Updated on January 9, 2026

Updated on January 9, 2026

Privacy Policy for Personal Data Processing

  1. General Provisions

1.1. This Privacy Policy for Personal Data Processing (hereinafter referred to as the “Policy”) establishes the procedure and basic principles for processing personal data by OYSTEQ SOFTWARE DESIGN L.L.C (hereinafter referred to as the “Controller” or “We”).

1.2. The Policy has been developed in accordance with the requirements of:

  • For users from the European Economic Area (EEA) and the United Kingdom: Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) and the UK Data Protection Act 2018.

  • For users from the United States: Applicable federal and state laws, including but not limited to the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”), the Virginia Consumer Data Protection Act (“VCDPA”), and others.

  • For users from other jurisdictions: In accordance with applicable local data protection legislation.

1.3. All terms used in this Policy shall have the meanings defined in Article 4 of the GDPR or analogous definitions in applicable US state laws, unless otherwise specified herein.

1.4. The Controller prioritizes the protection of the rights and freedoms of individuals regarding their personal data, including the rights to privacy and data protection.

Controller’s Contact Details:

  • Legal Entity Name: OYSTEQ SOFTWARE DESIGN L.L.C

  • Address of Establishment: Office No. 35-2501, owned by Bassam Ibrahim Al-Sulaiman Al-Bassam – Al-Thaniyah Al-Wala, Dubai, United Arab Emirates

  • Email for Data Privacy Inquiries: info@familycassa.com

  • Website: familycassa.com

  1. Key Definitions

For the purposes of this Policy, the following key terms apply:

  • Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”).

  • Processing: Any operation or set of operations performed on personal data (e.g., collection, recording, storage, use, disclosure).

  • Data Subject: The individual to whom the personal data relates.

  • Controller: The entity that determines the purposes and means of the processing of personal data.

  • Processor: A third party that processes personal data on behalf of the Controller.

  1. Legal Basis and Principles for Processing

3.1. We process personal data lawfully, fairly, and transparently.

3.2. The legal bases for our processing under the GDPR may include:

  • Consent: The Data Subject has given clear, affirmative consent for one or more specific purposes.

  • Contract: Processing is necessary for the performance of a contract with the Data Subject.

  • Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.

  • Legitimate Interests: Processing is necessary for the purposes of our legitimate interests, except where such interests are overridden by the interests or fundamental rights of the Data Subject.

3.3. For residents of certain US states (e.g., California, Virginia, Colorado), we process personal data as defined and permitted by the respective state laws, which may include providing notices and offering opt-out rights for specific types of processing like “selling” or “sharing” data (as defined by CCPA) or targeted advertising.

  1. Purposes of Personal Data Processing

We process personal data for the following specified, explicit, and legitimate purposes:

  • To provide and manage your user account on our website.

  • To process, fulfill, and deliver your orders or service requests.

  • To communicate with you regarding your account, transactions, support inquiries, and our services.

  • To personalize and improve your experience on our website.

  • To send marketing and promotional communications (where you have provided consent or where permitted by law).

  • To ensure the security of our website and services, prevent fraud, and comply with our legal and regulatory obligations.

  1. Categories of Personal Data Collected

5.1. We collect information you provide directly to us and data collected automatically.

5.2. Categories may include:

  • Identifiers: Name, email address, phone number, IP address, online identifiers.

  • Commercial Information: Order history, payment details (processed by secure third-party payment processors), purchase tendencies.

  • Internet/Network Activity: Browsing history on our site, interaction with our services, cookie data (see our separate Cookie Policy).

  • Inferences: Preferences, characteristics, behaviors derived from the above.

  1. Data Subject Rights (Your Rights)

Your rights may vary depending on your location. Key rights include:

  • Right to Access / Know:
    Request confirmation of processing and a copy of your personal data. Under CCPA, also the right to know categories and sources of data.

  • Right to Rectification:
    Request correction of inaccurate or incomplete personal data.

  • Right to Erasure (“Right to be Forgotten”) / Delete:
    Request deletion of your personal data under certain conditions.

  • Right to Restrict Processing:
    Request limitation of how we use your data (under GDPR).

  • Right to Data Portability:
    Receive your data in a structured, machine-readable format (under GDPR).

  • Right to Object:
    Object to processing based on legitimate interests or for direct marketing.
    To opt-out of marketing, use the “unsubscribe” link in emails.

  • Right to Opt-Out of Sale / Sharing / Targeted Advertising (US Laws):
    Direct us not to “sell” or “share” your data (as defined by CCPA) or use it for targeted advertising.

  • Right Against Discrimination:
    Exercise your rights without receiving discriminatory treatment.

6.1. We will respond to verifiable requests within the timeframe required by applicable law (e.g., one month under GDPR, 30–45 days for many US state laws).

  1. International Data Transfers

7.1. If we transfer personal data from the EEA, UK, or Switzerland to countries not deemed to have an adequate level of data protection, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

  1. Data Security and Retention

8.1. We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or destruction.

8.2. We retain personal data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law.

  1. Changes to This Policy

9.1. We may update this Policy periodically. The “Last Updated” date at the top will indicate the latest revision.

9.2. We will notify users of any material changes via email or a prominent notice on our website.

  1. Contact and Complaints

10.1. For questions or to exercise your rights, contact us at the email provided in Section 1.

10.2. If you are in the EEA or UK and believe our processing violates data protection law, you have the right to lodge a complaint with your national supervisory authority.

AI Family Treasury and Payment Hub

Collected. Approved. Paid. Auto.

Establish family treasury

AI Family Treasury and Payment Hub

Collected. Approved. Paid. Auto.

Establish family treasury

Your
AI Family Treasury and Payments Hub

Collected. Approved. Paid. Auto.

Establish family treasury

Analytics cookies

We use analytics cookies to improve the site. Learn more