Adapted from DMP Privacy Policy for afinaclp.com. IVT COMMUNICATIONS FZC LLC processes personal data when operating www.afinaclp.com (IVT as controller) and, in limited scenarios, within Afina CLP where MNOs or business clients act as controllers and IVT may access personal data only as a processor under documented instructions. Covers: data collected via contact/demo forms, legal bases, cookie usage (Tilda-stat), sub-processors under DPA, data subject rights (GDPR/UK GDPR/FADP/LGPD), international transfers. Contact: privacy@afinadmp.com.

IVT COMMUNICATIONS FZC LLC ("IVT", "Company", "we") is a company incorporated under the laws of the UAE and committed to compliance with applicable data protection laws.

Afina Customer Lifecycle Platform ("Afina CLP", "Platform") is a software product developed by IVT. Afina CLP enables businesses to activate, retain, and reactivate their customers using mobile carrier data and AI-powered analytics. Afina CLP may be deployed within IVT’s managed cloud infrastructure or within the infrastructure of Mobile Network Operators ("MNOs"). When deployed within MNO infrastructure, the MNO acts as a controller of end-user personal data processed within the Platform. IVT may act as a processor only when providing technical support, bug fixing, or model tuning for Afina CLP upon explicit request of an MNO or business client.

This Privacy Policy applies to the processing of personal data carried out by IVT in connection with:

• The operation of our corporate website www.afinaclp.com (the "Website"), where IVT acts as a data controller; and
• Limited processing of personal data within Afina CLP, where IVT may act as a data processor on behalf of an MNO or business client when authorized.

By visiting this Website and requesting information, products, or services, you agree to be bound by the terms and conditions of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not provide any information, or use any of the services or products offered or provided on this Website.

Please note: This Privacy Policy changes from time to time and changes are effective upon posting.

This Privacy Policy describes the information collection, use, and disclosure practices of IVT with respect to:
(a) the Website, including all related divisions, subsidiaries, and affiliated companies; and
(b) the engagement of third-party service providers acting on behalf of IVT.

Personal data provided via the Website (e.g., contact forms, demo requests, partnership inquiries) is processed by IVT as a controller to operate the Website and respond to you.

Personal data within Afina CLP is controlled by the MNO or business client; IVT may access it solely as a processor under documented instructions for defined support purposes.

In this Privacy Policy, "personal data" means any information relating to you as an identified or identifiable natural person ("data subject").

IVT does not knowingly collect personal data of children under the age applicable in their jurisdiction (e.g., 16 in the EU; 13 under COPPA in the US). If we learn that we hold such data, we will promptly delete it.

A. Website (IVT as controller)

1. Provision of requested services or information

• Purpose: respond to inquiries, provide requested materials, set up demos.
• Categories of data: Identity Data (name, title), Contact Data (email, phone), Technical Data (IP, browser).

2. Communication and partnerships

• Purpose: manage business communications with partners, clients, and prospects.
• Categories of data: Identity Data, Contact Data, Financial Data (for invoicing).

3. Recruitment

• Purpose: evaluate candidates, manage recruitment process.
• Categories of data: Identity Data, Contact Data, employment-related data (CV, work history, qualifications).

4. Marketing communications (opt-in only)

• Purpose: send newsletters, product updates, invitations to events. Note: as of the effective date of this Privacy Policy, no marketing communications are sent from the CLP Website. Contact records gathered through the Website are stored for sales follow-up only. If marketing automation is enabled in the future, this section and the Cookie Notice will be updated and explicit opt-in consent will be collected.
• Categories of data: Identity Data, Contact Data, Marketing and Communications Data.

5. Website administration and security

• Purpose: ensure proper functioning, prevent fraud and bot abuse, improve performance.
• Categories of data: Technical Data (IP, browser, cookies, logs, anti-bot tokens).

6. Compliance and legal obligations

• Purpose: conduct KYC and AML/CFT checks, defend legal claims, respond to regulators.
• Categories of data: Identity Data, Contact Data, Financial Data, Technical Data.

B. Afina CLP Platform (MNO or business client as controller; IVT may act as processor)

• Categories of data (determined by the controller): Subscriber Identity Data, Traffic Data, Service Usage Data, Technical Data.
• Purpose (defined by the controller): customer analytics, lifecycle management, targeted communication, churn prevention, fraud detection.

Important: IVT does not determine the purposes of such processing. IVT may access personal data only as a Processor, under documented instructions of the MNO or business client.

