// Legal_Document

Privacy Policy

Effective: 1 March 2026 · Last updated: 1 March 2026

1. Who we are

Nanosync Inc. ("Nanosync", "we", "us") operates the website at nanosync.dev and the Nanosync data replication platform. We are incorporated in the United Arab Emirates. This Privacy Policy explains how we collect, use, and protect your personal data in accordance with UAE Federal Decree Law No. 45 of 2021 on Personal Data Protection (PDPL) and, where applicable, the EU General Data Protection Regulation (GDPR).

Questions or requests: legal@nanosync.dev

2. Data we collect

Early Access Requests

When you submit a request for early access, we collect your email address, job title, company name, and any other information you voluntarily provide in the form. We use this to evaluate access requests and communicate product updates.

Usage Analytics

We use Google Analytics 4 to understand how visitors interact with our website. Google Analytics collects data including your IP address (anonymised), browser type, device type, pages visited, and session duration. This data is processed by Google LLC under Google's privacy policy. We do not use this data to identify you personally.

Google Analytics sets cookies (e.g. _ga, _ga_*) to distinguish visitors and track sessions. These cookies persist for up to 2 years. You can opt out via your browser settings or Google's opt-out tool.

Platform Data (Future)

When the Nanosync platform is available, pipeline configuration data, connection metadata, and usage metrics will be collected. A separate data processing addendum (DPA) will govern this data. No platform data is collected at this time.

3. How we use your data

→To evaluate and respond to early access requests.

→To send product updates, launch announcements, and relevant communications (you can unsubscribe at any time).

→To understand website traffic and improve our content using aggregated, anonymised analytics.

→To comply with legal obligations under UAE law.

We do not sell your personal data to third parties. We do not use your data for automated decision-making that produces legal effects.

4. Legal basis for processing

Under the UAE PDPL and GDPR (for EEA residents), our legal bases are:

→Consent — for marketing communications and analytics cookies.

→Legitimate interests — for website security and fraud prevention.

→Legal obligation — where required by UAE law or applicable regulations.

5. Data sharing

We share data only with the following categories of third parties, under appropriate data protection agreements:

→Google LLC — analytics (Google Analytics 4). Data may be transferred to the US under Google's standard contractual clauses.

→Form providers — if you submit a form via Tally or similar, their privacy policy governs data at collection.

→Legal authorities — where required by UAE law or court order.

6. Data retention

Early access contact data is retained until you withdraw consent or request deletion. Analytics data is retained per Google Analytics' default retention settings (14 months). We review retention annually and delete data we no longer need.

7. Your rights

Under the UAE PDPL and, where applicable, GDPR, you have the right to:

→Access the personal data we hold about you.

→Correct inaccurate data.

→Request deletion of your data ("right to be forgotten").

→Withdraw consent at any time without affecting prior processing.

→Object to or restrict processing in certain circumstances.

→Data portability (where technically feasible).

To exercise any right, email legal@nanosync.dev. We will respond within 30 days.

8. Security

We implement technical and organisational measures appropriate to the risk, including TLS encryption in transit, access controls, and regular security reviews. No method of transmission over the internet is 100% secure. In the event of a data breach affecting your rights, we will notify you as required by applicable law.

9. Children

Our services are not directed at children under 18. We do not knowingly collect personal data from minors. If you believe we have done so, contact us at legal@nanosync.dev and we will delete it promptly.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be notified by updating the "Last updated" date above and, where appropriate, by email. Continued use of our website after changes constitutes acceptance of the updated policy.

11. Governing law

This Privacy Policy is governed by the laws of the United Arab Emirates. Any disputes shall be subject to the exclusive jurisdiction of the courts of the UAE.

Nanosync Inc. · United Arab Emirates · legal@nanosync.dev