Privacy Policy

Last updated: 3 June 2026

1. Who we are

Formenzo (“we”, “us”) helps founders compare UAE free zones and set up their company. The data controller is Formenzo (FZE), licence/approval no. 20232, registered at Sharjah Research, Technology and Innovation Park (SRTI Park), Block C-C01-110, Sharjah, UAE. For any privacy question, contact us at [email protected], call +971 58 829 3781, or WhatsApp +971 58 829 3781. Our office: 258 Central Plaza, Dubai Investment Park, Dubai, UAE.

2. What we collect

• You give us: name, email, WhatsApp/phone, the free zone and package you choose, and messages you send us.
• When you proceed to setup (KYC): identity and company documents — passport copy, photo, proof of address, visa/Emirates ID where relevant, and proposed trade names. These are sensitive; we only collect them when you start a formation.
• Automatically: basic technical data (device/browser, IP) and, where you consent, analytics. We do not place advertising trackers.

3. Why we use it (legal basis)

• To show you accurate pricing and prepare your quote — your request / pre-contract steps.
• To file your company application with the relevant free-zone authority — performance of our service contract.
• To message you about your application — legitimate interest and, for marketing, your consent. We never cold-call.
• To meet legal, KYC/AML and record-keeping obligations.

4. Who we share it with

Only as needed to deliver the service: the relevant free-zone authority and government systems; our infrastructure processors (Supabase for database/storage/auth, and our customer-relationship platform for messaging). We do not sell your data or share it for third-party advertising. Processors act on our instructions under data-processing terms.

5. Where it’s stored & for how long

Data is stored on managed cloud infrastructure (Supabase — Tokyo region, Asia Pacific). We keep application and KYC records for as long as needed to provide the service and to meet legal/audit obligations, then delete or anonymise them. You can ask us to delete data we are not legally required to keep.

6. Your rights

Under the UAE Personal Data Protection Law (Federal Decree-Law 45/2021) and, where applicable, the GDPR, you can: access your data; correct it; request deletion; object to or restrict processing; withdraw consent; and request portability. Email [email protected] and we will respond within the statutory period.

7. Security

Access to your data is restricted by row-level security and authentication; documents are held in a private storage bucket accessible only to you and our team. We are moving the site to HTTPS — until then, please avoid sending sensitive documents over the public link and use the secure portal or WhatsApp.

8. Cookies & third parties

We use only what’s needed to run the site (a secure session for the portal, and Google Fonts / a CDN to load the page). We do not use advertising or cross-site tracking cookies.

9. Changes

We may update this policy; the “last updated” date will change. Material changes will be highlighted on this page.