Privacy Policy

1. Introduction & Definitions

This policy describes how My Auto Arena collects, uses, and protects your personal information and dealership data.

In this document:

• "We" or "the Platform" refers to My Auto Arena and its development team
• "You" or "the User" refers to the dealership owner or any authorized user
• "Data" refers to all information you enter into the system or that is automatically generated
• "Dealership" refers to your subscription account on the platform

2. Data We Collect

3. How We Use Your Data

We use your data exclusively for the following purposes:

• Delivering and operating the service at the required level of quality
• Sending subscription notices, invoices, and material updates
• Responding to your support requests and technical inquiries
• Detecting fraudulent use and protecting platform security
• Improving platform performance based on usage patterns

We do not use your data for targeted advertising, market analytics, or any commercial purpose outside the scope of delivering the service.

4. Data Sharing

We do not sell or share your data commercially with any third party. Data is shared only in the following cases:

• Technical service providers: Hosting companies, email processors, and file storage - under strict confidentiality agreements
• Payment gateways: When processing your payments via Ziina, Stripe, or PayPal - subject to each provider's own privacy policy
• Legal compliance: When a binding court order requires us to do so
• With your consent: When you explicitly request it

All third parties we engage are contractually prohibited from using your data beyond the scope of the service they provide to us.

5. Storage & Security

• Data is stored on secure servers with SSL/TLS encryption for all communications
• Passwords are hashed using strong algorithms (bcrypt)
• Files and attachments are stored on Azure Blob Storage with end-to-end encryption
• Regular daily backups are performed to ensure data continuity
• Internal data access is restricted by the principle of least privilege
• Periodic security audits are conducted to identify and address vulnerabilities

Despite our ongoing efforts, no system is 100% secure. We commit to notifying you promptly in the event of any breach affecting your data.

6. Cookies

We use only strictly necessary cookies:

• Session cookie: To keep you logged in across pages
• Language preference: To remember your language choice (Arabic/English) for one year
• CSRF protection: To prevent cross-site request forgery attacks

We do not use marketing tracking cookies or third-party analytics. You can delete cookies from your browser settings at any time.

7. Your Rights

You have the full right to:

• Access: Know all the data we hold about you
• Rectification: Correct any inaccurate information at any time
• Portability: Receive a complete copy of your data in a machine-readable format
• Erasure: Request deletion of your account and all associated data
• Objection: Refuse any specific processing of your data

To exercise any of these rights, contact us via the email listed below and we will respond within 7 business days.

8. Data Retention

• Active account data: Retained for the duration of your subscription
• After cancellation: Data is kept for 30 days to allow recovery
• After 30 days: Data is permanently deleted and cannot be recovered
• System logs: Retained for 90 days for security purposes, then deleted

9. Changes to This Policy

We may update this policy when our practices or legal requirements change. We will notify you of any material changes via email or an in-platform notice at least 14 days before they take effect.

The effective date is always shown at the top of this page.

10. Privacy Contact

For any inquiry or request related to your privacy or data: