PAIR User Agreement & Privacy Policy
For PAIR RESTAURANTS MANAGEMENT L.L.C.
Effective Date: May 28, 2025
This Privacy Policy explains how PAIR RESTAURANTS MANAGEMENT L.L.C. ("we," "our," "us," or the "Company") collects, uses, discloses, and protects your personal information when you visit our website, make a reservation, or use our services. We are committed to protecting your privacy in accordance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE DP Law).
1. Who We Are (Data Controller)
- Legal Entity: PAIR RESTAURANTS MANAGEMENT L.L.C.
- Trade License No.: 1164342 (issued by the Dubai Department of Economic Development)
- Registered Address: Dubai, Jumeirah Emirates Towers Hotel, G floor, Dubai, United Arab Emirates
- Contact Email for Privacy Matters: info@pairstores.com (please mention "Attn: DPO" in the subject line)
- Phone: +(971) 58 694 42 82
We are a mainland company operating in Dubai and are subject to the UAE DP Law.
2. What Personal Data We Collect and Why
We only collect data that is necessary to provide you with high-quality service. Depending on how you interact with us, we may process the following categories of personal data:
| Category of Data Subject | Types of Data Processed | Purpose of Processing | Legal Basis (UAE DP Law) |
|---|---|---|---|
| Guests | Name, phone number (UAE format), email address, date of birth, dining preferences, seating requests, special occasion notes. | Managing reservations, personalizing your experience, handling special requests. | Contractual Necessity (Art. 6.1(b)) |
| Loyalty Program Members (Loona) | Order history, accumulated points, redeemed rewards, favorite dishes, beverage preferences. | Administering the loyalty program, calculating rewards, sending personalized offers. | Explicit Consent (Art. 6.1(a)) |
| Visitors (CCTV) | Video footage, audio (in designated areas), timestamps. | Ensuring safety of guests and staff, preventing theft, investigating incidents. | Legitimate Interest (Art. 6.1(f)) |
| Payment Data | Transaction amount, date/time, last 4 digits of payment card, payment method (cash/card). We do NOT store full card numbers. | Financial reconciliation, VAT compliance (Federal Tax Authority), fraud prevention. | Legal Obligation (Art. 6.1(c)) |
| Inquirers / Website Visitors | IP address, browser type, cookies, pages visited, clickstream data, device information. | Website analytics, security monitoring, improving user experience. | Legitimate Interest (Art. 6.1(f)) / Consent (for cookies) |
| Communication (via Call/WhatsApp) | Phone number, message history, call logs. | Confirming reservations, responding to inquiries, customer support. | Contractual Necessity / Consent |
3. How We Use Your Data (Detailed)
3.1. Guest Data (Reservations & CRM)
We use your name and contact details to confirm bookings and send updates. Your preferences (e.g., favorite table or dietary restrictions) help us tailor your dining experience. For marketing communications (promotions, events), we will only contact you if you have explicitly opted in.
3.2. CCTV Monitoring
For your safety and the security of our property, CCTV is in operation at all our locations, including entrances, dining areas, and exits. Signage is displayed at all entry points. Recordings are typically retained for 30 days unless required for an investigation.
3.3. Loyalty Program (Loona)
If you join our loyalty program, we track your visits and spending to offer you relevant rewards. You can withdraw your consent at any time by contacting us.
3.4. Marketing Automation & Customer Data Platform (Mindbox)
We use Mindbox as our marketing automation and customer data platform to:
- Unify your data from various sources (website, reservations, loyalty program, order history) into a single customer profile.
- Segment audiences for targeted marketing campaigns.
- Send personalized emails, SMS, and push notifications (based on your consent).
- Analyze customer behavior to improve our services and offerings.
- Predict preferences and recommend dishes or events you might enjoy.
Mindbox processes your data on our behalf under a strict Data Processing Agreement (DPA) and in compliance with UAE DP Law.
4. Tracking Technologies (Cookies, Pixels & SDKs)
We use various tracking technologies to understand how you interact with our website and marketing materials. This helps us improve your experience and measure the effectiveness of our campaigns.
4.1. Types of Tracking Technologies We Use
| Technology | Purpose | Examples |
|---|---|---|
| Essential Cookies | Required for website functionality. | Session cookies, security tokens. |
| Analytics Cookies | Understand how visitors use our site (pages visited, time on site, bounce rate). | Google Analytics, Mindbox analytics. |
| Marketing/Advertising Pixels | Track conversions from our ads, build audiences for retargeting. | Meta Pixel (Facebook/Instagram), Google Ads. |
| SDKs (Software Development Kits) | Mobile app tracking (if applicable). | Mindbox SDK, Meta SDK. |
| UTM Tags | Track the effectiveness of specific marketing campaigns. | Campaign parameters in URLs. |
| Clickstream Data | Record user journeys on our website. | Pages viewed, buttons clicked, navigation path. |
4.2. Cross-Device Tracking
We may use tracking technologies to recognize you across different devices (e.g., smartphone, tablet, laptop) to provide a seamless experience and ensure you receive relevant communications. This is done through hashed identifiers and is always subject to your consent where required.
4.3. How to Control Tracking
- Browser Settings: You can block or delete cookies through your browser settings.
- Opt-Out Links: Our marketing emails contain an "unsubscribe" link. You can also opt-out of targeted advertising via your account settings.
- Platform Controls: You can adjust your ad preferences directly on platforms like Facebook and Google.
5. Sharing Your Data (Third Parties & Processors)
To operate effectively, we work with trusted service providers who process data on our behalf. They are contractually bound to protect your data and comply with UAE law.
| System / Service | Purpose | Data Location | Safeguards |
|---|---|---|---|
| Servme | Online reservation system. | UAE | On-premise servers, strict NDA. |
| AmoCRM | Customer relationship management. | Russia/EU | Data encryption, Standard Contractual Clauses. |
| Mindbox | Marketing automation, CDP, analytics, personalization. | Russia/EU | Data Processing Agreement (DPA), encryption, data minimization. |
| Loona | Loyalty program management. | UAE / USA | Data Processing Agreement (DPA) in place. |
| Wazzup (WhatsApp) | Guest communication. | UAE / USA | End-to-end encryption. |
| 1C & POS | Sales and transaction records. | UAE | Role-based access, AES-256 encryption. |
| Meta Ads | Marketing analytics and advertising. | USA | Limited Data Use (LDU) mode enabled. |
| Google Analytics | Website analytics. | USA | IP anonymization, data retention controls. |
We do not sell your personal data to third parties.
6. Data Retention Periods
We keep your data only as long as necessary for the purposes described above, or as required by UAE law.
| Data Type | Retention Period | Reason |
|---|---|---|
| Guest CRM Data | 3 years after last interaction. | Marketing analysis and re-engagement. |
| Loyalty Program Data | Until account closure + 3 years. | Program administration. |
| Mindbox Profiles | 3 years after last interaction. | Marketing automation and personalization. |
| CCTV Footage | 30 days. | Security and incident investigation. |
| Financial Records | 5 years. | UAE Tax Law (VAT) requirements. |
| Employee Records | 7 years post-termination. | UAE Labor Law compliance. |
| Tracking Data (Cookies, Pixels) | 13 months (typical) or as per consent duration. | Analytics and campaign measurement. |
After the retention period, your data is securely deleted or anonymized.
7. Your Rights (Data Subject Rights)
Under the UAE DP Law, you have the following rights regarding your personal data:
- Right to Access: You can request a copy of the personal data we hold about you.
- Right to Rectification: You can ask us to correct inaccurate or incomplete data.
- Right to Erasure (Deletion): You can request the deletion of your data where it is no longer needed.
- Right to Withdraw Consent: If you previously agreed to marketing or tracking, you can opt-out at any time.
- Right to Object: You can object to processing based on legitimate interest (e.g., CCTV, analytics).
- Right to Restrict Processing: You can ask us to temporarily stop processing your data.
- Right to Data Portability: You can request your data in a structured, machine-readable format.
How to Exercise Your Rights:
Please send your request to info@pairstores.com with the subject line "Data Subject Request". We will respond within 14 business days as mandated by law. We may need to verify your identity before processing your request.
For Tracking-Specific Requests:
- To opt-out of cookies: Adjust your browser settings.
- To opt-out of targeted ads: Use platform controls (e.g., Facebook Ad Preferences).
- To clear your Mindbox profile data: Contact us directly.
8. Security Measures
We take data security seriously and implement robust measures to protect your information, including:
- Encryption: TLS 1.3 for data in transit (website), AES-256 for data at rest (servers).
- Access Control: Role-based access, two-factor authentication (2FA) for critical systems (including Mindbox dashboard), and biometric security for server rooms.
- Monitoring: 24/7 security monitoring, regular penetration testing, and vulnerability assessments.
- Data Minimization: We only collect what we need and pseudonymize data where possible.
9. Cookies and Tracking (Detailed)
When you visit our website, you will see a cookie consent banner that allows you to:
- Accept all cookies.
- Reject non-essential cookies.
- Customize your preferences (analytics, marketing, functional).
Categories of Cookies We Use:
- Strictly Necessary Cookies: These are essential for the website to function and cannot be switched off.
- Performance/Analytics Cookies: These allow us to count visits and traffic sources (e.g., Google Analytics, Mindbox analytics).
- Functional Cookies: These enable enhanced functionality and personalization (e.g., remembering your language preferences).
- Targeting/Marketing Cookies: These are set by our advertising partners (Meta, Google) to build a profile of your interests and show you relevant ads on other sites.
You can change your cookie preferences at any time by clicking the "Cookie Settings" link in the website footer.
10. International Data Transfers
Some of our service providers (like AmoCRM, Mindbox, and Meta) may process data outside the UAE. We ensure such transfers are protected by appropriate safeguards, such as:
- Standard Contractual Clauses (SCCs) approved by relevant authorities.
- Binding Corporate Rules (where applicable).
- Data Processing Agreements (DPAs) that include specific data transfer provisions.
- Adequacy Decisions (if the destination country is recognized as having adequate data protection laws).
11. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact us:
- Email: info@pairstores.com
- Phone: +(971) 58 694 42 82
- Address: Dubai, Jumeirah Emirates Towers Hotel, G floor, Dubai, UAE
- Working Hours: 11 AM to 1 AM (Monday to Sunday)
Data Protection Officer (DPO):
In accordance with Article 14 of the UAE DP Law, you may direct any privacy-related inquiries to our designated representative via the email above.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be posted on this page with the "Effective Date" revised. We encourage you to review this page periodically.
For significant changes, we may notify you via email or a prominent notice on our website.
