Plato Privacy Policy

1. WHO WE ARE AND WHAT WE DO

1.1 CrownPhoenix Technologies FZ-LLC ("Plato," "we," "us," "our") provides restaurant management and payment solutions under the brand name "Plato." Our head office is located in Dubai, United Arab Emirates. Plato provides the following services ("Services"):

• Plato POS – a cloud-based restaurant management system including mobile and web interfaces.
• Plato Pay – a licensed payment gateway solution (where applicable).

1.2 In providing our Services, Plato collects and processes personal data. This Privacy Policy outlines how Plato collects, uses, stores, and shares such personal data when you use our website, applications, or any of our Services.

2. WHAT DOES THIS POLICY COVER?

2.1 Plato is committed to protecting your personal data and processes it in accordance with applicable privacy laws. We are the data "controller" for your data. This Policy:

• Outlines what personal data we collect.
• Explains how and why we use your personal data.
• Describes how long we keep it.
• Identifies when and with whom we share your data.
• Details your rights regarding your data.
• Explains our security measures.
• States how you can contact us.

2.2 By accepting this Policy and submitting your data to us, you consent to our processing as described herein. If you do not agree, do not submit any personal data to us.

2.3 You must provide the required personal data in order for us to provide Services or respond to inquiries. If you do not, we may be unable to proceed.

3. WHAT PERSONAL DATA DO WE COLLECT?

3.1 We collect data directly from you when you sign up, use our Services, or communicate with us. This includes:

• Name, email, phone number
• Business name, location
• Payment and billing information

3.2 Depending on the service, we may also collect:

• Government ID information (e.g., Emirates ID or trade license)
• VAT registration info
• Business registration details (license number, CR, entity name, issue and expiry dates)
• Session recordings and customer support logs

3.3 We also collect:

• Usage data: how you interact with our Services
• Device data: model, OS, IP address, browser
• Feedback: your opinions, surveys, ratings

4. COOKIES

4.1 We use cookies on our website to improve functionality and user experience. Cookies help remember login preferences and track site usage. Your IP address and visit details may be collected. You may manage cookies via your browser settings.

5. SOURCES OF PERSONAL DATA

5.1 We collect data:

• Directly from you
• Via cookies on our website
• From third parties such as government databases, payment partners, or your organization

6. HOW WE USE YOUR DATA

6.1 We use personal data to:

• Provide, manage, and improve our Services
• Validate identity (KYC, AML, sanctions checks)
• Respond to inquiries
• Manage billing and payments
• Communicate with you (support, alerts, marketing)
• Customize Services
• Comply with legal obligations
• Conduct analytics and business operations
• Ensure safety and security

7. DATA RETENTION

7.1 We retain personal data only as long as necessary to fulfill our business and legal obligations. When no longer required, we securely delete or anonymize the data.

8. WHO WE SHARE YOUR DATA WITH

8.1 We may share your personal data with:

• Affiliates within CrownPhoenix for service provision
• New owners in the event of a business transfer
• Service providers: developers, cloud services, payment processors
• Government authorities: if legally required or in case of enforcement or fraud
• Employees and contractors: on a need-to-know basis
• Banks and payment networks: for processing transactions

9. THIRD-PARTY LINKS

9.1 Our Services may contain links to third-party websites. Their data practices are governed by their privacy policies. We are not responsible for their content or handling of personal data.

10. INTERNATIONAL TRANSFERS

10.1 Your data may be stored or processed in the UAE or other countries where we or our partners operate. By using our Services, you consent to such transfers. We ensure such transfers comply with applicable laws.

11. DATA SECURITY

11.1 We take security seriously. We use technical and administrative safeguards to protect your data. However, no system is 100% secure. You acknowledge this risk when sharing data online.

12. CHANGES TO THIS POLICY

12.1 We may update this Policy from time to time. Changes are effective upon posting on our website. Continued use of our Services indicates your acceptance of the revised terms.

13. YOUR RIGHTS

13.1 Depending on your jurisdiction, you may have rights to:

• Access your personal data
• Correct or update your data
• Delete your data where no longer required
• Withdraw consent where applicable
• Object to processing in certain cases

14. CONTACT US

14.1 For any inquiries regarding this Privacy Policy, please contact: