PRIVACY POLICY
Dubai
(Mainland)
24 November 2025
This Privacy Policy (hereinafter – “the Policy”)describes how BDP DECOR TRADING CO. L.L.C. (License Number: 1074413) (hereinafter – “the Company”, “the Controller”, “We”, “Us”, “Our”) processes Personal Data of Users (hereinafter – “You”, “Your”, “Data Subject”, “User”, “Customer”) in the United Arab Emirates (mainland), who visit Our website (https://lids-rent.ae/), submit online forms, place orders, communicate with Us and/or otherwise interact with Our services.
This Policy applies to all processing of Personal Data performed by the Company within Mainland UAE.
By using Our website or submitting Your Personal Data, You agree to the terms of this Privacy Policy.
We respect Your privacy and are committed to protecting Your Personal Data by applying appropriate technical and organisational measures.
We ensure the confidentiality and security of personal information while emphasizing the rights and duties of all concerned parties.
We are committed to treating Your privacy with respect, fairness, transparency and integrity, honouring the trust You place in Us.
1. General Provisions
1.1. The Policy has been developed to ensure the protection of the rights and freedoms of the Personal Data Subject during the processing of his or her Personal Data, including the protection of the rights to privacy and to the confidentiality of personal and family life.
1.2. This Privacy Policy has been developed in accordance with the requirements of UAE Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data (hereinafter – “PDPL”), as well as other applicable laws and regulations governing the protection of Personal Data.
1.3. Key Terms Used in This Policy:
1.3.1. Personal data means any data relating to an identified natural person, or a natural person who can be identified, directly or indirectly, through the linking of data, by reference to an identifier such as name, email address, phone number, billing details and delivery address necessary to administer bookings, invoices, payments and delivery of Equipment, including but not limited to identifiers, online identifiers, or any factor relating to identity, behaviour or preferences.
1.3.2. Data Subject is the natural person who is the subject of the Personal Data.
1.3.3. Processing means any operation or set of operations performed on Personal Data using any electronic means, including processing and other means. Such processing includes collecting, storing, recording, organizing, adapting, modifying, circulating, altering, retrieving, exchanging, sharing, using, characterizing, disclosing Personal Data by broadcasting, transmitting, distributing, making available, coordinating, merging, restricting, blocking, erasing or destroying it or creating forms thereof.
1.3.4. Automated Processing is processing which is carried out using an electronic program or system which operates in an automated and automatic manner either completely independently without any human intervention or partially with limited human supervision and intervention
1.3.5. Personal Data Security is a set of technical and organizational measures, procedures and processes specified in accordance with provisions of this Decree by Law which maintain the protection of privacy, confidentiality, integrity and availability of Personal Data
1.3.6. Data Breach is breaching information security and Personal Data through illegal or unauthorized access. This includes copying, sending, distributing, exchanging, transferring, circulating or processing it in a way which leads to disclosure of such data to third parties, or destroying or modifying it during storage, transfer and processing
1.3.7. Profiling is a form of automated processing which involves the use of Personal Data to assess certain personality aspects associated with the Data Subject, including analyzing or predicting aspects related to his/her financial performance or condition, health, personal preferences, interests, behavior, location, movements or reliability
1.3.8. Cross-Border Processing is dissemination, use, display, transmission, reception, retrieval, sharing or processing of Personal Data outside the State.
1.3.9. Consent is the consent whereby the Data Subject authorizes a third party to process his/her Personal Data, provided that this consent indicates, in a specific, clear and unambiguous manner, that he/she accepts the processing of his/her Personal Data through a clear positive statement or action.
1.3.10. Controller is BDP DECOR TRADING CO. L.L.C. which has Personal Data and which, freely given the nature of his/her activity, specifies the method, criteria, and purpose of Processing such Personal Data, whether individually or jointly with other persons or establishments.
1.3.11. Processor is an establishment or natural person who processes Personal Data on behalf of the Controller, as directed and instructed by the Controller.
1.3.12. Website means a set of interrelated web pages published on the Internet at the following address: https://lids-rent.ae/.
1.4. Our website may contain links to third-party websites or communication channels (WhatsApp, social media, etc.). We are not responsible for the privacy practices of such third parties.
2.2. Your Personal Data shall be processed solely for the following explicit, specific, and legitimate purposes:
2.2.1. Order Management: Registration, processing, and fulfillment of Your orders, including any associated administrative actions;
2.2.2. Identity Verification: Verification of Your identity where required to comply with legal or contractual obligations;
2.2.3. Communication: Correspondence with You regarding Your bookings, inquiries, or other interactions with Our services;
2.2.4. Logistics Management: Delivery, collection, and management of rental equipment, including any operational handling necessary for such purposes;
2.2.5. Financial Transactions: Processing of payments, invoicing, and related financial record-keeping;
2.2.6. Claims and Disputes: Administration of returns, complaints, claims, and dispute resolution;
2.2.7. Website and Service Operation: Operation, maintenance, monitoring, and improvement of website, digital services, and infrastructure;
2.2.8. Legal Compliance: Ensuring compliance with applicable laws, regulations, and other mandatory legal obligations;
2.2.9. Analytics and Optimization: Conducting analytics, monitoring, and optimization of Our services, including service quality, security, and User experience;
2.2.10. Customer Support: Handling and responding to Customer service requests, inquiries, or complaints;
2.2.11. Additional Purposes with Consent: Using Your Personal Data for any other specific purpose that You may expressly authorize or consent to from time to time.
3. Legal Basis for Processing
3.1. We process Personal Data only on the lawful grounds provided by PDPL:
3.1.1. Consent (art.4 PDPL): when You voluntarily submit Personal Data through website, forms, or other communication channels.
3.1.2. Performance of a Contract: where the processing is necessary to enter into, perform, or administer rental or service agreements, including delivery of equipment, payment processing, and provision of Customer support.
3.1.3. Compliance with Legal Obligations: where processing is required for accounting, record-keeping, responding to competent authorities, or fulfilling any other statutory obligations.
3.1.4. Legitimate Interests: where processing is necessary to ensure website and system security, prevent fraud or misuse, manage Customer relations, handle complaints and claims, and support the proper functioning of business operations.
4. Types of Personal Data We collect
4.1. The scope and content of the Personal Data processed shall correspond to the declared purposes of processing. Personal Data processed must not be excessive in relation to the purposes for which it is collected and processed.
4.2. We may collect the following personal information about You:
4.2.1. Data provided by You voluntarily:
5.1. We only collect, process, use, share and store Your personal information where We are satisfied that We have an appropriate legal basis to do so.
5.2. We do not knowingly collect or process Personal Data of individuals under 18.
By using Our website or mobile application, You confirm that You are of applicable legal age or over to access and use Our website or mobile application in accordance with its terms. If a minor (according to applicable legislation) has provided the Company with personal information without the consent or a parent or guardian, then the parent or guardian can contact Us to remove it.
5.3. A Data Protection Officer is not required under the PDPL given the nature, scope and low-risk profile of Our processing activities..
5.4. The source of Personal Data is the Website.
5.5. The condition for the termination of Personal Data processing is the termination of the Company's activities and, along with it, the Website.
5.6. We routinely share Your personal information with the following categories of third parties:
5.6.1. Payment card companies, credit reference agencies and fraud prevention screening: to perform Our contract with You and/or for the purposes of protecting Our legitimate interests.
5.6.2. Our third-party partners: to perform Our contract with You and/or for the purposes of protecting Our legitimate interests (Website hosting (Tilda), Delivery and logistics partners, Payment gateways, Accounting and billing tools, IT and technical support providers).
5.6.3. Other third parties (legal): to comply with Our legal and regulatory obligations; and/or for the purposes of protecting Our legitimate interests (occasionally it may be necessary to share Your personal information with other third parties including police, regulatory authorities, law firms, Our insurers and courts of law, to protect Our rights, property, and the safety of Our Customers, passengers, staff and assets).
5.7. We will not share Your personal information with any other third party without Your consent.
5.8. All third parties receive only the minimum necessary data and must ensure confidentiality and security.
5.9. We do not sell, trade or rent Personal Data.
5.10. The Company and other persons who have access to Personal Data are obliged not to disclose to third parties and not to distribute Personal Data without the consent of the subject of Personal Data.
5.11. Personal Data provided through the website is stored and processed using the Tilda Publishing platform, which uses secure cloud data centres that may be located inside or outside the United Arab Emirates, including in jurisdictions such as the European Union or other regions that provide an adequate level of protection.
5.12. Our website and supporting tools may store or process Personal Data outside the UAE (e.g., on Tilda servers or in cloud services), including in the European Union and other jurisdictions recognized by the UAE Data Office as providing an adequate level of protection.
Cross-border transfers are carried out only when one of the following applies:
5.14. Personal Data is kept secure by protecting it from any breaches, intrusions, or illegal or unauthorised processing through the development and implementation of appropriate technical and organisational measures and procedures in accordance with applicable laws and regulations.
5.15. The Company takes the following measures to ensure the security of Personal Data:
5.18. We retain Personal Data only for as long as necessary to achieve the purposes described in this Policy, including:
5.20. The Company responds to all verified Data Subject requests within 30 calendar days.
We may extend this period once for an additional 30 days if the request is complex or numerous, in which case You will be notified.
Requests may be denied when permitted by law, including when fulfilling the request would:
6.1. Data Subjects have the following rights (although these rights are also subject to certain exceptions and limitations):
6.3. To exercise rights, the Data Subject may contact the Company using the contact details specified in Article 8 of this Policy.
6.4. If You believe that Your rights under the PDPL have been violated and the Company has not resolved Your request, You have the right to file a complaint with the UAE Data Office.
7. Cookies
7.1. The Website uses cookies (small text files stored on the User's device) for the following purposes:
7.1.1. Ensuring the proper functioning of the Website and its features.
7.1.2. Analysing the use of the Website in order to improve it (visitor statistics, User behaviour).
7.1.3. Remembering the User's preferences (e.g. language, settings).
7.2. The User may at any time configure their browser to block all cookies or notify them when cookies are sent. Disabling cookies may result in some features of the Website not working properly.
8. Contact Information
8.1. For all questions regarding this Policy or the processing of personal data, the Data Subject may contact the Company:
9.1. We may update this Policy from time to time to reflect changes in legislation, regulatory guidance, or processing practices.
9.2. Each version will indicate an “Effective Date”.
9.3. The updated version will be published on the Website.
(Mainland)
24 November 2025
This Privacy Policy (hereinafter – “the Policy”)describes how BDP DECOR TRADING CO. L.L.C. (License Number: 1074413) (hereinafter – “the Company”, “the Controller”, “We”, “Us”, “Our”) processes Personal Data of Users (hereinafter – “You”, “Your”, “Data Subject”, “User”, “Customer”) in the United Arab Emirates (mainland), who visit Our website (https://lids-rent.ae/), submit online forms, place orders, communicate with Us and/or otherwise interact with Our services.
This Policy applies to all processing of Personal Data performed by the Company within Mainland UAE.
By using Our website or submitting Your Personal Data, You agree to the terms of this Privacy Policy.
We respect Your privacy and are committed to protecting Your Personal Data by applying appropriate technical and organisational measures.
We ensure the confidentiality and security of personal information while emphasizing the rights and duties of all concerned parties.
We are committed to treating Your privacy with respect, fairness, transparency and integrity, honouring the trust You place in Us.
1. General Provisions
1.1. The Policy has been developed to ensure the protection of the rights and freedoms of the Personal Data Subject during the processing of his or her Personal Data, including the protection of the rights to privacy and to the confidentiality of personal and family life.
1.2. This Privacy Policy has been developed in accordance with the requirements of UAE Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data (hereinafter – “PDPL”), as well as other applicable laws and regulations governing the protection of Personal Data.
1.3. Key Terms Used in This Policy:
1.3.1. Personal data means any data relating to an identified natural person, or a natural person who can be identified, directly or indirectly, through the linking of data, by reference to an identifier such as name, email address, phone number, billing details and delivery address necessary to administer bookings, invoices, payments and delivery of Equipment, including but not limited to identifiers, online identifiers, or any factor relating to identity, behaviour or preferences.
1.3.2. Data Subject is the natural person who is the subject of the Personal Data.
1.3.3. Processing means any operation or set of operations performed on Personal Data using any electronic means, including processing and other means. Such processing includes collecting, storing, recording, organizing, adapting, modifying, circulating, altering, retrieving, exchanging, sharing, using, characterizing, disclosing Personal Data by broadcasting, transmitting, distributing, making available, coordinating, merging, restricting, blocking, erasing or destroying it or creating forms thereof.
1.3.4. Automated Processing is processing which is carried out using an electronic program or system which operates in an automated and automatic manner either completely independently without any human intervention or partially with limited human supervision and intervention
1.3.5. Personal Data Security is a set of technical and organizational measures, procedures and processes specified in accordance with provisions of this Decree by Law which maintain the protection of privacy, confidentiality, integrity and availability of Personal Data
1.3.6. Data Breach is breaching information security and Personal Data through illegal or unauthorized access. This includes copying, sending, distributing, exchanging, transferring, circulating or processing it in a way which leads to disclosure of such data to third parties, or destroying or modifying it during storage, transfer and processing
1.3.7. Profiling is a form of automated processing which involves the use of Personal Data to assess certain personality aspects associated with the Data Subject, including analyzing or predicting aspects related to his/her financial performance or condition, health, personal preferences, interests, behavior, location, movements or reliability
1.3.8. Cross-Border Processing is dissemination, use, display, transmission, reception, retrieval, sharing or processing of Personal Data outside the State.
1.3.9. Consent is the consent whereby the Data Subject authorizes a third party to process his/her Personal Data, provided that this consent indicates, in a specific, clear and unambiguous manner, that he/she accepts the processing of his/her Personal Data through a clear positive statement or action.
1.3.10. Controller is BDP DECOR TRADING CO. L.L.C. which has Personal Data and which, freely given the nature of his/her activity, specifies the method, criteria, and purpose of Processing such Personal Data, whether individually or jointly with other persons or establishments.
1.3.11. Processor is an establishment or natural person who processes Personal Data on behalf of the Controller, as directed and instructed by the Controller.
1.3.12. Website means a set of interrelated web pages published on the Internet at the following address: https://lids-rent.ae/.
1.4. Our website may contain links to third-party websites or communication channels (WhatsApp, social media, etc.). We are not responsible for the privacy practices of such third parties.
- 2.Purposes of Personal Data Processing
2.2. Your Personal Data shall be processed solely for the following explicit, specific, and legitimate purposes:
2.2.1. Order Management: Registration, processing, and fulfillment of Your orders, including any associated administrative actions;
2.2.2. Identity Verification: Verification of Your identity where required to comply with legal or contractual obligations;
2.2.3. Communication: Correspondence with You regarding Your bookings, inquiries, or other interactions with Our services;
2.2.4. Logistics Management: Delivery, collection, and management of rental equipment, including any operational handling necessary for such purposes;
2.2.5. Financial Transactions: Processing of payments, invoicing, and related financial record-keeping;
2.2.6. Claims and Disputes: Administration of returns, complaints, claims, and dispute resolution;
2.2.7. Website and Service Operation: Operation, maintenance, monitoring, and improvement of website, digital services, and infrastructure;
2.2.8. Legal Compliance: Ensuring compliance with applicable laws, regulations, and other mandatory legal obligations;
2.2.9. Analytics and Optimization: Conducting analytics, monitoring, and optimization of Our services, including service quality, security, and User experience;
2.2.10. Customer Support: Handling and responding to Customer service requests, inquiries, or complaints;
2.2.11. Additional Purposes with Consent: Using Your Personal Data for any other specific purpose that You may expressly authorize or consent to from time to time.
3. Legal Basis for Processing
3.1. We process Personal Data only on the lawful grounds provided by PDPL:
3.1.1. Consent (art.4 PDPL): when You voluntarily submit Personal Data through website, forms, or other communication channels.
3.1.2. Performance of a Contract: where the processing is necessary to enter into, perform, or administer rental or service agreements, including delivery of equipment, payment processing, and provision of Customer support.
