Personal Data Protection and Cookie Policy
FainEra FZE ("FainEra", "we", "us", "our")
Platform: FainEra Fee (fee.fainera.com)
Last Updated: April 8, 2026
Applicable Law: UAE Federal Decree Law No. 45 of 2021 (PDPL)
1. Purpose
This document provides detailed information about how FainEra Fee handles your personal data, the cookies and tracking technologies we use, and your rights and choices regarding your data. This supplements our Privacy Policy with technical specifics and user controls.
2. Consent Framework
FainEra Fee follows a layered consent approach in compliance with the UAE PDPL:
2.1 Registration Consent
When you create an account, you are asked to provide explicit consent to:
(a) The processing of your personal data as described in the Privacy Policy.
(b) The Terms and Conditions governing the use of the Platform.
(c) The User Agreement governing the cashback service.
(d) The Risk Statement acknowledging the risks of cryptocurrency trading.
This consent is collected through a clear, affirmative action (checking a consent box) before your account is created. Pre checked boxes are not used.
2.2 Marketing Consent
Consent for marketing communications is collected separately from registration consent. You are not required to consent to marketing communications to use the Platform.
2.3 Cookie Consent
When you first visit the Platform, you are presented with a cookie banner that allows you to accept or reject optional cookies. Strictly necessary cookies do not require consent.
3. Data Processing Records
In compliance with the UAE PDPL, FainEra maintains a Record of Processing Activities (ROPA) that includes:
(a) The categories of personal data processed.
(b) The purposes of processing.
(c) The legal basis for each processing activity.
(d) The categories of recipients.
(e) Data retention periods.
(f) A description of technical and organizational security measures.
This record is available for review by the UAE Data Office upon request.
4. Cookies and Tracking Technologies
4.1 What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help the website remember your preferences and understand how you interact with it.
4.2 Cookies We Use
Strictly Necessary Cookies
These cookies are essential for the Platform to function. They enable core features such as authentication, session management, and security. They cannot be disabled.
- session_id: Maintains your login session (Duration: Session, expires when browser closes)
- csrf_token: Protects against cross site request forgery (Duration: Session)
- cookie_consent: Stores your cookie preferences (Duration: 12 months)
Analytics Cookies (Requires Consent)
These cookies help us understand how users interact with the Platform, which pages are most visited, and where users encounter errors. All analytics data is aggregated and anonymized.
- _ga: Google Analytics: distinguishes unique users (Duration: 24 months)
- _ga_*: Google Analytics: maintains session state (Duration: 24 months)
Preference Cookies (Requires Consent)
These cookies remember your settings and preferences to provide a personalized experience.
- theme: Stores your preferred display theme (Duration: 12 months)
- language: Stores your preferred language (Duration: 12 months)
- dashboard_layout: Stores your dashboard layout preferences (Duration: 12 months)
4.3 Managing Cookies
You can manage your cookie preferences at any time:
(a) Through the cookie settings panel accessible from the footer of the Platform.
(b) Through your browser settings (note: disabling strictly necessary cookies may prevent the Platform from functioning properly).
4.4 Third Party Technologies
FainEra Fee may use the following third party services that set their own cookies:
(a) Google Analytics: For website analytics. Data is anonymized before processing. Google's privacy policy applies to data collected by Google Analytics.
(b) Cloudflare: For security and performance optimization. Cloudflare's privacy policy applies to data processed by Cloudflare.
We do not use advertising networks, retargeting pixels, or social media tracking pixels.
5. Data Subject Rights: How to Exercise Them
5.1 Access Request
To request a copy of your personal data, send an email to [email protected] with the subject line "Data Access Request". Include your registered email address and full name. We will provide your data in a structured, machine readable format (JSON or CSV) within 30 days.
5.2 Rectification Request
To correct inaccurate data, you can update most information directly in your account settings. For data that cannot be changed through the dashboard, send an email to [email protected] with the subject line "Data Rectification Request".
5.3 Erasure Request (Right to Be Forgotten)
To request deletion of your personal data, send an email to [email protected] with the subject line "Data Erasure Request". Please note:
(a) We will delete your account and all associated personal data within 30 days of the request.
(b) Certain data may be retained for up to five (5) years as required by UAE law (AML/CFT record keeping obligations).
(c) Anonymized and aggregated data that cannot be used to identify you may be retained indefinitely for statistical purposes.
(d) Data erasure is permanent and cannot be reversed. All accrued cashback that has not been withdrawn will be forfeited.
5.4 Portability Request
To receive your data in a portable format, send an email to [email protected] with the subject line "Data Portability Request". We will provide your data in JSON format within 30 days.
5.5 Objection and Restriction
To object to or restrict the processing of your personal data, send an email to [email protected] explaining the grounds for your objection. We will assess your request and respond within 30 days.
5.6 Withdrawal of Consent
You can withdraw your consent for:
(a) Marketing communications: Through account settings or the unsubscribe link in any email.
(b) Optional cookies: Through the cookie settings panel.
(c) Data processing: By sending an email to [email protected]. Note that withdrawing consent for essential data processing will require account closure.
6. Identity Verification
To protect your data from unauthorized access, we may require identity verification before processing data subject requests. Verification methods may include:
(a) Confirming the request from your registered email address.
(b) Answering security questions related to your account.
(c) In certain cases, providing a copy of a government issued ID (which will be deleted immediately after verification).
7. Data Breach Notification
In the event of a data breach that compromises the privacy, confidentiality, or security of your personal data:
(a) We will notify the UAE Data Office within 72 hours of discovering the breach.
(b) We will notify affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
(c) Notifications will include the nature of the breach, the categories and approximate number of affected users, the likely consequences, and the measures taken to address the breach.
8. Data Protection Impact Assessments
FainEra conducts Data Protection Impact Assessments (DPIAs) before implementing new features, technologies, or processing activities that may present a high risk to user privacy. DPIA records are maintained internally and are available for review by the UAE Data Office.
9. Children's Data
FainEra Fee does not knowingly process the personal data of individuals under the age of 18. If we become aware that we have collected data from a minor, we will delete it immediately. If you believe a minor has provided us with personal data, contact us at [email protected].
10. Updates
This document may be updated from time to time to reflect changes in our practices, technologies, or legal requirements. Material changes will be communicated through the Platform or by email.
11. Contact
Data Protection Inquiries:
Email: [email protected]
General Support:
Email: [email protected]
FainEra FZE
Registered under IFZA, Dubai, United Arab Emirates
Website: fee.fainera.com