Personal data is retained only for as long as necessary for the purposes described in this Privacy Policy. The Website-specific retention rules are:

• Operational form submissions (visitors who contact us through Website forms without opting into marketing): closure of the inquiry + 90 days for follow-up, then deleted or anonymized.
• Marketing-eligible contacts (visitors who have given explicit marketing opt-in consent): up to 24 months from the last engagement (email open, click, recorded site visit, or recorded conversation). A re-consent prompt is sent at 18 months of inactivity; if no engagement follows, the contact is auto-suppressed at 24 months and marketing fields are deleted at 30 months.
• Consent audit records (proof that you gave or withdrew consent, including timestamps and the consent text shown to you): 3 years after the last consent event.
• Suppression list (records of withdrawal, retained to prevent accidental re-contact): only your hashed email address (no name, no other identifiers), for up to 5 years from withdrawal.

You may withdraw your marketing consent at any time using the unsubscribe link in any marketing email or by contacting sales@afinadmp.com. For all other data-subject rights (access, rectification, erasure, restriction, objection, portability, complaint) please contact privacy@afinadmp.com. Withdrawal triggers immediate suppression — we do not wait for the 24-month timer to expire. Legal hold pauses retention timers where required.

IVT implements commercially reasonable technical and organizational safeguards, including encryption, secure servers, and access controls. No data transmission over the Internet is fully secure; transmission is at your own risk.

We use cookies and similar tracking technologies to operate the Website. The Website is built on Tilda Publishing, which uses its own analytics module (Tilda Statistics) to collect aggregated usage data. On this Website, Tilda Statistics is configured in cookieless mode — page view data is transmitted to the analytics endpoint but no persistent visitor identifier cookie is set in your browser.

The Website is also protected by an anti-bot and DDoS protection service that sets short-lived cookies (with the __ddg prefix) necessary for traffic filtering. These cookies do not require consent as they are strictly necessary for the proper functioning of the Website.

We do not use Google Analytics, Yandex Metrica, Facebook Pixel, or other third-party advertising trackers on this Website.

Categories of cookies used on the Website:

1. Strictly necessary cookies — required for Website functionality and security (including anti-bot protection); do not require consent.
2. Analytical cookies — Tilda Statistics; on this Website processed in cookieless mode (no consent required for cookie storage; legitimate interest for the aggregate measurement).

For the full list of cookies, see our Cookie Notice (www.afinaclp.com/cookie-notice). Consent for any optional cookies introduced in the future will be collected via the cookie banner.

IVT engages the following third-party service providers under written Data Processing Agreements (DPAs):

• Tilda Publishing — website hosting, content management, and form processing on the CLP Website.
• SendPulse — recipient of form submissions and storage of contact records for sales follow-up; also stores consent records as the audit trail for any future marketing opt-ins.
• DDoS-Guard — anti-bot, DDoS protection, and traffic filtering service. Sets short-lived cookies on the Website (__ddg1_, __ddg8_, __ddg9_, __ddg10_) for traffic analysis and bot detection. The cookie __ddg9_ contains the visitor’s IP address; all DDoS-Guard cookies are strictly necessary for the secure operation of the Website.
• Zapier — workflow automation and service integrations.
• Notion — collaboration and knowledge management platform.
• Digital Ocean — cloud infrastructure and hosting services for IVT-operated systems.
• Google LLC (Google Workspace) — corporate email and productivity infrastructure used by IVT to receive and respond to inquiries (privacy@afinadmp.com, sales@afinadmp.com, legal@afinadmp.com).
• Contractors providing technical, legal, and compliance support services on behalf of IVT.

Where personal data is transferred outside the EEA, transfers rely on adequacy decisions or Standard Contractual Clauses (SCCs).

Under applicable data protection laws (GDPR, UK GDPR, FADP, LGPD, UAE PDPL, PDPA, POPIA, and others) you have the right to: information and transparency; access (Art. 15 GDPR); rectification (Art. 16 GDPR); erasure (Art. 17 GDPR); restriction of processing (Art. 18 GDPR); object (Art. 21 GDPR); data portability (Art. 20 GDPR); withdraw consent; and not be subject to solely automated decision-making (Art. 22 GDPR).

To exercise your rights, contact: privacy@afinadmp.com. To withdraw marketing consent specifically, you can also write to sales@afinadmp.com. You also have the right to lodge a complaint with a competent data protection authority.

This Privacy Policy is intended to comply with the EU GDPR and other applicable laws including UAE PDPL, LGPD (Brazil), UK GDPR, FADP (Switzerland), PDPA (Thailand), POPIA (South Africa), and applicable CIS and Asia-Pacific data protection laws.

• privacy@afinadmp.com — for all data privacy inquiries and data subject rights requests.
• sales@afinadmp.com — for commercial inquiries, partnerships, and marketing-related communications including unsubscribe / withdrawal of marketing consent.

This Website is owned and operated by IVT COMMUNICATIONS FZC LLC, incorporated under the laws of the United Arab Emirates, located at: BLA-SP1-97, AMC - Boulevard - A Building, Ajman Media City. Registered number: 3621.