Legal · Privacy

Privacy Policy

How Need To Talk collects, uses, and protects your personal data — written to be aware of UAE PDPL and GDPR.

Introduction

Need To Talk respects your privacy. This policy explains what personal data we collect when you use our website, why we collect it, and the choices you have. We have written it to be read, not just filed — plain language first, with the legal precision the law requires.

This policy is written to be aware of the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021, “PDPL”) and, where it applies to visitors in the European Economic Area and the United Kingdom, the EU/UK General Data Protection Regulation (“GDPR”).

Who we are

Need To Talk is a marketing advisory and growth consultancy based in Dubai, United Arab Emirates, operating the website at https://www.needtotalk.co.

For the purposes of data protection law, the data controller is:

  • Legal entity: Need To Talk Marketing Consultancy LLC
  • Commercial licence no. 971405
  • Registered address: International Business Tower, Office 609, Business Bay, Dubai, United Arab Emirates
  • Contact for privacy matters: info@needtotalk.co

If you have any question about this policy or how we handle your data, you can reach us at the contact above.

What data we collect

We only collect what we need. In practice, that falls into three groups.

1. Information you give us directly.

When you book a strategy session or contact us through the website, we collect:

  • your name;
  • your company;
  • your role;
  • what you would like to discuss; and
  • any other information you choose to include in your message or during the booking process.

If you book a session through our scheduling tool, that tool also processes your email address and the time you select so we can confirm and hold the meeting.

2. Communications.

If you email us or correspond with us after an enquiry, we keep a record of that correspondence so we can respond and maintain continuity of the relationship.

3. Information collected automatically (analytics and cookies).

When you visit the website, limited technical information may be collected — such as pages viewed, approximate location at country level, referring source, and device or browser type. We use privacy-respecting analytics and aim to minimise or avoid the use of personal identifiers for this purpose. Where any analytics or non-essential cookies are used, we ask for your consent first. For the full detail, see our Cookie policy.

We do not knowingly collect sensitive categories of personal data through the website, and we ask that you do not send them to us through the booking or contact forms.

Why we use your data, and our lawful basis

We use your data for clearly defined purposes. Under the PDPL and GDPR we rely on a lawful basis for each one.

PurposeWhat this meansLawful basis (PDPL / GDPR)
Responding to your enquiry and arranging a strategy sessionReading your message, contacting you, scheduling and holding the meetingYour consent, and our legitimate interest / steps taken at your request prior to entering an engagement
Maintaining our relationship and correspondenceFollowing up, keeping a record of our discussionsLegitimate interest in managing client and prospect relationships
Understanding how the website is usedAggregate, privacy-respecting analytics to improve the siteYour consent where non-essential cookies or analytics are used
Meeting legal, accounting and regulatory obligationsRetaining records where the law requires itLegal obligation
Protecting the security of the websitePreventing misuse and fraudLegitimate interest in keeping our systems secure

Where we rely on consent, you are free to withdraw it at any time (see Your rights below). Withdrawing consent does not affect anything we lawfully did before you withdrew it.

How we share your data — third-party processors

We do not sell your personal data. We never have, and we have no intention to.

To run the website and our advisory practice, we use a small set of trusted service providers who process data on our behalf, under contract and on our instructions. By category, these include:

  • Scheduling and booking — to arrange and confirm strategy sessions.
  • Transactional email — to send confirmations and replies to your enquiries.
  • Website analytics — privacy-respecting, aggregate analytics to understand how the site is used.
  • Hosting and content management — the infrastructure that serves this website.

We may also share data where we are legally required to do so, or to establish, exercise or defend legal claims.

We choose providers who offer appropriate safeguards, and we put data-processing terms in place with them where the law requires it.

How long we keep your data

We keep personal data only for as long as we need it for the purpose we collected it, or for as long as applicable UAE law requires.

When we no longer need your data, we delete it or anonymise it securely.

International transfers

We are based in the UAE, and some of our service providers may store or process data outside the UAE — including, potentially, in other countries depending on where each provider operates.

Where personal data is transferred outside the UAE, we take steps consistent with the PDPL to ensure it remains protected — for example, transferring only to jurisdictions or providers that offer an adequate level of protection, or putting appropriate contractual safeguards in place.

Where the GDPR applies to a transfer outside the EEA or the UK, we rely on a lawful transfer mechanism, such as an adequacy decision or standard contractual clauses, as appropriate.

Your rights

Depending on where you are and which law applies, you have rights over your personal data.

Under the UAE PDPL, you may have the right to:

  • access the personal data we hold about you;
  • have inaccurate data corrected;
  • request that your data be deleted in certain circumstances;
  • restrict or object to certain processing;
  • request that processing based on consent be stopped (withdraw consent); and
  • request your data in a portable form, where applicable.

Under the GDPR (if you are in the EEA or the UK), you have the rights of access, rectification, erasure, restriction, objection, and data portability, and the right not to be subject to solely automated decisions that produce legal or similarly significant effects.

To exercise any of these rights, contact us at info@needtotalk.co. We will respond within the timeframe required by applicable law. We may need to verify your identity before acting on a request.

If you believe we have not handled your data properly, you may also have the right to complain to the relevant supervisory authority — in the UAE, the UAE Data Office, and in the EEA/UK, your local data protection authority.

Cookies

The website uses cookies and similar technologies, with a consent banner for any non-essential cookies. Full detail — including categories — is in our Cookie policy.

Security

We take reasonable technical and organisational measures to protect your personal data against loss, misuse, and unauthorised access. No method of transmission or storage is completely secure, but we work to keep your data safe and to limit access to those who need it.

Children's data

The website and our services are intended for business professionals and are not directed at children. We do not knowingly collect personal data from anyone under the age of 18. If you believe a minor has provided us with personal data, please contact us and we will delete it.

Changes to this policy

We may update this policy from time to time. For material changes, we will take reasonable steps to make the update clear.

Contact

For any privacy question, or to exercise your rights, contact:

  • Data controller: Need To Talk Marketing Consultancy LLC
  • Email: info@needtotalk.co
  • Phone: +971 50 777 3083
  • Address: International Business Tower, Office 609, Business Bay, Dubai, United Arab Emirates
Contact Need To Talk on WhatsApp