Log In / Sign Up
Cravin Logo

Privacy Policy

Cravin Technologies FZ-LLC (“Cravin”, “we”, “our”, or “us”) is committed to protecting the privacy and security of merchant data and customer information processed through our platform. This Privacy Policy explains how Cravin collects, processes, stores, and protects data in connection with its SaaS products and services, including but not limited to:

  • Cravin Food
  • Cravin Commerce
  • Cravin Bookings
  • Cravin Sports
  • Cravin Broadcast
  • Cravin Concierge (AI-powered solutions)
  • JustCravin.com discovery platform
  • Merchant Dashboards and WhatsApp Automation Tools

This Policy applies to all merchants, business partners, and authorized users of Cravin’s platform.

Role of Cravin: Data Processor

  • Cravin operates primarily as a Data Processor on behalf of merchants.
  • The Merchant is the Data Controller of customer data collected through their Cravin-powered systems.
  • Cravin processes customer data strictly in accordance with the Merchant’s instructions and for the purpose of providing the contracted services.
  • Cravin does not sell merchant or customer data.

Information We Process

In providing our services, Cravin may process the following categories of data:

Merchant Data

  • Business name, trade license details
  • Contact details of owners/managers
  • Payment gateway information
  • WhatsApp Business Account information
  • Meta Business Account credentials (OAuth-based access)

Customer Data (Processed on behalf of Merchants)

  • Name and Phone number
  • Order history and Booking details
  • Transaction data
  • Broadcast preferences
  • Tags and segmentation data
  • Communication logs via WhatsApp
  • AI interaction data (where applicable)

Cravin processes this data solely for enabling ordering, bookings, payments, automation, analytics, and communication functionality.

Purpose of Processing

We process data to:

  • Enable WhatsApp-based ordering and bookings
  • Facilitate digital menus and commerce systems
  • Provide analytics dashboards
  • Enable customer segmentation and broadcast features
  • Automate customer interactions
  • Improve system performance and AI capabilities
  • Comply with legal and regulatory obligations

Cravin does not use merchant customer data for unrelated marketing or resale purposes.

Data Storage & Security

Cravin’s infrastructure is built on Amazon Web Services (AWS) and uses industry-standard security practices including:

  • Encrypted data transmission (HTTPS / TLS)
  • Secure API integrations with Meta (WhatsApp Cloud API)
  • Role-based dashboard access
  • Secure authentication mechanisms
  • Regular system monitoring and logging

Data is stored in secure cloud environments with controlled access. We take commercially reasonable steps to prevent:

  • Unauthorized access
  • Data breaches
  • Data misuse
  • Accidental data loss

Compliance with Data Laws

UAE Data Protection Laws

Including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL), and other applicable UAE data regulations.

General Data Protection Regulation (GDPR)

Where applicable, Cravin supports merchants in meeting GDPR obligations, including:

  • Lawful data processing
  • Data minimization
  • Access and deletion requests
  • Data portability (upon request)
  • Processing limitation where required

Where GDPR applies, Cravin acts as a Data Processor under Article 28 GDPR.

Data Retention

Data is retained:

  • For the duration of the merchant’s active subscription
  • As required for legal compliance
  • As necessary for legitimate business purposes

Upon termination of service:

  • Merchants may request data export
  • Data may be deleted within a reasonable timeframe, unless legally required to retain it.

Third-Party Integrations

Cravin integrates with third-party services including:

  • Meta (WhatsApp Cloud API)
  • Payment Gateways selected by merchants
  • Cloud infrastructure providers (AWS)
  • Analytics tools (internal)

Each third party operates under its own privacy policies. Cravin ensures contractual safeguards are in place where required.

AI & Automated Processing

Cravin may use AI-powered systems (including Cravin Concierge and analytics tools) to:

  • Provide automated customer responses
  • Improve recommendation systems
  • Enhance merchant analytics

AI systems operate on data processed within the merchant’s ecosystem and do not independently claim ownership of such data. Automated decisions do not produce legal effects without merchant oversight.

Data Subject Rights

Where applicable under UAE PDPL or GDPR, individuals may have the right to:

  • Access personal data
  • Request correction
  • Request deletion
  • Object to processing
  • Withdraw consent

Requests must be directed to the Merchant (Data Controller). Cravin will support merchants in fulfilling such requests where required.

Data Breach Notification

In the event of a data breach affecting merchant data:

  • Cravin will notify affected merchants without undue delay
  • We will cooperate in regulatory reporting obligations

Limitation of Liability

Cravin is responsible for protecting data within its infrastructure. Merchants remain responsible for:

  • Lawful collection of customer consent
  • Compliance with local regulations applicable to their business
  • Responsible use of broadcast and communication tools

Updates to This Policy

  • Cravin may update this Privacy Policy from time to time.
  • Continued use of the platform constitutes acceptance of updates.

Contact Us

For privacy-related questions or requests: