Privacy Policy

Effective Date: May 7, 2025

This Privacy Policy explains how REBUS TECHNOLOGY SOLUTIONS L.L.C - S.P.C (“Rebus”, “we”, “us”) collects, uses, shares, and protects information when you use our websites, mobile applications, and enterprise SaaS products, including CloseoutSoft (together, the “Services”).

1. Scope and roles (Controller vs Processor)

In enterprise deployments, Rebus often acts as a data processor/service provider for information uploaded or managed by your organization (the “Customer”), which acts as the data controller/business. In that case, our processing is governed by our contract with the Customer and your organization’s policies.

2. Information we collect

2.1 Information you provide

• Account information: name, email, phone (optional), job title or role, organization and project identifiers.
• Authentication data: login credentials, access identifiers, or SSO identifiers where enabled by your organization.
• Content you upload or create: project documents, drawings, photos and videos captured or uploaded for project documentation, inspections, and reporting, inspection records, comments, checklists, reports, and other project data (“Customer Content”).
• Support communications: messages, tickets, forms, and attachments you send to support or through contact channels.

2.2 Information collected automatically

• Device and usage data: device type, device identifiers, operating system, browser or app version, language, time zone, and feature usage.
• Log data: IP address, timestamps, diagnostics, crash data, audit logs, and security events.
• Cookies and similar technologies: used on our websites to operate, secure, and improve them.

2.3 Information from integrations

If you connect third-party systems such as SSO, storage, email, calendars, or construction tools, we may receive limited data from those providers to enable and support the integration.

3. Mobile app permissions

Our mobile applications may request access to certain device capabilities to provide core functionality.

• Camera: to capture site images, inspection photos, or document scans.
• Files / Storage: to upload, download, open, and manage project documents, drawings, and related files.
• Network access: to synchronize data with our services and maintain secure sessions.
• Notifications: to deliver workflow updates, alerts, approvals, reminders, and project communication where enabled.
• Location (approximate): to capture and associate site location information with photos, videos, and field progress updates where enabled by the user or organization. Location data is used solely for project tracking, reporting, and verification purposes within the enterprise application.

These permissions are used solely for delivering the Services and are not used for unrelated advertising or profiling purposes.

Location access is optional and is only used when users choose to attach location information to site records such as photos or updates. Users can control this through their device settings.

4. How we use information

• Provide and operate the Services including account creation, authentication, access control, document handling, workflow processing, and project collaboration.
• Security including fraud prevention, abuse detection, monitoring, auditability, and incident response.
• Support including responding to inquiries, troubleshooting, diagnosing issues, and improving reliability.
• Product improvement including analytics, performance measurement, usability improvements, and aggregated insights.
• Communication including sending notifications, alerts, workflow updates, and support responses related to the Services.
• Legal compliance including responding to lawful requests and enforcing our terms and contracts.

5. Legal bases (where applicable)

Depending on your location and relationship with us, we process information based on one or more of: (a) performance of a contract, (b) legitimate interests such as securing and improving services, (c) compliance with legal obligations, and/or (d) consent where required by law.

6. Sharing and disclosure

We may share information:

• With your organization: administrators and authorized users can access data under the Customer’s account, subject to the Customer’s configuration and permissions.
• With service providers: hosting, storage, monitoring, analytics, communication, and support vendors acting under contractual obligations.
• For legal reasons: to comply with law, protect rights, investigate fraud or misuse, or respond to lawful requests.
• Business transfers: in connection with a merger, acquisition, restructuring, financing, or asset sale, subject to appropriate safeguards.

We do not sell personal information.

7. Data retention

We retain information as needed to provide the Services and as required by contract, operational necessity, and law. Customer Content retention is typically controlled by the Customer’s subscription, configuration, and administrative settings.

8. Security

We use administrative, technical, and physical safeguards designed to protect data, such as access controls, encryption in transit where supported, logging, monitoring, backups, and least-privilege practices. However, no system is completely secure.

We may use device identifiers and session data to maintain secure access, detect unauthorized usage, and ensure account integrity. This data is not used for advertising or cross-app tracking.

9. International transfers

If you access the Services from outside the region where data is hosted, information may be processed in other countries. We use contractual and organizational measures intended to protect data in accordance with applicable law.

10. Your choices and rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of your personal data. In enterprise accounts, requests may need to be directed first to your organization’s administrator because your organization may control the underlying account and data.

To submit a request, contact us via our contact page or email admin@rebustech.ae.

11. Data deletion

Users may request deletion of personal data through their organization administrator or by contacting us directly. We will assess and respond in accordance with applicable law, contractual obligations, and technical feasibility.

12. Analytics

We may use aggregated and de-identified or anonymized information to analyze performance, improve usability, strengthen reliability, and enhance the Services.

13. Children’s privacy

The Services are intended for business and professional users and are not directed to children.

14. Updates to this policy

We may update this policy from time to time. We will post the updated version on this page and revise the effective date above.

15. Contact

REBUS TECHNOLOGY SOLUTIONS L.L.C - S.P.C

Website: rebustech.ae
Email: admin@rebustech.ae

Disclaimer: This privacy policy is provided for general informational purposes and should be reviewed by legal counsel for alignment with your operations, hosting regions, contracts, and applicable laws.

16. Google Play Data Safety Alignment

• No advertising ID usage: The application does not use advertising identifiers or ad tracking.
• No data selling: Personal and project data are never sold or shared for marketing purposes.
• Enterprise-only usage: Data is used strictly within organizational workflows (construction/project management).
• User control: Location and media capture are user-initiated and optional.
• Crash & diagnostics: Technical data may be collected to improve stability and performance.
• Device identification: Device/session identifiers are used for security, login tracking, and access control.

This section ensures alignment with Google Play Store Data Safety requirements for enterprise applications.