3.1.3. Compliance with Legal Obligations: where processing is required for accounting, record-keeping, responding to competent authorities, or fulfilling any other statutory obligations.
3.1.4. Legitimate Interests: where processing is necessary to ensure website and system security, prevent fraud or misuse, manage Customer relations, handle complaints and claims, and support the proper functioning of business operations.
4. Types of Personal Data We collect
4.1. The scope and content of the Personal Data processed shall correspond to the declared purposes of processing. Personal Data processed must not be excessive in relation to the purposes for which it is collected and processed.
4.2. We may collect the following personal information about You:
4.2.1. Data provided by You voluntarily:
- Name;
- Email address;
- Phone number;
- Billing details/ Payment information (We do not store or collect payment card numbers or sensitive financial data);
- Delivery address.
- IP address;
- Information from cookies;
- Browser information (or other software used to access the Website);
- Access time and addresses of visited pages;
- Device data (type, model, operating system);
- Geolocation data (where consent has been provided).
5.1. We only collect, process, use, share and store Your personal information where We are satisfied that We have an appropriate legal basis to do so.
5.2. We do not knowingly collect or process Personal Data of individuals under 18.
By using Our website or mobile application, You confirm that You are of applicable legal age or over to access and use Our website or mobile application in accordance with its terms. If a minor (according to applicable legislation) has provided the Company with personal information without the consent or a parent or guardian, then the parent or guardian can contact Us to remove it.
5.3. A Data Protection Officer is not required under the PDPL given the nature, scope and low-risk profile of Our processing activities..
5.4. The source of Personal Data is the Website.
5.5. The condition for the termination of Personal Data processing is the termination of the Company's activities and, along with it, the Website.
5.6. We routinely share Your personal information with the following categories of third parties:
5.6.1. Payment card companies, credit reference agencies and fraud prevention screening: to perform Our contract with You and/or for the purposes of protecting Our legitimate interests.
5.6.2. Our third-party partners: to perform Our contract with You and/or for the purposes of protecting Our legitimate interests (Website hosting (Tilda), Delivery and logistics partners, Payment gateways, Accounting and billing tools, IT and technical support providers).
5.6.3. Other third parties (legal): to comply with Our legal and regulatory obligations; and/or for the purposes of protecting Our legitimate interests (occasionally it may be necessary to share Your personal information with other third parties including police, regulatory authorities, law firms, Our insurers and courts of law, to protect Our rights, property, and the safety of Our Customers, passengers, staff and assets).
5.7. We will not share Your personal information with any other third party without Your consent.
5.8. All third parties receive only the minimum necessary data and must ensure confidentiality and security.
5.9. We do not sell, trade or rent Personal Data.
5.10. The Company and other persons who have access to Personal Data are obliged not to disclose to third parties and not to distribute Personal Data without the consent of the subject of Personal Data.
5.11. Personal Data provided through the website is stored and processed using the Tilda Publishing platform, which uses secure cloud data centres that may be located inside or outside the United Arab Emirates, including in jurisdictions such as the European Union or other regions that provide an adequate level of protection.
5.12. Our website and supporting tools may store or process Personal Data outside the UAE (e.g., on Tilda servers or in cloud services), including in the European Union and other jurisdictions recognized by the UAE Data Office as providing an adequate level of protection.
Cross-border transfers are carried out only when one of the following applies:
- Your explicit consent has been obtained;
- the receiving jurisdiction ensures adequate protection;
- contractual safeguards (Standard Contractual Clauses or equivalent PDPL-compliant guarantees) are implemented;
- the transfer is necessary for contract performance.
5.14. Personal Data is kept secure by protecting it from any breaches, intrusions, or illegal or unauthorised processing through the development and implementation of appropriate technical and organisational measures and procedures in accordance with applicable laws and regulations.
5.15. The Company takes the following measures to ensure the security of Personal Data:
- takes adequate technical and organisational measures to prevent unauthorised disclosure, alteration, destruction, falsification or any other unlawful use of personal data, based on the nature, scope, purposes and context of the processing, as well as the risks to Data Subjects;
- apply safeguards both at the design stage of processing systems and processes (“privacy by design and by default”) and during the actual processing of data;
- use pseudonymisation, data minimisation and other risk mitigation techniques;
- ensures that the parameters of automated processing limit the use of data strictly to the purposes for which it was collected, including control of data volume, types of operations, storage periods and access capabilities;
- conducts regular risk assessments and evaluates the effectiveness of protective measures;
- appoints processors only if they provide sufficient guarantees that they are capable of ensuring protection measures in accordance with the PDPL and Executive Regulations;
- concludes written agreements on the processing of personal data;
- monitors processors' compliance with PDPL requirements and the Company's internal policies;
- provides the Data Office with information, documents and evidence requested within the scope of its powers, including documents related to investigations, monitoring or audits;
- provides notification of personal data security breaches
- ensures data protection at all stages of processing, including the design stage of processes and systems (privacy by design);
- deletes or returns data upon completion of processing;
- prevents any unauthorised disclosure of personal data, except in cases permitted by the PDPL;
- ensures the protection of media, information systems and devices used for processing;
- enters into written agreements with other processors (sub-processors), if they are involved, with the distribution of responsibilities. In the absence of such an agreement, the processors are jointly and severally liable;
- encrypts personal data and applies pseudonymisation;
- implements measures to ensure the ongoing confidentiality, security, accuracy and flexibility of data processing systems and services;
- implements measures to ensure timely recovery and access to personal data in the event of physical or technical failures;
- implements measures to ensure seamless testing and evaluation of the effectiveness of technical and organisational measures to ensure the security of processing;
- keeps a special Record of Processing Activities (ROPA).
- information about the Controller and the appointed Data Protection Officer;
- a description of the categories of personal data processed;
- categories of Data Subjects;
- a list of persons and departments with access to the data;
- the purposes, legal grounds and duration of processing;
- restrictions, scope of processing and methods used;
- mechanisms for correcting, deleting, blocking or modifying personal data;
- information on cross-border data transfers, if any;
- a description of the technical and organisational information security measures used.
5.18. We retain Personal Data only for as long as necessary to achieve the purposes described in this Policy, including:
- fulfilling orders;
- keeping financial and legal records;
- handling claims and disputes (3 years after service completion).
5.20. The Company responds to all verified Data Subject requests within 30 calendar days.
We may extend this period once for an additional 30 days if the request is complex or numerous, in which case You will be notified.
Requests may be denied when permitted by law, including when fulfilling the request would:
- adversely affect the rights of another person;
- prevent compliance with legal obligations;
- interfere with crime prevention or regulatory inquiries.
6.1. Data Subjects have the following rights (although these rights are also subject to certain exceptions and limitations):
- −the right to obtain information about the personal data collected;
- −the right to request the transfer of personal data in a structured and machine-readable format;
- −the right to correct or delete personal data;
- −the right to withdraw consent at any time;
- −the right to restrict the processing of personal data;
- −the right to terminate the processing of personal data;
- −the right to object to any decisions made as a result of automated processing of personal data, including profiling.
6.3. To exercise rights, the Data Subject may contact the Company using the contact details specified in Article 8 of this Policy.
6.4. If You believe that Your rights under the PDPL have been violated and the Company has not resolved Your request, You have the right to file a complaint with the UAE Data Office.
7. Cookies
7.1. The Website uses cookies (small text files stored on the User's device) for the following purposes:
7.1.1. Ensuring the proper functioning of the Website and its features.
7.1.2. Analysing the use of the Website in order to improve it (visitor statistics, User behaviour).
7.1.3. Remembering the User's preferences (e.g. language, settings).
7.2. The User may at any time configure their browser to block all cookies or notify them when cookies are sent. Disabling cookies may result in some features of the Website not working properly.
8. Contact Information
8.1. For all questions regarding this Policy or the processing of personal data, the Data Subject may contact the Company:
- −BDP DECOR TRADING CO. L.L.C.
- −Address: (укажите юридический адрес)
- −Email: info@lidsrent.ae
- −Website: https://lids-rent.ae/
9.1. We may update this Policy from time to time to reflect changes in legislation, regulatory guidance, or processing practices.
9.2. Each version will indicate an “Effective Date”.
9.3. The updated version will be published on the Website.