This document defines the scope of privacy and degree of confidentiality protecting the information which the User inputs during account registration on the Application or Website and normal use of the services, programs and facilities of www.innowork.com and/or INNOWORK Application (hereinafter referred to as ‘Website/Application’). At any time the User can, at his/her discretion, allow or forbid the collection and use of his/her personal information. Our legal basis for the collection of user data is Art. 6 (1) (b) GDPR and the customer’s consent.

By using this Website/Application, the User provides his/her consent to the Company to collect, use and disclose the User's personal information according to the rules and provisions of this agreement.

Website/Application is owned and operated by Black Cube Solutions FZCO (hereinafter “Company”) and the Company hereby proclaims and accepts its responsibility to protect the User's private information. This Privacy Policy contains the rules upon which such information is gathered and used. These rules apply to any personal and non-personal information gathered at and/or by the Company.

1. PERSONAL INFORMATION: The Company requires Users who register to use its services ("Services") offered on the Website/Application to give contact information, such as their name, date of birth, company name, address, phone number, and email address, qualification and billing information (if required), such as billing name and address. At the time Users express interest in obtaining additional information or when Users register for the service, Company may also ask for additional personal information, such as job title, department name, date of joining, reporting manager email, contact number, skills, etc. Users can update their personal information at any time by logging into the Website/Application and editing their Personal Information within setup. Users can view their updated profile to confirm their edits have been made.

We collect the following types of personal data and use them for the purposes specified:

2. NON-PERSONAL INFORMATION:

We may use third-party SDKs, including but not limited to Google Analytics and Firebase, to enhance our app’s functionality. These SDKs may collect device information, usage data, crash logs, and advertising IDs. The data shared is limited to non-personally identifiable information and is governed by their respective privacy policies.

a. The Company also collects non-personal information from Users, such as Users’ browser type, the URL of the previous Website/Applications User visited, User ISP, operating system, and User Internet protocol (IP) Address ("Non-Personal Information"). Non-Personal Information cannot be easily used to personally identify the User.

b. Cookies are very small text files that are stored on User system/device when Users visit some applications. Company uses cookies to help identify User system/device, so Company can tailor User experience, management of the sign-up process and user management, general administration including tracking login and usage, managing newsletter or email subscription/surveys, shopping and payment facilities. In some special cases, Company also uses cookies provided by trusted third-parties for Analytics, advertising, social media. Company can disable any cookies already stored on User system/device, but these may stop Company Website/Application from functioning properly.

c. In general, User can visit the Website/Application without telling Company who User is or revealing any information about User. However, Company’s web servers automatically collect the domain names/IP Address of visitors. This information is used to measure the number of visits, average time spent on the Website/Application and similar information, which is used to measure Company’s services, evaluate performance and improve Company’s content/services.

d. Most of the cookies we use are so-called session cookies, which are automatically deleted by your browser after the end of your visit to our website. Session cookies provide us with information about visitor behavior on our website, which we analyze. With the knowledge gained, we will make our website more user-friendly, place important content on the most popular pages and develop our marketing strategies according to the interests of our target audience. Other cookies are stored longer on your device and allow us to recognize you as a user during a subsequent visit to our website. We do not pass on information that we receive through our cookies to third parties. By using the “Incognito” or “Private” mode of your browser, or by means of adjusting the settings in your browser, you can prevent the installation of cookies. As a result, some of the facilitation of operating our website will no longer work.

e. Our legal basis for the use of cookies is Art. 6 (1) b) GDPR and Art. 6 (1) f) GDPR. Our legitimate interest is to optimize our product, increase user experience, enhance our customer support and improve our internal process efficiency.

f. Although we are based in the United Arab Emirates, we align our data practices with international standards, including the General Data Protection Regulation (GDPR), to ensure transparency, user rights, and global privacy compliance.

3. USE OF USER’S INFORMATION: The Company uses the information that it collects to set up services for its Users. Users’ email addresses and any personal customer information will not be distributed or shared with third-parties except to the extent necessary to provide the User with a requested service, or under circumstances required by law. The Company will disclose User’s personal information when Company believes in good faith that any applicable law, regulation, or legal process requires it, or where the Company believes disclosure is necessary to protect or enforce its rights or the rights of another user. Company also discloses aggregated User statistics in order to describe Company’s Website/Application/services and reach to prospective partners, advertisers, and other third-parties. However, aggregate data is not traceable to the User specifically. The Company may use contractors to help the Company with the Company’s operations. Some or all of these contractors may access Company databases of user information. These contractors will enter into an agreement with the Company that places restrictive provisions on their use and disclosure of all information they obtain through the relationship. The Company may share personal information with global partners for the purpose of providing Users with high quality, localized service. The Company may use Non-Personal Information to track the use of the Website/Application/services and for other internal purposes, such as providing, maintaining, evaluating, and improving the Services and the Website/Application. Users may, if they wish for any reason, delete their Personal Information or their Profiles. Upon User deleting their personal information or profiles the Company shall retain only an archival copy of information so deleted, which shall not be accessible on the internet for legal compliance. Company’s use of information use of information would be in compliance with the laws governing the protection of information technology and other applicable laws in force in Dubai, UAE.

Users have the right to access, modify, or delete their personal data. These actions can be taken directly through the user profile section of the app or by contacting us at customer-success@innowork.com. We ensure responses within 7 business days.

Data Safety Disclosure in App Store Listing: Our data collection, usage, and sharing practices are also transparently disclosed in the Data Safety section of our app’s listing on the app store. This ensures that users can review how their information is handled even before installing the app, promoting transparency and informed consent.

4. THIRD PARTY LINKS: INNOWORK Website/Application contains links to other websites/services/applications- mainly website. The Company is not responsible for the privacy practices or the content of these other websites/services/applications. Users and visitors must check the policy statement of these others websites/services/applications to understand their policies. Users and visitors who access a linked website/service/application may be disclosing their private information. It is User’s responsibility to keep such information private and confident.

5. OPT-OUT POLICY: Users can opt out of data collection for analytics and marketing by adjusting their preferences in the app settings under the 'Privacy Controls' section or by emailing customer-success@innowork.com with the subject 'Data Collection Opt-Out'.

a. Users can opt out of being contacted by the Company, or receiving information from the Company at any time by selecting the appropriate option provided for in their profiles or at any time by sending an email to customer-success@innowork.com. The service/Website/Application offers its visitors and Users a means to choose how it may use information provided and the frequency with which they will receive communication from the Company. If, at any time after registering for information or ordering services, Users change their mind about receiving information from Website/Application, the frequency with which they receive information or about sharing their information with third parties, they may modify their choices in the options provided for the same on their profiles or simply send the request to customer-success@innowork.com specifying such Users new choice.

b. You have the right to complain about the improper processing of your personal data (such as collection, storage, modification, transfer, deletion, etc.) by emailing us at Customer-success@innowork.com.

6. INTERNATIONAL DATA TRANSFER: We may transfer information that we collect about you, including personal information, to affiliated entities, or to other third parties (as provided herein) across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from other countries law, please note that you are transferring information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to UAE and the use and disclosure of information about you, including personal information, as described in this Privacy Policy.

7. PERSONAL DATA AND INFORMATION: We work hard to protect our users from unauthorized access or unauthorized alteration, disclosure, or destruction of information we hold. In particular:

a. We encrypt our services using SSL.

b. We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.

c. We restrict access to personal information to employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

8. COMPLIANCE AND COOPERATION WITH REGULATORY AUTHORITIES: We regularly review our compliance with our Privacy Policy. When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.

9. RETENTION, DELETION OR BLOCKING OF DATA: We adhere to the principles of purpose limitation and data minimization. Therefore, we only store your personal data for as long as it is necessary to achieve the purposes mentioned here or as long as the many storage periods required by law. After discontinuation of the respective purpose or expiry of these deadlines, the corresponding data will be blocked or deleted in accordance with the statutory provisions. Our legal basis for the deletion or blocking of personal data is Art. 5 (1) b) GDPR and Art. 5 (1) c) GDPR.

10. FORUMS AND INTERACTIVE SERVICES: There may be interactive services within the Website/Application, such as blogs, chat rooms, forums, instant messaging etc., and other service member zones that allow them to input their data, details, materials, comments or other similar communications. Using such Website/Application/services, the User should realize that they are open for wide access and review, and any personal data that he/she published or provided during registration may become viewable by third parties. The Company is not responsible for the security of the User’s information that is passed by the User to third parties or provided during use of such Website/Application/services. Materials that will be placed by the User in such areas of the Website/Application will be stored in systems/devices of Company as per Company’s policy, if otherwise not directly documented in each particular case.

11. MINOR USERS: We provide access to this app exclusively to employees of subscribed organizations. These organizations initiate subscription through our web portal. As part of the user registration process, we collect the employee's date of birth. If the system detects that a user is under the age of 18, access to the app is denied and all associated registration data is automatically deleted. This process ensures that the app is not accessible to minors under any circumstances.

12. CHANGES TO THESE RULES: The Company reserves the right to change rules of Privacy Policy at any time without notice. In case of a substantial change of confidentiality rules and policies of use of the User's personal information, Company shall publish the changes on the Website/Application. The User is advised to refer to the text of this page at each visit to the Website/Application or before availing the Services.

In case of material changes to this Privacy Policy, users will be notified via email and/or an in-app alert prior to the change becoming effective, giving users the opportunity to review the changes.

Last Updated: 21st April 2025