Legal documentation
Privacy Policy
00 - At a Glance
Privacy at a glance
| What | Why | Shared? |
|---|---|---|
| Name & contact details | Account setup and support | Service providers only |
| Usage and activity data | Product analytics and recommendations | Processors only |
| Reviews and submissions | Public profile publishing and moderation | Public when you publish |
| Payment and billing data | Subscription processing | Payment processor only |
| Device and network signals | Security and fraud prevention | Processors only |
01 - What We Collect
Information we collect
Information you provide directly:
- Account information — name, email address, phone number, password when you register
- Profile information — for agents: brokerage name, licence number, service areas, bio, profile photo
- Buyer preferences — budget range, preferred neighbourhoods, property type, timeline
- Reviews and ratings — content you submit when reviewing an agent
- Communications — messages you send to agents or support
- Payment information — processed by Stripe; we only store masked metadata
Information collected automatically:
- Usage data — pages visited, searches, agents viewed, listings saved, time spent
- Device information — browser type, operating system, device identifiers
- Log data — IP address, referrer URL, access times, error logs
- Cookies and similar technologies — see Section 04
02 - How We Use It
How we use your data
- Service delivery — create and maintain your account, power search and matching tools, and support profile and review workflows.
- Communications — send transactional updates (for example, account verification, password resets, billing notices, and policy updates).
- Personalisation — show relevant agent, listing, and content recommendations based on your preferences and activity.
- Safety and fraud prevention — detect suspicious behavior, abuse, spam, and unauthorized access attempts.
- Analytics and improvement — evaluate product performance, fix bugs, and improve user experience.
- Legal compliance — satisfy legal, regulatory, tax, and accounting requirements.
03 - Data Sharing
Who we share data with
We share personal data only when necessary to operate Brokng or comply with legal obligations.
- Service providers (processors) — including payment processing, cloud hosting, email delivery, analytics, and customer support tools.
- Professional advisors — such as legal, audit, or compliance advisors under confidentiality obligations.
- Legal disclosures — where required by law, court order, or to protect rights, safety, and platform integrity.
- Business transfers — in connection with a merger, acquisition, financing, or asset sale, subject to standard safeguards.
We do not sell personal data and do not share personal data for third-party behavioral advertising without consent where required.
04 - Cookies & Tracking
Cookies & tracking
Brokng uses cookies, pixels, and similar technologies for security, performance, analytics, and optional personalisation or marketing functionality.
- Essential — required for authentication, fraud prevention, and platform reliability.
- Analytics — helps us understand product usage and improve service performance.
- Personalisation — remembers preferences and improves relevance of recommendations.
- Marketing — supports campaign measurement and related outreach where consented.
You can manage optional categories at any time in Cookie Preferences. You can also control cookies through browser settings, though some features may be limited if essential technologies are blocked.
05 - Data Retention
How long we keep your data
We retain personal data only for as long as reasonably necessary to fulfill the purposes described in this policy.
- Account data — retained while your account is active and for a limited period after closure to support security, dispute resolution, and compliance.
- Transactional and billing records — retained as required by tax, accounting, and financial regulations.
- Support and safety logs — retained for abuse prevention, incident response, and operational integrity.
- Aggregated or de-identified data — may be retained longer where it can no longer reasonably identify you.
When retention is no longer required, data is deleted or anonymized according to our internal retention schedule.
06 - Your Rights
Your rights
Depending on your location and applicable law (including UAE PDPL where it applies), you may have the right to:
- Request access to the personal data we hold about you.
- Request correction of inaccurate or incomplete personal data.
- Request deletion of personal data, subject to legal exceptions.
- Request portability of certain personal data in a structured format.
- Object to or restrict certain processing activities.
- Withdraw consent where processing is based on consent.
To make a request, email privacy@brokng.com. We may verify your identity before processing requests and will respond within legally required timelines.
If you are not satisfied with our response, you may have the right to lodge a complaint with the UAE Data Office or another competent supervisory authority, where applicable.
07 - Children's Privacy
Children's privacy
Brokng is not directed to individuals under 18, and we do not knowingly collect personal data from minors without lawful authorization.
If you believe a minor provided personal information in violation of this policy, contact privacy@brokng.com and we will review and take appropriate action.
08 - Security
How we protect your data
- Encryption — data is protected in transit using TLS and, where appropriate, at rest.
- Access controls — access to personal data is limited to authorized personnel with legitimate business need.
- Monitoring and logging — security events are monitored to detect and respond to threats.
- Operational safeguards — periodic reviews, vendor assessments, and incident response procedures.
09 - International Transfers
International data transfers
Brokng primarily serves users in the United Arab Emirates. Personal data may be processed in the UAE and in other countries where our service providers operate.
Where personal data is transferred outside the UAE, we apply safeguards required under UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL), including appropriate contractual, technical, and organizational controls.
If you access the Service from outside the UAE, additional local data protection laws may also apply to you.
10 - UAE (PDPL)
Your rights under UAE data protection law
Where UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) applies, you may have rights including:
- Request access to personal data we hold about you.
- Request correction of inaccurate or incomplete personal data.
- Request erasure of personal data, subject to legal and operational exceptions.
- Request restriction of certain processing activities.
- Request portability of personal data in a structured, commonly used format where technically feasible.
- Object to certain processing, including direct marketing where applicable.
- Withdraw consent where processing is based on consent, without affecting prior lawful processing.
To submit a request, contact privacy@brokng.com. We respond within timelines required by applicable UAE law.
You may also contact the UAE Data Office if you believe your rights have been infringed and we have not resolved your concern.
11 - Contact & Updates
Reach our privacy team
Questions or concerns about this Privacy Policy can be sent to privacy@brokng.com.
We may update this policy periodically. When we make material changes, we update the effective date and provide notice as required by applicable law.
This policy is provided for transparency and does not by itself create contractual rights beyond those required by law or separately agreed terms.