Privacy policy

This Privacy Policy complies with international data protection laws, including:

• European Union (GDPR): General Data Protection Regulation.
• United States (CCPA): California Consumer Privacy Act and other state privacy laws.
• United Arab Emirates (PDPL): Federal Decree-Law No. 45 of 2021 on Personal Data Protection.
• Other regional laws: Including laws in Asia-Pacific countries (e.g., DPDPA in India) and Australia.

1.1 Information You Provide

• Name, age, email address, phone number.
• Payment details (e.g., bank account or card information).
• Photos and reviews.

1.2 Automatically Collected Information

• Device information (e.g., operating system and model).
• IP address and location data (if permitted).
• Usage data and analytics.

1.3 Information from Third Parties

• Data from social media platforms.
• Information shared by partner businesses (e.g., restaurants).

We process your personal data for the following purposes:

• Service Provision: To register accounts, manage profiles, and provide personalized services.
• Payment Processing: To securely process payments via third-party providers.
• Loyalty Program Management: To track and manage Firstline Points.
• Analytics: To improve customer experience through insights.
• Marketing Communications: To send promotional materials (with user consent).
• Fraud Prevention: To monitor suspicious activity and ensure platform security.
• Compliance: To meet legal obligations under applicable laws.

We retain your information only as long as necessary to fulfill the purposes outlined in this Policy or comply with legal requirements:

• Personal data is stored securely until it is no longer needed for processing purposes.
• After this period, data will be deleted or anonymized.
• You may request deletion of your data at any time by contacting us at info@sessia.com.

4.1 European Union (GDPR)

Residents of the EU have the following rights:

• Right to Access: Obtain a copy of your personal data.
• Right to Rectification: Correct inaccurate or incomplete information.
• Right to Erasure: Request deletion of your personal data ("right to be forgotten").
• Right to Restrict Processing: Limit how your data is used.
• Right to Data Portability: Transfer your personal data in a structured format.
• To exercise these rights, contact us at info@sessia.com.

4.2 United States (CCPA)

California residents have additional rights under CCPA:

• Right to Know: Request details about how personal data is collected and shared.
• Right to Delete: Request deletion of personal data.
• Right to Opt-Out: Decline the sale of personal data (note: Firstline does not sell personal data).

To submit requests under CCPA, email info@sessia.com with "California Privacy Rights" in the subject line.

4.3 United Arab Emirates (PDPL)

Under UAE law:

• Personal data is processed only with explicit consent from the individual.
• Cross-border transfers are conducted with adequate safeguards.

4.4 Asia-Pacific Region

Specific regional requirements include:

• India (DPDPA): Consent is required for processing sensitive personal data.
• Australia: Strict rules apply for protecting children’s privacy and automated decision-making.

We may share your information with:

• Partner Businesses: For loyalty programs and customer insights.
• Service Providers: Such as payment processors or cloud hosting services.
• Legal Authorities: When required by law or court orders.

For cross-border transfers outside your region, we ensure compliance with applicable safeguards such as Standard Contractual Clauses (SCCs) under GDPR or equivalent mechanisms.

We implement robust security measures to protect your information:

• Encryption protocols for sensitive data.
• Secure servers and firewalls.

However, no system can guarantee absolute security; users are responsible for safeguarding their login credentials.

We use cookies and similar tracking technologies for:

• Essential Cookies: Necessary for platform functionality.
• Performance Cookies: Analytics to improve services.
• Marketing Cookies: Personalized promotions.

You can manage cookie preferences through your browser settings.

Our services are not intended for individuals under 18 years of age:

• We do not knowingly collect personal information from children under 18.
• The platform complies with COPPA (Children’s Online Privacy Protection Act) and GDPR child safety standards.

We may update this Privacy Policy periodically:

• Changes will be posted on the platform with a revised "Last Updated" date.
• Users will be notified via email at least 14 days before changes take effect.

Continued use after updates indicates acceptance of the revised terms.

If you have questions about this Privacy Policy or wish to exercise your rights under applicable laws, please contact us at: