Privacy Policy
Effective Date: December 2024
Updated: August 2025 [v1.3]
This Privacy Policy describes how Mestaria Consultancy LLC ("we", "us", or "our") collects, uses, stores, and protects your personal information when you use our website, platform, and associated services (collectively, the "Services").
By using our Services, you agree to the terms outlined in this Privacy Policy.
1. Information We Collect
1.1 Information You Provide Directly
a) We may collect personal information that you voluntarily submit, including:
(i) Name, email address, and contact details;
(ii) Company information and professional details;
(iii) Project requirements and business objectives;
(iv) Survey responses, feedback, and support inquiries;
(v) Marketing preferences and communication settings.
1.2 Information Collected Automatically
a) We may collect specific data automatically when you use our Services, including:
(i) IP address, browser type, and device information;
(ii) Usage data, including time spent and pages viewed;
(iii) Website analytics and performance metrics;
(iv) Cookies and similar tracking technologies.
1.3 Third-Party Data Sources
a) We may receive information from third-party platforms and services, including:
(i) Social media platforms for marketing and communications purposes;
(ii) Business intelligence and market research platforms;
(iii) Technology integration partners and service providers;
(iv) Professional networking platforms and industry databases.
1.4 Data Sales and Trading
a) We do not sell or trade your personal information under any circumstances.
2. How We Use Your Information
2.1 Purposes of Use
a) We use your personal data for the following purposes:
(i) To provide, maintain, and improve our Consultancy Services;
(ii) To personalise your experience and tailor our recommendations;
(iii) To communicate essential updates and respond to client inquiries;
(iv) To perform security monitoring and prevent fraud;
(v) To deliver marketing, communications, technology, and legal Consultancy Services; (vi) To ensure compliance with legal and regulatory obligations;
(vii) To conduct market research and business intelligence analysis;
(viii) To develop and improve our proprietary methodologies and service offerings.
2.2 Third-Party Health and Wellness Data Usage
a) When you provide consent to access your health and wellness data from third-party platforms (may include Garmin Connect, Apple Health, Fitbit, Samsung Health, and other fitness tracking services), we use this information specifically to:
(i) Analyse health and wellness patterns to inform workplace wellness Consultancy Services;
(ii) Develop personalised recommendations for corporate health programmes;
(iii) Create aggregated and anonymised insights for wellness strategy development;
(iv) Provide data-driven recommendations for employee engagement and productivity initiatives; (v) Support the development of health-focused marketing campaigns and communications strategies;
(vi) Deliver comprehensive wellness consulting and advisory services.
b) Third-party health and wellness data will only be used for the specific purposes outlined in your consent and will not be shared with third parties except as explicitly stated in this Privacy Policy.
3. How We Protect Your Information
3.1 Security Measures
a) We implement appropriate technical and organisational safeguards, including:
(i) SSL/TLS encryption for all communication channels;
(ii) Secure API integrations with third-party platforms and health data services;
(iii) Multi-factor authentication for sensitive account access;
(iv) Restricted access to data by authorised personnel only; (v) Regular security audits and vulnerability assessments;
(vi) Secure data storage and backup procedures.
3.2 Client Responsibility
a) While we take security seriously, no system is impenetrable.
b) Clients are responsible for safeguarding login credentials and access tokens.
c) Clients should regularly review and manage their third-party platform permissions, including health and wellness data sharing settings.
4. How We Share Information
4.1 Permitted Sharing
a) We may share personal data in the following circumstances:
(i) With service providers under strict confidentiality obligations;
(ii) With technology partners for platform integration and service delivery;
(iii) With legal or regulatory authorities as required by law;
(iv) With clients' explicit consent for specific project requirements;
(v) In aggregated and anonymised form for industry research and benchmarking.
4.2 Third-Party Health and Wellness Data Sharing
a) Data obtained from third-party health and wellness platforms will only be shared:
(i) In aggregated and anonymised form that cannot identify individual users;
(ii) With your explicit written consent for specific Consultancy Services purposes;
(iii) As required by law or legal process;
(iv) With service providers who assist in data analysis under strict confidentiality agreements.
4.3 Prohibited Sharing
a) We do not sell personal information to third parties under any condition.
b) We do not share individual health and wellness data with other clients or for commercial purposes without explicit consent.
5. Cookies and Tracking Technologies
5.1 Use of Cookies
a) We use cookies and related technologies to improve platform functionality and service delivery.
(i) Essential cookies are necessary for platform operation and cannot be disabled;
(ii) Analytics cookies help us understand user behaviour and improve our Services;
(iii) Marketing cookies may be used for targeted communications and campaign optimisation;
(iv) Non-essential cookies may be controlled through your browser settings.
5.2 Third-Party Tracking
a) We may use third-party analytics and marketing tools that employ their own cookies and tracking technologies.
b) These tools are subject to their respective privacy policies and terms of service.
6. Your Rights and Choices
6.1 User Rights
a) You have the following rights, subject to applicable laws:
(i) Access and correct your personal data;
(ii) Request deletion of your account and associated data;
(iii) Opt out of direct marketing communications;
(iv) Request a portable copy of your personal data;
(v) Withdraw consent for specific data processing activities; (vi) Object to processing based on legitimate interests.
6.2 Third-Party Health and Wellness Data Rights
a) Regarding health and wellness data from third-party platforms (may include Garmin Connect, Apple Health, Fitbit, Samsung Health, and other fitness tracking services), you have the right to:
(i) Revoke access to your third-party health data accounts at any time;
(ii) Request deletion of all third-party health data we have collected;
(iii) Receive a copy of the third-party health data we have processed;
(iv) Restrict the purposes for which we use your third-party health data.
6.3 Exercising Your Rights
a) To exercise any of the above rights, please contact us at:
(i) Email: hello@mestaria.com
b) We will respond to your request within 30 days of receipt.
7. International Data Transfers
7.1 Transfer of Data
a) By using our Services, you consent to the transfer and processing of your personal data outside your country of residence.
b) We ensure appropriate safeguards are in place for international data transfers.
7.2 Jurisdictional Variations
a) The laws governing data protection may differ from those in your local jurisdiction.
b) We comply with applicable data protection regulations, including GDPR where relevant.
8. Data Retention
8.1 Retention Periods
a) We retain personal data only as long as necessary for the purposes outlined in this Privacy Policy. b) Specific retention periods vary based on the type of data and legal requirements.
8.2 Third-Party Health Data Retention
a) Third-party health and wellness data will be retained only for the duration necessary to provide the agreed Consultancy Services.
b) Upon completion of services or withdrawal of consent, third-party health data will be securely deleted within 90 days.
9. Children's Privacy
9.1 Age Restrictions
a) Our Services are not intended for individuals under 18 years of age.
9.2 Inadvertent Collection
a) We do not knowingly collect personal data from individuals under 18.
b) If such information has been collected in error, please notify us immediately for deletion.
10. Changes to This Privacy Policy
10.1 Right to Amend
a) We reserve the right to modify this Privacy Policy at any time. The act of using our Services will confirm your acknowledgement to be bound by this Privacy Policy and any amendments or updates from time to time.
10.2 Notification of Changes
a) Significant updates will be communicated via the website or by email.
b) Continued use of our Services after an update signifies acceptance of the revised policy.
c) Changes affecting third-party health data usage will require renewed consent.
11. Governing Law
a) This Privacy Policy shall be governed by and construed in accordance with the laws of the United Arab Emirates.
b) Any disputes in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Dubai. Both parties irrevocably submit to the jurisdiction of the Dubai courts and waive any objections to the venue or jurisdiction. We may also pursue claims in any other jurisdiction where we are entitled to do so.
c) If any provision of this Privacy Policy is found to be unenforceable or invalid, the remaining provisions shall remain in full force and effect.
12. Contact Information
12.1 Enquiries
a) For any questions or concerns related to this Privacy Policy, please contact: hello@mestaria.com
b) For specific inquiries about third-party health data usage, please contact: hello@mestaria.com with "Health Data Inquiry" in the subject line.
c) We are Mestaria Consultancy LLC, headquartered in Dubai, United Arab Emirates.
12.2 Data Protection Officer
a) For data protection matters, you may contact our designated representative at: hello@mestaria.com
Company Information:
Mestaria Consultancy LLC
Dubai, United Arab Emirates
Contact: hello@mestaria.com
Copyright© 2025 Mestaria Consultancy LLC. All rights reserved.