Privacy & Security Policy
Your privacy and data security are our top priorities. Learn how we protect and handle your information.
This Privacy and Security Policy ("Policy") explains how Rabta, a product of Trego Tech.com ("we," "us," "our"), collects, uses, protects, and discloses information in connection with your use of our platform and services. By accessing or using our platform, you agree to the practices outlined in this Policy.
1. Security Policy
We take the security of your data seriously and implement robust measures to protect it.
Data Transmission
All data transmitted between your device and our servers is secured using SSL (Secure Socket Layer) protocol, which encrypts data to prevent unauthorized access.
Infrastructure
Our servers are hosted in a secure, professionally managed data center with 24/7 monitoring and protection against fire, power outages, and unauthorized physical access.
Account Protection
User accounts are secured with encrypted login and password. We strongly advise users to use strong, unique passwords and keep them confidential.
Data Backup
We perform automatic backups of all data to ensure business continuity and protection against data loss.
Incident Response
We have a defined protocol for immediate response to any technical failures or security incidents to minimize potential damage and restore service promptly.
2. Privacy Policy
This section explains how we handle personal data.
2.1 Our Role: Data Controller and Data Processor
Data Controller
Rabta acts as a data controller for the personal data of our direct users (e.g., your company name, contact details, payment information). We are responsible for determining the purposes and means of processing this data.
Data Processor
For your customers' data (e.g., their names, shipping addresses, order details) that you process through our platform, you are the data controller, and Rabta is the data processor. We process this data strictly on your behalf and according to your instructions to provide the service. You are responsible for ensuring you have the necessary legal basis (e.g., consent) to collect and process your customers' data.
2.2 What Information We Collect
Information you provide to us:
Account and Business Data
Your company name, contact person's name, email address, phone number, physical address, payment information, products, inventory, and orders.
Customer and Order Data
The personal data of your customers, including names, addresses, emails, and order history, which you transmit to our Platform.
Information we collect automatically:
Usage Data
Information about how you use the Platform, such as pages visited, features used, and time spent on the Platform.
Technical Data
Your IP address, browser type, device information, and operating system.
Cookies
Data collected through cookies and similar technologies to remember your preferences, track usage, and manage your session.
2.3 How We Use Your Information
To Provide the Service
To operate and maintain the Platform, process payments, and provide you with the e-commerce management features you have subscribed to.
Communication
To send you service-related notifications, updates, and marketing communications about our products.
Service Improvement
To analyze usage patterns, troubleshoot technical issues, and improve the functionality and performance of our Platform.
Compliance and Legal Obligations
To comply with legal obligations, enforce our Terms and Conditions, and protect our rights and interests.
2.4 How We Share Your Information
We do not sell your personal data
We do not sell your personal data.
External Service Providers
We share necessary data with third-party providers (e.g., payment processors, shipping carriers, marketplaces) to enable the functionalities you use.
Affiliates
We may share data with our parent company, Trego Tech.com, and its subsidiaries for operational purposes.
Legal Compliance
We may disclose your information if required by law or to respond to valid legal requests, such as a court order or subpoena.
2.5 Your Rights
Right to Access: You have the right to request a copy of the personal data we hold about you.
Right to Rectification: You can request that we correct any inaccurate or incomplete data.
Right to Erasure: You can request that we delete your personal data under certain conditions.
Right to Object: You have the right to object to the processing of your data.
Right to Portability: You can request that we transfer your data to another organization or directly to you.
2.6 Legal Basis for Processing
Contractual necessity
to provide and fulfill our services under the Terms and Conditions.
Legal obligations
to comply with applicable laws, tax, and regulatory requirements.
Legitimate interests
to improve and secure our Platform, prevent fraud, and protect our business interests, provided such interests are not overridden by your fundamental rights.
Consent
where required (e.g., for certain marketing communications), we will seek your prior consent, which you may withdraw at any time.
2.7 International Data Transfers
Safeguards
When transferring data internationally, we ensure that appropriate safeguards are in place, such as contractual protections or other legal mechanisms required by applicable law.
Consent to transfers
By using our Platform, you consent to the transfer of your information to other countries where Rabta or its service providers operate, provided such transfers comply with applicable legal requirements.
2.8 Children’s Data
Age restriction
Our Platform and services are intended exclusively for businesses and individuals over the age of 18. We do not knowingly collect personal data from children.
Inadvertent collection
If we become aware that we have inadvertently collected personal information from a child under 18, we will promptly delete it.
Contact
If you believe we have collected such information, please contact us using the details in Section 4.
2.9 Security Breach Notification
Assessment
In the event of a data breach that compromises the security of your personal data, Rabta will promptly assess the scope and impact of the incident.
User notification
We will notify affected Users without undue delay, where required by applicable law.
Regulatory notification
Where required by law (e.g., GDPR), we will notify the relevant supervisory authority within 72 hours.
Cooperation
We will cooperate with regulators and provide all legally required notifications.
2.10 Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to provide the Platform, comply with legal and regulatory obligations, resolve disputes, and enforce our agreements.
Account and Billing Data
Retained for the duration of your use of the Platform and thereafter as required by law, typically for accounting or tax purposes.
Service Logs and Analytics Data
Retained for operational and security purposes for a period not exceeding thirty-six (36) months, unless a longer retention is required by law.
Customer Data Processed on Your Behalf
Retained only as instructed by you. Upon termination of your Account, such data will be deleted or anonymized unless applicable law requires otherwise.
2.11 Recipients of Personal Data
We may share personal data with trusted third parties where necessary for the operation of the Platform or to comply with legal obligations. Categories of recipients include:
Hosting and cloud infrastructure providers that store and secure data.
Payment processors and financial institutions to process transactions.
Logistics and courier companies for order fulfillment where applicable.
Analytics and marketing providers (such as Google Analytics or Facebook Pixel) to help us understand usage and improve our services.
Professional advisers including auditors, legal counsel, and accountants.
Affiliates and group companies within Trego Tech for operational purposes.
Regulators, courts, and law enforcement authorities where disclosure is legally required.
All recipients are bound by confidentiality and security obligations and may only process personal data as instructed by us.
2.12 Automated Decision-Making and Profiling
Rabta does not make decisions based solely on automated processing that produce legal or similarly significant effects on individuals.
Profiling
We may use profiling techniques to analyze usage patterns, improve services, and deliver relevant content or marketing communications. Such profiling is limited in scope and does not override your rights. Where consent is required for such activities, you may withdraw it at any time.
2.13 How to Exercise Your Rights
You may exercise your rights (access, rectification, erasure, portability, restriction, objection, and withdrawal of consent) by contacting us at info@tregotech.com.
Response time
We will respond to your request without undue delay and within one (1) month of receipt.
Extensions
In complex or high-volume cases, we may extend the response period by up to two (2) additional months, and we will notify you of any such extension.
To exercise any of these rights, please contact us at the address provided in Section 4.
4. Contact Us
If you have any questions, concerns, or requests regarding this Privacy and Security Policy or your personal data, please contact us at:
We're here to help with any questions about your privacy and data security.
Our team typically responds within 24-48 hours.