The Platform is not intended for individuals under 18.
We do not knowingly process Personal Data of children. 

16. CHANGES TO THIS POLICY 

We may update this Privacy Policy periodically. Material changes will be communicated via the Platform or email. 

17. CONTACT 

Personiti FZ-LLC
in5 Tech, Dubai Internet City
United Arab Emirates
Email: hello@personiti.com 

Copyright © 2026 Personiti - All Rights Reserved.

  • Privacy Policy

Powered by

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept