Privacy Policy

Updated at November 17th, 2025

Aritmexa Software Services FZCO (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Aritmexa in relation to https://aritmexa.com/.

This Privacy Policy applies to our website, and its associated subdomains (collectively, our “Service”) alongside our application, Aritmexa. By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

(1) Data Controller: Aritmexa Software Services FZCO, a company incorporated under the laws of the United Arab Emirates, with its registered office at Building A1, Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates, holding license number 69978, and reachable at legal@aritmexa.com ("Company", "we", "us", or "our"). The Company operates as the data controller for website - https://aritmexa.com/ and the Ltvibe platform, which provides LTV prediction, retention analytics, and marketing automation services.

(2) Data Subjects: All individuals who interact with our services, including but not limited to:

(a) Users who visit our website at https://aritmexa.com/;

(b) Customers and potential customers who register for or use the Ltvibe platform;

(d) Website visitors who interact with our online content;

(e) Recipients of our marketing communications;

(f) Any other individuals whose personal data we collect in connection with our business operations

(collectively referred to as "you", "your", "User", or "Data Subject").

Definitions
1. Advertising ID means the Apple Identifier for Advertisers (IDFA) on iOS devices or Google Advertising ID (GAID) on Android devices used for advertising purposes.
2. API Level means the Android Application Programming Interface level indicating the version of Android operating system features available to an application.
3. Approximate Location Services means location data that provides general, non-precise geographical information such as country, state, or city level location without pinpoint accuracy.
4. Company, we, us, or our means Aritmexa Software Services FZCO, a company incorporated under the laws of the United Arab Emirates with registered office at Building A1, Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates, license number 69978.
5. Contact Data means personal information provided by users when registering for services, including email addresses, names, surnames, nicknames, passwords, passcodes, and comments.
6. Controller or Data Controller means the Company as the entity that determines the purposes and means of processing personal data.
7. Cookies means small text files stored on a user's device that contain information about website visits and user preferences.
8. Data Breach means any unauthorized access, disclosure, alteration, or destruction of personal data that compromises the security, confidentiality, or integrity of such data.
9. Data Processing or Processing means any operation performed on personal data, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, restriction, erasure, or destruction.
10. Data Subject means any identified or identifiable natural person whose personal data is processed by the Company.
11. Device Information means technical data about user devices including device type, model, operating system version, hardware specifications, connection type, network service provider, and carrier information.
12. Diagnostic Information means technical data including logs, error reports, crash reports, performance metrics, and system events generated during service usage.
13. Firebase ID means the unique identifier generated by Google Firebase services for application analytics and messaging purposes.
14. Identity Data means information used to identify devices, browsers, or applications, including IP addresses, device identifiers, and advertising IDs.
15. Location Data means geographical information about user location, including country, state, city, and approximate location derived from IP addresses or device settings.
16. Ltvibe or Platform means the Software platform developed and operated by the Company that provides predictive analytics, marketing automation, and customer lifecycle management services.
17. Personal Data means any information relating to an identified or identifiable natural person, including but not limited to names, email addresses, device identifiers, location data, and usage patterns.
18. Push Notification Token means the unique identifier used to send push notifications to user devices, including registration tokens for Android and device tokens for iOS.
19. SDK means Software Development Kit, being the tools and services integrated into applications to enable data collection and platform functionality.
20. Services means all software, applications, platforms, websites, and related services provided by the Company, including the Ltvibe platform and associated functionalities.
21. Third Party means any individual or entity other than the Company and the Data Subject, including service providers, analytics companies, advertising partners, and technology vendors.
22. Tracking Technologies means cookies, web beacons, tracking pixels, embedded scripts, location-identifying technologies, fingerprinting, device recognition technologies, in-app tracking methods, and similar technologies used to collect information about user interactions.
23. UAE Data Protection Law means the Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data and any implementing regulations, amendments, or successor legislation.
24. Usage Data means information about how users interact with the Services, including session duration, feature usage, click patterns, application installations, and engagement metrics.
25. User, you, or your means any individual who accesses, uses, or interacts with the Company's Services, websites, or applications.
26. Web Beacons means small graphic images or tracking pixels embedded in web pages or emails that monitor user activity and engagement.
Data Collection Methods
1. We collect personal data through various methods when you use our Services, including direct provision by users, automatic collection through technical means, and information received from third-party sources.
2. Contact Data is collected when you register for our Services and enter into contractual agreements with us, including:
  1. Email address and password or passcode used for account authentication;
  2. Name, surname, or nickname as provided during registration;
  3. Comments, feedback, or other communications you provide to us;
  4. Names and contact details of customer employees and representatives using the Services, including email addresses, phone numbers, and business addresses where voluntarily provided.
3. Device Information is automatically collected to ensure proper functioning of our Services and includes:
  1. Device type, model, and hardware specifications;
  2. Operating system type and version number (e.g., iOS 7.1.3, Android);
  3. Connection type and network information (WiFi, 3G, 4G, 5G);
  4. Network service provider and carrier information;
  5. Device motion parameters and sensor data where applicable;
  6. API level information for Android devices.
4. Identity Data is collected to identify computers, devices, browsers, and services, comprising:
  1. Internet Protocol (IP) address and related network identifiers;
  2. Identifier for Advertisers (IDFA) on iOS devices;
  3. Google Advertising ID or GPS ADID on Android devices;
  4. Firebase ID and other similar unique identifiers;
  5. Device fingerprinting data and browser characteristics.
5. Location Data is collected in non-precise formats only and includes:
  1. Country and state or regional subdivision information;
  2. City-level location data where available;
  3. Two-character country and language codes;
  4. Approximate location through Approximate Location Services (coarse, non-precise location data only).
6. Usage Data encompasses behavioral and interaction information indicating activity patterns across mobile and web platforms:
  1. Session duration data including length of current and previous sessions measured in seconds;
  2. Total number of recorded sessions and frequency of platform usage;
  3. Push notification tokens including registration tokens for Android and device tokens for iOS;
  4. Advertisement interaction data including clicks, impressions, and engagement metrics;
  5. Information about advertisement types and source webpages or applications displaying such advertisements;
  6. Application download and installation data including installation sources and completion rates.
7. Diagnostic Information is collected to maintain service quality and troubleshoot technical issues:
  1. System logs, error reports, and crash data;
  2. Performance metrics and system events;
  3. Technical diagnostic data including error types, frequency, dates, and affected pages or features.
8. Tracking Technologies are deployed to enhance user experience and analyze platform usage patterns:
  1. Cookies, web beacons (tracking pixels), and embedded scripts;
  2. Location-identifying technologies and device fingerprinting methods;
  3. Device recognition technologies and in-app tracking mechanisms;
  4. Other tracking technologies currently available or developed in the future that serve similar analytical and functional purposes.
9. Data collection occurs automatically during normal use of our Services, through voluntary user input, and via integration with third-party services and platforms that support the Ltvibe platform functionality.
10. We may collect additional data categories with your explicit consent or as required for specific features or services you choose to use within the Ltvibe platform.
Data Usage Purposes
1. We process your Personal Data for the following primary purposes in connection with the provision of our Ltvibe platform and related Services:
  1. Platform Functionality: To enable core platform features including user account creation and management, authentication and access control, data analytics dashboard operation, and technical support provision.
  2. Predictive Analytics: To generate LTV predictions, retention analysis, and ROMI calculations with up to 95% accuracy using machine learning algorithms and statistical models.
  3. Marketing Optimization: To optimize marketing budgets, reduce inefficient spending, analyze cohort behavior, and provide insights on ARPPU, ARPAS, and eCPA metrics.
  4. Automated Decision-Making: To facilitate automated decision-making cycles within the platform and provide recommendations based on data analysis.
2. We process Contact Data for the following specific purposes:
  1. User registration and account setup on the Ltvibe platform.
  2. Authentication and secure access to Services.
  3. Communication regarding service updates, technical issues, and customer support.
  4. Contract management and billing processes.
3. We process Device Information and Identity Data to:
  1. Ensure platform compatibility across different devices and operating systems.
  2. Provide technical support and troubleshoot platform issues.
  3. Prevent fraud and unauthorized access to user accounts.
  4. Optimize platform performance for specific device configurations.
4. We process Usage Data and Diagnostic Information to:
  1. Monitor platform performance and identify technical issues.
  2. Generate usage analytics and platform improvement insights.
  3. Track user engagement patterns for service enhancement.
  4. Provide session management and continuation features.
5. We process Location Data (approximate only) to:
  1. Provide region-specific analytics and insights.
  2. Ensure compliance with local regulations and requirements.
  3. Optimize platform performance based on geographic usage patterns.
6. We use Tracking Technologies including Cookies for:
  1. Session management and user preference storage.
  2. Platform analytics through Google Analytics integration.
  3. Performance optimization and error tracking.
  4. Security monitoring and fraud prevention.
7. All data processing activities are conducted for legitimate business purposes including contract performance, service improvement, legal compliance, and our legitimate interests in operating and enhancing the Ltvibe platform.
8. We do not use Personal Data for automated decision-making that produces legal effects concerning you or similarly significantly affects you without appropriate safeguards including the right to obtain human intervention.
Legal Basis for Processing
1. The Company processes Personal Data only on the basis of lawful grounds established under applicable UAE data protection laws and regulations.
2. Contract Performance: We process Personal Data when necessary for the performance of a contract to which the Data Subject is party, or to take steps at the request of the Data Subject prior to entering into a contract, including:
  1. Processing Contact Data to create and manage user accounts on the Ltvibe platform.
  2. Processing Usage Data and Device Information to provide the core analytics and predictive services under our service agreements.
  3. Processing Identity Data and Diagnostic Information to ensure proper platform functionality and service delivery.
  4. Processing payment-related data for subscription management and billing purposes.
3. Legitimate Interests: We process Personal Data where necessary for the purposes of legitimate interests pursued by the Company or a third party, provided such interests are not overridden by the fundamental rights and freedoms of the Data Subject, including:
  1. Processing Usage Data and Device Information to improve our services, develop new features, and conduct analytics.
  2. Processing Identity Data and Location Data to prevent fraud, ensure platform security, and protect against unauthorized access.
  3. Processing Diagnostic Information to monitor system performance, identify technical issues, and maintain service quality.
  4. Processing data collected through Tracking Technologies for website optimization and user experience enhancement.
4. Consent: We process Personal Data based on the Data Subject's freely given, specific, informed, and unambiguous consent, including:
  1. Processing Location Data beyond what is necessary for core service functionality.
  2. Processing data for marketing communications and promotional activities.
  3. Processing data through certain Tracking Technologies that require explicit consent under applicable law.
  4. Processing data for sharing with third-party advertising partners for targeted advertising purposes.
5. Legal Obligations: We process Personal Data to comply with legal obligations to which the Company is subject under UAE law or other applicable jurisdictions, including:
  1. Processing data for tax reporting and regulatory compliance requirements.
  2. Processing data in response to lawful requests from government authorities or courts.
  3. Processing data to comply with anti-money laundering and know-your-customer requirements.
  4. Retaining data as required by applicable record-keeping obligations.
6. Where we rely on consent as the legal basis for processing, Data Subjects have the right to withdraw such consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
7. Where we rely on legitimate interests as the legal basis for processing, Data Subjects have the right to object to such processing as detailed in Section 8 of this Privacy Policy.
Data Security Measures
1. Technical Security Measures
  1. The Company implements industry-standard encryption protocols to protect Personal Data both in transit and at rest, including AES-256 encryption for data storage and TLS 1.3 for data transmission.
  2. All Personal Data stored on our systems is protected through multi-layered security architecture including firewalls, intrusion detection systems, and regular vulnerability assessments.
  3. Database security measures include encrypted storage, regular backups with encryption, and secure backup storage in geographically distributed locations.
  4. Application security controls include secure coding practices, regular security testing, input validation, and protection against common vulnerabilities such as SQL injection and cross-site scripting.
2. Access Controls and Authentication
  1. Access to Personal Data is restricted through role-based access control systems that limit access to authorized personnel only on a need-to-know basis.
  2. All employees and contractors with access to Personal Data must use multi-factor authentication and strong password requirements for system access.
  3. Administrative access to systems containing Personal Data is logged, monitored, and regularly reviewed for unauthorized access attempts.
  4. User accounts are subject to automatic timeout periods and regular access reviews to ensure continued authorization.
3. Organizational Security Measures
  1. All employees and contractors with access to Personal Data undergo mandatory data protection training and sign confidentiality agreements.
  2. The Company maintains detailed data processing records and conducts regular internal audits of data handling practices.
  3. Third-party service providers are subject to due diligence assessments and must demonstrate adequate security measures through contracts and regular reviews.
  4. Business continuity and disaster recovery plans are maintained and regularly tested to ensure data availability and integrity.
4. Monitoring and Incident Response
  1. The Company operates continuous monitoring systems to detect potential security threats, unauthorized access attempts, and unusual data access patterns.
  2. A formal incident response plan is maintained to address potential Data Breaches, including immediate containment, assessment, notification procedures, and remediation measures.
  3. Security logs are maintained for all systems processing Personal Data and are regularly reviewed for security incidents or policy violations.
  4. Regular penetration testing and security assessments are conducted by qualified third parties to identify and address potential vulnerabilities.
5. Data Processing Environment Security
  1. The Ltvibe platform infrastructure is hosted in secure, certified data centers that maintain appropriate physical security controls, environmental protections, and redundant systems.
  2. Development and testing environments are segregated from production systems and use anonymized or pseudonymized data where possible.
  3. Secure software development lifecycle practices are implemented, including code reviews, security testing, and vulnerability management processes.
6. Security Standards Compliance
  1. The Company strives to maintain compliance with internationally recognized security standards and frameworks relevant to cloud-based SaaS platforms.
  2. Security measures are regularly reviewed and updated to address emerging threats, technological changes, and evolving regulatory requirements.
  3. Independent security assessments and compliance audits are conducted periodically to verify the effectiveness of implemented security measures.
Third-Party Data Sharing
1. General Principles of Data Sharing
  1. The Company may share your Personal Data with carefully selected third parties only when necessary for the provision of the Services, when required by law, or when you have provided explicit consent for such sharing.
  2. All third-party data sharing arrangements are governed by contractual agreements that ensure appropriate safeguards for your Personal Data and compliance with UAE Data Protection Law.
  3. We conduct due diligence on all third parties to ensure they maintain adequate data protection standards and implement appropriate technical and organizational measures.
2. Analytics Services
  1. We share certain Usage Data, Device Information, and aggregated behavioral data with Google Analytics to analyze platform performance, user engagement patterns, and service optimization opportunities.
  2. Google Analytics processes this data in accordance with Google's Privacy Policy and provides us with anonymized reports and insights that do not identify individual users.
  3. You may opt out of Google Analytics tracking by using Google's opt-out browser add-on or by adjusting your cookie preferences in our platform settings.
3. Advertising and Marketing Partners
  1. We may share Identity Data (excluding IP addresses), Usage Data, and aggregated demographic information with advertising partners to deliver relevant advertisements and measure campaign effectiveness.
  2. Advertising partners may use this data to create anonymized audience segments and improve ad targeting, but they are contractually prohibited from using this data to identify individual users.
  3. You have the right to opt out of data sharing for advertising purposes by contacting us at legal@aritmexa.com or through your account settings.
4. Payment Processors
  1. When you make payments for our Services, we share necessary Contact Data and transaction information with authorized payment processors to facilitate secure payment processing.
  2. Payment processors are required to comply with PCI DSS standards and other applicable security requirements, and they may only use your data for payment processing purposes.
  3. We do not store complete payment card information on our systems; such data is securely handled by our certified payment processors.
5. Cloud Service Providers
  1. We utilize reputable cloud service providers to host our platform infrastructure and store data, including but not limited to Amazon Web Services and other certified cloud platforms.
  2. Cloud service providers act as data processors under our instructions and are contractually bound to implement appropriate security measures and data protection safeguards.
  3. Data stored with cloud service providers is encrypted both in transit and at rest, and access is restricted to authorized personnel only.
6. Technology and Integration Partners
  1. We may share technical data and Usage Data with SDK partners and integration services that provide essential functionality for the Ltvibe platform, including push notification services and Firebase analytics.
  2. These partners process data solely to provide their specific services and are prohibited from using your data for their own commercial purposes.
7. Legal and Regulatory Compliance
  1. We may disclose your Personal Data to regulatory authorities, law enforcement agencies, or other government bodies when required by UAE law or when necessary to protect our legal rights.
  2. In case of legal proceedings, investigations, or regulatory inquiries, we may share relevant data to the extent required by applicable legal obligations.
8. Business Transfers
  1. In the event of a merger, acquisition, or sale of all or part of our business, your Personal Data may be transferred to the acquiring entity, subject to the same privacy protections outlined in this Policy.
  2. We will provide notice of any such transfer and will ensure that the acquiring entity agrees to protect your Personal Data in accordance with this Privacy Policy.
9. Data Sharing Safeguards
  1. All third-party data sharing arrangements include contractual provisions requiring recipients to maintain confidentiality, implement appropriate security measures, and use data only for specified purposes.
  2. We regularly review and audit our third-party relationships to ensure ongoing compliance with data protection requirements and the terms of our agreements.
  3. Third parties are required to notify us immediately of any data breaches or security incidents involving your Personal Data, enabling us to take prompt remedial action.
Data Retention Periods
1. General Retention Principle: The Company retains Personal Data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.
2. Account Data Retention: Personal Data associated with active user accounts is retained for the duration of the account's active status and for a maximum period of one (1) year following account deletion or termination.
3. Contact Data: Email addresses, names, passwords, and other contact information are retained for one (1) year after account deletion, unless the User requests earlier deletion or legal obligations require longer retention.
4. Usage Data and Analytics: Session data, click information, application usage statistics, and behavioral analytics are retained for a maximum of two (2) years from the date of collection to enable meaningful trend analysis and service improvement.
5. Device and Identity Data: IP addresses, device identifiers, advertising IDs, and similar technical identifiers are retained for one (1) year from the date of last interaction with our Services.
6. Location Data: Approximate location information and country-level data are retained for six (6) months from collection, as this data is primarily used for service optimization and compliance purposes.
7. Diagnostic Information: Error logs, crash reports, and diagnostic data are retained for eighteen (18) months to enable effective troubleshooting and platform stability improvements.
8. Financial and Transaction Data: Payment information, subscription details, and transaction records are retained for seven (7) years from the transaction date to comply with UAE financial record-keeping requirements.
9. Legal Hold: Notwithstanding the above retention periods, the Company may retain Personal Data for longer periods when required by law, legal proceedings, investigations, or to protect the Company's legitimate interests, provided such retention complies with applicable legal requirements.
10. Automated Deletion: The Company implements automated systems to delete Personal Data upon expiration of the applicable retention periods, except where manual review is required for legal or technical reasons.
11. Early Deletion Requests: Users may request deletion of their Personal Data before the expiration of standard retention periods by contacting legal@aritmexa.com, subject to our legal obligations and legitimate business interests.
User Rights and Control
1. Right of Access: You have the right to request confirmation as to whether your Personal Data is being processed by us and, where that is the case, to obtain access to such Personal Data and information about the processing, including the purposes of processing, categories of data concerned, recipients of data, and retention periods.
2. Right of Rectification: You have the right to request that we correct any inaccurate Personal Data concerning you without undue delay, and to have incomplete Personal Data completed by providing a supplementary statement.
3. Right of Deletion: You have the right to request that we delete your Personal Data without undue delay where one of the following grounds applies:
  1. The Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
  2. You withdraw your consent on which the processing is based and there is no other legal ground for the processing.
  3. You object to the processing and there are no overriding legitimate grounds for the processing.
  4. The Personal Data has been unlawfully processed.
4. Right of Data Portability: You have the right to receive your Personal Data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where the processing is based on consent or contract and is carried out by automated means.
5. Right to Object: You have the right to object to processing of your Personal Data where such processing is based on legitimate interests, including profiling based on those provisions, unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms.
6. Right to Restrict Processing: You have the right to request restriction of processing of your Personal Data where you contest the accuracy of the data, the processing is unlawful, we no longer need the data but you require it for legal claims, or you have objected to processing pending verification of overriding legitimate grounds.
7. Exercise of Rights: To exercise any of the rights set out in this section, you may contact us at legal@aritmexa.com or submit a written request to our registered office at Building A1, Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates.
8. Identity Verification: We may require you to provide sufficient information to verify your identity before processing any request to exercise your rights under this section.
9. Response Timeframe: We will respond to your requests within thirty (30) days of receipt, unless the request is complex or we receive a number of requests, in which case we may extend this period by a further sixty (60) days and will inform you of any such extension.
10. No Fee: We will not charge a fee for processing your request unless your request is manifestly unfounded or excessive, particularly if it is repetitive, in which case we may charge a reasonable administrative fee or refuse to act on the request.
11. Right to Lodge Complaint: You have the right to lodge a complaint with the relevant supervisory authority in the United Arab Emirates if you believe that our processing of your Personal Data violates applicable data protection laws.
12. Account Settings: For certain types of Personal Data, you may also exercise your rights through your account settings within the Ltvibe platform, including updating your contact information, managing communication preferences, and downloading your data.
International Data Transfers
1. The Company may transfer Personal Data outside the United Arab Emirates to third countries or international organizations in connection with the provision of the Ltvibe platform and related services.
2. International transfers of Personal Data occur primarily to the following jurisdictions: United States of America (for cloud hosting services, analytics platforms including Google Analytics, and software development tools), European Union member states (for payment processing and customer support systems), and other jurisdictions where our technology partners and service providers operate.
3. Before transferring Personal Data internationally, the Company ensures that appropriate safeguards are in place to protect the data and maintain compliance with UAE Data Protection Law requirements.
4. The Company relies on the following legal mechanisms for international data transfers:
  1. Adequacy decisions recognized by UAE authorities where the destination country provides an adequate level of data protection.
  2. Standard contractual clauses or equivalent contractual safeguards with third-party processors and service providers that ensure appropriate data protection standards.
  3. Explicit consent from Data Subjects where no other legal basis is available and the transfer is necessary for service provision.
  4. Performance of contract where the international transfer is necessary to fulfill our contractual obligations to users of the Ltvibe platform.
5. All third-party service providers who receive Personal Data through international transfers are contractually bound to implement appropriate technical and organizational measures to protect the data and comply with applicable data protection requirements.
6. Users have the right to obtain information about the specific safeguards applied to their Personal Data when transferred internationally by contacting us at legal@aritmexa.com.
7. The Company regularly reviews and updates its international transfer mechanisms to ensure continued compliance with evolving UAE data protection regulations and international best practices.
8. In cases where international transfers are based on user consent, such consent may be withdrawn at any time, though this may affect the Company's ability to provide certain features of the Ltvibe platform that depend on such transfers.
Cookies and Tracking Technologies
1. Overview of Tracking Technologies
  1. The Company uses various tracking technologies to collect information about your interactions with our Services, improve functionality, analyze usage patterns, and provide personalized experiences.
  2. These technologies include cookies, web beacons, embedded scripts, location-identifying technologies, fingerprinting, device recognition technologies, in-app tracking methods, and other tracking technologies now and hereafter developed.
2. Types of Cookies Used
  1. Essential Cookies: Necessary for the basic functionality of the Ltvibe platform, including user authentication, session management, and security features.
  2. Analytics Cookies: Used to collect information about how users interact with our Services, including Google Analytics cookies that help us understand user behavior and improve our platform.
  3. Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences and settings.
  4. Advertising Cookies: May be used to deliver relevant advertisements and measure the effectiveness of advertising campaigns through our advertising partners.
3. Web Beacons and Tracking Pixels
  1. We may use web beacons, also known as tracking pixels, which are small graphic images embedded in web pages or emails to track user interactions and measure the effectiveness of our communications.
  2. These technologies help us understand whether you have opened our emails, clicked on links, or accessed specific pages of our Services.
4. Device Fingerprinting and Recognition
  1. We may collect device-specific information including device type and model, operating system version, hardware characteristics, and network information to create a unique device fingerprint.
  2. Device recognition technologies help us identify returning users, prevent fraud, and provide consistent service experiences across different sessions.
5. In-App Tracking Methods
  1. Within mobile applications, we use software development kits (SDKs) and similar technologies to track user interactions, app performance, and usage patterns.
  2. These tracking methods include Firebase ID collection, push notification tokens, and event tracking for features such as LTV prediction and retention analysis.
6. Location-Identifying Technologies
  1. We collect approximate location information through IP address analysis and general location services to provide country and region-specific features.
  2. We do not collect precise location data unless explicitly required for specific Service functionality and with your express consent.
7. Your Choices and Controls
  1. Browser Settings: You can configure your web browser to refuse all or some cookies, or to alert you when cookies are being sent.
  2. Mobile Device Settings: You can adjust your mobile device settings to limit ad tracking, reset advertising identifiers, or disable location services.
  3. Opt-Out Tools: You may use industry-standard opt-out tools for advertising cookies and behavioral advertising.
  4. Please note that disabling certain tracking technologies may limit the functionality of our Services and affect your user experience.
8. Third-Party Tracking Technologies
  1. Our Services may contain tracking technologies deployed by third parties, including Google Analytics, advertising networks, and other service providers.
  2. These third parties may collect information about your online activities across different websites and services in accordance with their own privacy policies.
  3. We do not control third-party tracking technologies and recommend reviewing the privacy policies of relevant third parties.
9. Updates to Tracking Technologies
  1. We may implement new tracking technologies or modify existing ones as technology evolves and our Services develop.
  2. Material changes to our use of tracking technologies will be communicated through updates to this Privacy Policy in accordance with Section 13.
Data Breach Notification
1. Data Breach Definition: A data breach means any unauthorized access, disclosure, alteration, or destruction of personal data that compromises the security, confidentiality, or integrity of such data.
2. Internal Breach Response: Upon becoming aware of a data breach, we will immediately assess the nature and scope of the breach, contain the incident, and implement measures to prevent further unauthorized access or damage.
3. Risk Assessment: We will promptly evaluate the potential risks to the rights and freedoms of affected users, considering the nature of the personal data involved, the likelihood of harm, and the severity of potential consequences.
4. User Notification Timeline: Where a data breach is likely to result in a high risk to your rights and freedoms, we will notify affected users within seventy-two (72) hours of becoming aware of the breach.
5. Notification Content: Our breach notification to users will include:
  1. A clear description of the nature of the data breach and the categories of personal data affected.
  2. The approximate number of users and data records concerned.
  3. The likely consequences of the breach and measures we have taken or propose to take to address it.
  4. Specific recommendations for users to protect themselves from potential harm.
  5. Contact information for our privacy team to answer questions about the breach.
6. Notification Methods: We will communicate breach notifications through multiple channels including email to registered users, prominent website notices, and in-app notifications where applicable.
7. Regulatory Reporting: We will report qualifying data breaches to relevant UAE authorities in accordance with applicable legal requirements and timeframes.
8. Remedial Actions: Following a data breach, we will take appropriate measures to remedy the breach, which may include:
  1. Strengthening security controls and access restrictions.
  2. Providing additional monitoring services for affected users.
  3. Updating our security policies and procedures.
  4. Conducting additional staff training on data protection.
9. Documentation: We maintain detailed records of all data breaches, including their causes, effects, and remedial actions taken, which are available to regulatory authorities upon request.
10. No Delay: We will not unreasonably delay breach notifications due to ongoing investigations or other circumstances, prioritizing user protection and transparency.
Children's Privacy
1. The Ltvibe platform and services are designed for use by businesses and are not intended for individuals under the age of 18 years.
2. We do not knowingly collect, process, or retain Personal Data from children under the age of 18 years without appropriate parental or guardian consent.
3. If we become aware that we have collected Personal Data from a child under 18 years of age without verified parental consent, we will take immediate steps to delete such information from our systems within 30 days of discovery.
4. Parents or legal guardians who believe that their child under 18 has provided Personal Data to us may contact us at legal@aritmexa.com to request review and deletion of such information.
5. In cases where parental consent is required and obtained, we will:
  1. Apply the same data protection safeguards and security measures as outlined in this Privacy Policy.
  2. Limit data collection to information that is reasonably necessary for the child's participation in the relevant service or activity.
  3. Provide parents with the ability to review, request deletion of, or refuse further collection of their child's Personal Data.
6. We reserve the right to request proof of parental authority and to verify the identity of parents or guardians before granting access to or processing requests regarding a child's Personal Data.
7. If you are under 18 years of age, you must obtain permission from your parent or legal guardian before using our services or providing any Personal Data to us.
Policy Updates and Changes
1. The Company reserves the right to modify, update, or revise this Privacy Policy at any time to reflect changes in our data processing practices, legal requirements, business operations, or regulatory developments.
