Legal
Privacy Policy
Effective Date: July 2026 · Version: 1.0 · qomo.me
This Privacy Policy explains how we collect, use, share, and protect your personal data when you use the Qomo platform.
1. Who we are
Qomo L.L.C-FZ(“Qomo”, “we”, “us”, “our”), a free-zone company registered in the Meydan Free Zone, Dubai, United Arab Emirates, with registered office at Meydan Grandstand, 6th Floor, Meydan Road, Nad Al Sheba, Dubai, United Arab Emirates, operates qomo.me. We are the controller of the personal data described in this Policy. You can reach our privacy team at privacy@qomo.me.
We process personal data in accordance with the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021), applicable Lebanese data-protection law (including Law No. 81/2018), and, where we offer the Service to or monitor individuals in the EEA or UK, the EU/UK General Data Protection Regulation (GDPR).
2. The personal data we collect
2.1 Information you give us: your name, email address, password (stored only in hashed form), phone number, delivery address, and the contents of any messages you send us.
2.2 Information created when you use the Service: your Access Fee payments, Queue Positions, the Live Prices shown to you, your Purchases, orders, amounts, returns, and refunds.
2.3 Payment information: processed directly by our payment provider, Stripe. We receive limited confirmation data and the brand and last digits of your card; we never store full card numbers.
2.4 Information collected automatically: device and browser type, IP address, approximate location, pages viewed, referring URLs, and your interactions with the Platform, collected through cookies and similar technologies (clause 5).
2.5 Information from third parties: Stripe (payment and fraud signals), couriers and suppliers (delivery information), and our analytics providers.
We do not intentionally collect special-category or sensitive personal data, and the Service is not intended for anyone under 18.
3. How and why we use your data
| Purpose | What this involves | Legal basis |
|---|---|---|
| Operate the Service | running your account and the Queue, revealing Live Prices, and processing Access Fees and Purchases | Performance of our contract with you |
| Fulfilment and support | sourcing and delivering Products, handling returns and refunds, and answering your queries | Performance of our contract with you |
| Payments, fraud, and security | processing payments and detecting and preventing bots, multi-accounting, chargebacks, and abuse | Our legitimate interests; compliance with legal obligations |
| Improving the Platform | analytics, fixing issues, and developing new features | Our legitimate interests (or your consent for non-essential cookies) |
| Marketing | sending you drop announcements and offers | Your consent |
| Legal and compliance | tax, accounting, regulatory requirements, disputes, and lawful requests | Compliance with legal obligations; our legitimate interests |
| Protecting our rights | establishing, exercising, or defending legal claims and enforcing our Terms | Our legitimate interests |
Where we rely on legitimate interests, we have weighed them against your rights and freedoms. Where we rely on your consent, you may withdraw it at any time (clause 9).
4. How long we keep your data
We retain personal data only for as long as necessary, and then delete or anonymise it. In particular: account data is retained while your account is active and for up to twenty-four (24) months after closure; transaction, tax, and accounting records are retained for five (5) years as required by law; fraud and abuse records are retained for as long as necessary to protect the Platform; and marketing data is retained until you opt out. We may retain certain data for longer where necessary to prevent fraud, enforce our Terms, or establish, exercise, or defend legal claims.
5. Cookies and similar technologies
We use strictly necessary cookies to operate the Platform and keep you signed in. If we introduce analytics or performance cookies, we will ask for your consent first. You can manage cookies at any time through your browser settings.
6. Who we share your data with
We share personal data only as necessary, with: Stripe, for payment processing; Vercel (hosting) and Neon (database), to operate the Platform; brands, authorised resellers, and couriers, to source and deliver your order; our analytics and email service providers; and our professional advisers, insurers, regulators, law-enforcement authorities, and any potential acquirer of our business, where required by law, to protect our rights, or in connection with a corporate transaction. Our service providers are bound to protect your data and to use it only on our instructions. We do not sell your personal data.
7. International transfers
Some of our service providers (including Stripe, Vercel, and Neon) may store or process personal data outside the United Arab Emirates or Lebanon, including in the European Union or the United States. Where we transfer personal data internationally, we use appropriate safeguards, such as adequacy decisions, standard contractual clauses, or other transfer mechanisms permitted under applicable law.
8. How we protect your data
We use technical and organisational measures to protect personal data, including encryption in transit, hashed passwords, access controls on a need-to-know basis, and PCI-compliant payment processing through Stripe. No system can be guaranteed completely secure; where a personal-data breach affects you and the law requires it, we will notify you and the competent regulator without undue delay.
9. Your rights
Subject to applicable law, you have the right to access your personal data; to request its correction or deletion; to object to or request restriction of its processing; to request a copy in a portable format; and to withdraw your consent or opt out of marketing at any time, without affecting processing already carried out. You may also lodge a complaint with the competent regulator - in the United Arab Emirates, the UAE Data Office; in Lebanon or the EEA, the competent supervisory authority. To exercise any right, email privacy@qomo.me. We will respond within the period required by law and may first take steps to verify your identity. Some rights are not absolute; we may, for example, retain data that we are required to keep by law or that we need to defend a legal claim.
10. Children
The Service is intended for adults aged 18 and over. We do not knowingly collect personal data from anyone under 18 and will delete such data if we become aware of it.
11. Third-party links
The Platform may contain links to third-party websites, such as brand pages. We are not responsible for the privacy practices of those sites, and we encourage you to review their privacy policies.
12. Changes and how to contact us
We may update this Policy from time to time. We will notify you of material changes via the Platform or by email and update the effective date above. For any question or request relating to your personal data, contact privacy@qomo.me, or write to Qomo L.L.C-FZ, Meydan Grandstand, 6th Floor, Meydan Road, Nad Al Sheba, Dubai, United Arab Emirates.