top of page
Main.png

Data Protection Policy

  1. 1. Objective

  2. Dailoqa is committed to protecting the privacy of personal information and to compliance with data protection laws. The purpose of this policy is to document the privacy aspects of personal and sensitive information that we collect and process as part of our operations.

  3. 2. Scope

  4. This document is applicable to all processes and operations in Dailoqa.

  5. 3. Policy Statement

  6. This policy lays down guidelines to secure the processing of personal data collected by Dailoqa, directly or indirectly from the customers and users of Dailoqa’s services.

  7. “Personal Data” refers to any data that relates to an identified or identifiable individual or person. In practice, personal data includes all that can be assigned to an individual in any way. We collect name, contact details including email-address, telephone number and address.

  8. We collect and use personal information to contact our customers via phone, SMS, emails or post for sales and marketing our solutions and services. Data is collected through the “Contact us” page on our website, on the cloud providers marketplace portal, or through direct provisioning of information during services.

  9. Access is limited to employees and partners on a need-to-know basis.

  10. 4. Dailoqa’s Broccoli Solutions offered to the clients

  11. This section outlines the data privacy aspects in relation to Dailoqa’s Broccoli Solutions offered to our clients.

  12. Broccoli, an Agentic AI development platform from Dailoqa, is deployed into the customer’s cloud subscription. All application resources operate within the customer’s tenant and selected region, with the customer retaining ownership and control of the environment and personal data at all times.

  13. Dailoqa is granted restricted, auditable access solely to deploy the application in the managed resource group via Role-Based Access Control. No access is provided to customer-managed resource groups or unrelated tenant assets.

  14. Personal data remains within the customer’s cloud tenant boundary unless explicitly configured by the customer, and the application may be removed by the customer at any time, at which point Dailoqa access is automatically revoked.

  15. 5. Principles for Processing Personal Data

  16. At Dailoqa, we incorporate the following principles of data protection in the way we collect and store personal data. We ensure that the data we collect is:

  17. • Processed lawfully, fairly, and in a transparent manner.

  18. • Collected for specific, explicit, legitimate, and limited purposes.

  19. • Adequate, relevant, and limited to what is necessary.

  20. • Accurate and, where necessary, kept up to date.

  21. • Kept in an identifiable form for no longer than is necessary.

  22. • Processed in a manner that ensures appropriate security.

  23. 6. Security of Personal Data

  24. We use appropriate technical and organisational measures to protect the personal data we collect and process. The measures we use are generally designed to provide a level of security appropriate to the risk of personal data that we process.

  25. Depending on requirements arising from business commitments or regulations, the following advanced technical solutions may be considered to provide an additional layer of protection:

  26. • Security standards implemented include password protection and encryption.

  27. • Data Leakage Prevention (DLP) tools: To monitor and restrict data flow from potential endpoints to unauthorised systems.

  28. • Data Masking: To restrict the ability to read sensitive data within the organisation as well as to ensure protection from external parties.

  29. 7. Data Subject Rights

  30. To adequately protect the personal data collected and processed by Dailoqa, you must understand the rights to which data subjects are entitled. Listed below are the data subject rights that we adhere to:

  31. • Right to be informed: The right to know how personal data is used in clear and transparent language.

  32. • Right of access: The right to know and have access to the personal data held about an individual.

  33. • Right to data portability: The right to receive and transfer data in a common and machine readable electronic format.

  34. • Right to be forgotten: The right to have personal data erased.

  35. • Right to rectification: The right to have data corrected where it is inaccurate or incomplete.

  36. • Right to object: The right to complain and to object to processing.

  37. • Right to restriction of processing: The right to limit the extent of the processing of personal data according to an individual’s wishes.

  38. • Rights related to automated decision-making and profiling: The right not to be subject to decisions without human involvement.

  39. • Right to non-discrimination: The right to not be discriminated against for an individual exercising their rights.

  40. 8. Staff Training

  41. Dailoqa ensures that its employees receive and attend the required data protection training, including the content and handling of this Policy, if they have constant or frequent access to personal data, are involved in the collection of data, or in the development of tools used to process personal data. The requirements of data protection and compliance must be observed.

  42. All Dailoqa staff members need to annually acknowledge that they have attended the Data-Protection training and understand the Data Protection Policy.

  43. 9. Data Protection Officer

  44. The Data Protection Officer leads all the data protection efforts of the company.

  45. 10. Non-Compliance

  46. Compliance with this policy is verified through various methods, including but not limited to automated reporting, audits, and feedback to the policy owner. Any staff member found to be in violation of this policy is subjected to disciplinary action, up to and including termination of employment or contractual agreement. The disciplinary action depend on the extent, intent, and repercussions of the specific violation.

  47. 11. Responsibilities

  48. The Information Security Officer is responsible for approving and reviewing policy and related procedures. Supporting functions, departments, and staff members are responsible for implementing the relevant sections of the policy in their area of operation.

  49. 12. Schedule

  50. This document is reviewed annually and whenever significant changes occur in the organisation.

  51. 13. Version History

  52. Version

  53. Log

  54. Date

  55. 2 Current

  56. Policy version approved by Information Security Officer

  57. 03 Jun, 2025

  58. 2

  59. New policy version created

  60. 02 Jun, 2025

  61. 1

  62. Policy version approved by Information Security Officer

  63. 02 Jun, 2025

  64. 1

  65. New policy version created

  66. 14 May, 2025

  67. Dailoqa Data Protection Policy | Prepared from website content

bottom of page