FT Faaz Technology Solutions
Legal

Privacy Policy

How Faaz Technology Solutions collects, uses, stores, and protects personal data.

Effective date: 12 June 2026  |  Last updated: 12 June 2026

Faaz Technology Solutions Pvt Ltd (“Faaz,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we handle personal data when you visit our website, contact us, use our software products (including Apps4x Platform and Apps4x E-Invoice), or engage us for custom enterprise software and consulting services.

We operate primarily for enterprise clients in Saudi Arabia from our headquarters in India. This policy is designed to align with applicable requirements under the Saudi Personal Data Protection Law (PDPL), India’s Digital Personal Data Protection Act (DPDP Act), and other laws that may apply based on your location or our processing activities.

1. Who We Are

Data controller (website and business contact data): Faaz Technology Solutions Pvt Ltd, India (HQ). For enterprise engagements, roles may differ — see Section 3 and our Data Processing Addendum.

Privacy contact: privacy@faaztechsolutions.com (or contact@faaztechsolutions.com).

2. Scope

This policy applies to:

  • Visitors to www.faaztechsolutions.com and related marketing pages
  • Prospective and existing clients, partners, and vendors who interact with us
  • Users of our software products where Faaz acts as a controller or processor, as described in your agreement
  • Personal data processed in connection with custom development, implementation, support, and managed services

It does not replace contractual terms in signed agreements, product terms, or our Data Processing Addendum where those documents govern client data more specifically.

3. Roles: Controller vs. Processor

When we are a controller

We act as a data controller for personal data we collect for our own purposes, such as website inquiries, sales and marketing, billing our clients, and managing our business relationships.

When we are a processor

For most enterprise software deployments — including ERP, CRM, HRM, case management, workflow, and e-invoicing systems — we process personal data on behalf of our clients (e.g., employee records, customer data, invoice and tax data). In those cases, our client is typically the controller and Faaz acts as a processor under a written agreement and our Data Processing Addendum.

4. Personal Data We Collect

Depending on your interaction with us, we may collect:

  • Contact and identity data: name, job title, company, email, phone, country
  • Inquiry and communications: messages submitted via contact forms, email, or sales calls
  • Account and authentication data: usernames, roles, access logs for product environments
  • Technical data: IP address, browser type, device information, and website usage (see our Cookie Policy)
  • Enterprise and operational data: data entered into or generated by systems we build or operate on behalf of clients, which may include HR, payroll, customer, financial, invoice, ZATCA submission, and case-management records
  • Support and audit data: tickets, logs, error reports, and change records related to delivered systems

We do not intentionally collect sensitive personal data through our public website. Client systems may process categories defined by the client under their own policies and legal obligations.

5. How We Use Personal Data

We use personal data to:

  • Respond to inquiries and provide pre-sales information
  • Deliver, configure, host, maintain, and support software products and custom solutions
  • Perform integrations with third-party systems (e.g., ZATCA, government portals, banks, ERPs) as authorised by the client
  • Provide AI-enabled features where contracted, in accordance with our AI & Data Use Policy
  • Secure our systems, prevent fraud, and investigate incidents
  • Comply with legal, regulatory, and contractual obligations
  • Improve our website, products, and services using aggregated or anonymised insights where possible
  • Send relevant business communications where permitted by law or consent

6. Legal Bases for Processing

Depending on jurisdiction and context, we rely on one or more of the following:

  • Contract: to perform agreements with clients and users
  • Legitimate interests: to operate and improve our business, secure systems, and communicate with prospects, balanced against your rights
  • Consent: where required, such as for certain cookies or marketing communications
  • Legal obligation: to meet applicable law, tax, audit, or regulatory requirements

7. Sharing and Disclosure

We may share personal data with:

  • Client organisations: where you are a user of a client-deployed system
  • Subprocessors: cloud infrastructure, email, monitoring, development tools, and AI service providers that support delivery — see our subprocessor practices in the Data Processing Addendum
  • Integration partners: government, banking, and third-party APIs where enabled by the client
  • Professional advisers: legal, audit, and insurance providers under confidentiality obligations
  • Authorities: when required by law or to protect rights, safety, and security

We do not sell personal data.

8. International Transfers

Faaz is headquartered in India and serves clients in Saudi Arabia and other regions. Personal data may be processed or accessed across borders — for example, between India, Saudi Arabia, cloud regions selected for a deployment, and subprocessors in other countries.

Where required, we implement appropriate safeguards such as contractual clauses, access controls, encryption, and data localisation options agreed with clients. Cross-border transfer details for client data are addressed in the Data Processing Addendum and project agreements.

9. Retention

We retain personal data only as long as necessary for the purposes described in this policy, to meet legal and contractual requirements, and to resolve disputes. Website inquiry data is typically retained for a limited period unless a business relationship continues. Client system data retention is governed by the relevant contract and client instructions.

10. Security

We apply administrative, technical, and organisational measures appropriate to enterprise software environments, including access controls, encryption in transit, secure development practices, logging, and incident response. See our Security & Compliance page for an overview.

11. Your Rights

Depending on applicable law, you may have rights to:

  • Access, correct, or delete your personal data
  • Restrict or object to certain processing
  • Withdraw consent where processing is consent-based
  • Request portability of data you provided
  • Lodge a complaint with a supervisory authority

If your data is processed within a client’s system, please contact that organisation first. We will assist our clients in responding to valid requests where we act as processor. Direct requests to us may be sent to privacy@faaztechsolutions.com.

12. Children

Our services are directed at businesses and professionals. We do not knowingly collect personal data from children.

13. Third-Party Links

Our website may link to third-party sites (e.g., LinkedIn). Their privacy practices are governed by their own policies.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date. Continued use of our website or services after changes constitutes notice of the updated policy where permitted by law.

15. Contact Us

Faaz Technology Solutions Pvt Ltd
Email: privacy@faaztechsolutions.com
General inquiries: contact@faaztechsolutions.com