2. Any material changes to this Privacy Policy will be communicated to users through the following methods:
  1. Posting the updated Privacy Policy on our website and the Ltvibe platform with a clear indication of the revision date.
  2. Sending email notifications to registered users at their registered email addresses at least thirty (30) days prior to the effective date of material changes.
  3. Displaying prominent notifications within the Ltvibe platform interface when users next access the Services.
  4. For significant changes that may affect user rights or data processing purposes, obtaining explicit consent where required by applicable law.
3. Non-material changes, including administrative updates, corrections of typographical errors, or clarifications that do not affect the substance of data processing practices, may be implemented immediately upon posting the updated Privacy Policy.
4. Each version of this Privacy Policy will be clearly dated with the effective date, and previous versions will be archived and made available upon request for a period of three (3) years.
5. Users who do not agree with the updated Privacy Policy may:
  1. Exercise their right to object to the processing of their personal data under the revised terms.
  2. Request deletion of their personal data in accordance with Section 8 of this Privacy Policy.
  3. Discontinue use of the Services, provided that any contractual obligations remain subject to the terms agreed upon at the time of contract formation.
6. Continued use of the Services after the effective date of any Privacy Policy update constitutes acceptance of the revised Privacy Policy, except where explicit consent is required by law.
7. Users are encouraged to review this Privacy Policy periodically to stay informed about how the Company collects, uses, and protects their personal data.
Compliance and Regulatory Framework
1. This Privacy Policy and all data processing activities conducted by the Company are governed by and comply with the applicable laws and regulations of the United Arab Emirates, including but not limited to the UAE Data Protection Law (Federal Decree-Law No. 45 of 2021) and its implementing regulations.
2. The Company adheres to the data protection principles established under UAE law, including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability in all data processing operations.
3. Where the Company processes personal data of individuals located in other jurisdictions, we implement appropriate safeguards and comply with applicable international data protection standards, including the General Data Protection Regulation (GDPR) where applicable to our European users.
4. The Company maintains compliance with relevant industry standards and best practices, including but not limited to ISO 27001 information security management standards and Payment Card Industry Data Security Standard (PCI DSS) where applicable to payment processing activities.
5. This Privacy Policy is regularly reviewed and updated to ensure ongoing compliance with evolving regulatory requirements, guidance from the UAE Data Office, and changes in applicable laws and regulations.
6. In the event of any conflict between this Privacy Policy and applicable UAE data protection laws, the provisions of such laws shall prevail, and the Company will take immediate steps to align its practices with legal requirements.
7. The Company cooperates fully with regulatory authorities, including the UAE Data Office and other competent supervisory authorities, in relation to data protection compliance matters and responds promptly to any official inquiries or investigations.
8. Users may file complaints regarding the Company's data processing practices with the UAE Data Office or other relevant regulatory authorities in accordance with applicable procedures and timelines established under UAE law.
Contact Information and Inquiries
1. For all inquiries, questions, or concerns regarding this Privacy Policy, your personal data, or our data processing practices, you may contact us using the following methods:
2. Primary Contact Email: All privacy-related inquiries should be directed to legal@aritmexa.com, which is monitored by our designated privacy team and legal department.
3. Physical Address: Written correspondence may be sent to Aritmexa Software Services FZCO, Building A1, Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates.
4. Privacy Officer: Our designated Privacy Officer can be contacted directly through the email address specified in clause 15.2 for matters specifically related to data protection compliance, user rights requests, and privacy concerns.
5. Response Timeframes: We commit to acknowledging receipt of your inquiry within 2 business days and providing a substantive response within 30 days of receiving your request, or such shorter period as may be required under applicable UAE law.
6. Rights Requests: To exercise any of your rights under this Privacy Policy or applicable data protection laws, including rights of access, rectification, deletion, or objection, please use the contact methods specified above and clearly identify the specific right you wish to exercise.
7. Complaint Procedures: If you believe we have not adequately addressed your privacy concerns, you may file a complaint with the relevant UAE data protection authority or regulatory body having jurisdiction over data protection matters.
8. Language of Communication: We will respond to inquiries in English or Arabic, as appropriate to your request and our operational capabilities

Privacy Policy

Privacy Policy

This website uses cookies.