Privacy Policy

Dune Software Ltd ("Dune Software", "we", "our", or "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website or engage our services. Please read it carefully.

1. Who We Are

Dune Software Ltd is the data controller responsible for your personal data. Our registered address is in New York, and we operate offices in London, Dubai, and Singapore. For data protection queries, contact us at ideas@dunesoftware.com.

2. Data We Collect

We collect the following categories of personal data:

• Identity Data: name, job title, company name
• Contact Data: email address, phone number, mailing address
• Technical Data: IP address, browser type and version, time zone, operating system
• Usage Data: pages visited, clicks, session duration, referral source
• Communications Data: messages you send us via forms, email, or other channels
• Marketing Preferences: your preferences for receiving marketing from us

3. How We Collect Your Data

We collect data through:

• Direct interactions — forms, emails, telephone conversations
• Automated technologies — cookies, server logs, analytics tools
• Third parties — publicly available sources, marketing partners, analytics providers

4. How We Use Your Data

We use your data for the following purposes:

• To respond to enquiries and provide our services
• To manage our relationship with you, including sending service notifications
• To send marketing communications (where you have consented or we have a legitimate interest)
• To improve our website, products, and services
• To comply with legal obligations
• To detect and prevent fraud or abuse

5. Legal Basis for Processing

We process your data on one or more of the following legal grounds:

• Consent — where you have given explicit consent
• Contract — where processing is necessary to perform a contract with you
• Legal obligation — where we must comply with a legal requirement
• Legitimate interests — where we have a legitimate business reason that does not override your rights

6. Cookies

Our website uses cookies to distinguish you from other users and to improve your experience. We use strictly necessary cookies (required for core functionality), analytical cookies (to understand website usage), and marketing cookies (to deliver relevant advertising). You may manage your cookie preferences via your browser settings or our cookie consent tool.

7. Data Sharing

We do not sell your personal data. We may share data with:

• Service providers acting as data processors (e.g., hosting, analytics, email)
• Professional advisers (lawyers, accountants) under confidentiality obligations
• Regulatory authorities when required by law
• Successor entities in the event of a merger or acquisition

8. International Transfers

We operate globally and may transfer your data outside your jurisdiction. For transfers from the EEA/UK, we use appropriate safeguards including Standard Contractual Clauses approved by the European Commission. For transfers involving Singapore or UAE-based data, we comply with the relevant national frameworks including PDPA (Singapore) and the UAE Federal Data Protection Law.

9. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Client data is typically retained for seven years after the end of an engagement. Marketing data is reviewed annually and deleted when no longer relevant.

10. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access — request a copy of your personal data
• Rectification — request correction of inaccurate data
• Erasure — request deletion of your data ("right to be forgotten")
• Restriction — request restriction of processing
• Portability — request transfer of your data in a machine-readable format
• Objection — object to processing based on legitimate interests
• Withdrawal of consent — withdraw consent at any time without affecting prior lawful processing

To exercise any right, contact us at ideas@dunesoftware.com. We will respond within 30 days.

11. Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or alteration. These include encryption at rest and in transit, access controls, regular security assessments, and staff training. However, no internet transmission is 100% secure, and we cannot guarantee absolute security.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices and encourage you to review their policies independently.

13. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected such data inadvertently, please contact us immediately.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on our website. The "Last updated" date at the top of this page reflects the most recent revision.

15. Contact Us

For any privacy-related queries or to exercise your rights:
Dune Software Ltd
Email: ideas@dunesoftware.com
Offices: New York · London · Dubai · Singapore