Privacy Policy

Apexcare Medical is committed to protecting your personal data in accordance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data ("PDPL") and its implementing regulations. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights as a data subject.

1. Data Controller

The data controller for personal information collected via apexcaremedical.com is Apexcare Medical, based in the United Arab Emirates. For data-related enquiries, contact us at info@apexcaremedical.com.

2. Data We Collect

We collect the following categories of personal data:

3. How We Use Your Data

We process your personal data on the legal bases of contractual necessity, legitimate interest, and consent where required. Specifically, we use your data to:

• Process and fulfil your orders, including delivery and invoicing
• Send order confirmations, shipping updates, and customer service communications
• Maintain your account and order history
• Comply with UAE MOHAP and health authority reporting obligations
• Comply with UAE VAT registration and invoicing requirements (Federal Decree-Law No. 8 of 2017)
• Detect, prevent, and investigate fraud or security incidents
• Improve our website and product offerings based on aggregated, anonymised analytics
• Send promotional communications where you have opted in — you may unsubscribe at any time

4. Sharing Your Data

We do not sell your personal data. We share it only with:

• Logistics and courier partners to deliver your orders
• Payment processors to complete transactions securely
• IT and hosting providers who operate our platform under strict data processing agreements
• UAE government authorities (MOHAP, FTA, law enforcement) where required by law

Any third party with whom we share data is required to maintain appropriate security standards and to process data only for the specified purpose.

5. Cookies

We use cookies and similar technologies to operate the website, remember your session (e.g., shopping cart), and collect anonymised usage analytics. We do not use third-party advertising cookies.

You can disable cookies in your browser settings, but this may affect website functionality.

6. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this policy. Specific retention periods:

• Order and invoicing records: 5 years (UAE VAT and commercial law requirements)
• Account data: For the duration of your account plus 2 years after closure
• Marketing data: Until you unsubscribe or withdraw consent
• Technical/analytics data: 13 months on a rolling basis

7. Your Rights Under UAE PDPL

Under Federal Decree-Law No. 45 of 2021, you have the following rights regarding your personal data:

To exercise any of these rights, email us at info@apexcaremedical.com. We will respond within 30 days.

8. Data Security

We implement industry-standard technical and organisational measures to protect your personal data, including encrypted HTTPS connections, secure server environments, and access controls. In the event of a data breach that may affect your rights, we will notify you and the relevant UAE authority as required by law.

9. Contact & Complaints

For privacy-related enquiries, contact us at info@apexcaremedical.com. If you are unsatisfied with our response, you may lodge a complaint with the UAE Data Office established under the PDPL.