Effective Date: December 2025
Flatt.ae ("Flatt", "we", "us" or "our") is committed to protecting your personal data. This Privacy Policy describes how the Flatt mobile application (available on iOS and Android) collects, uses, and shares your information. We adhere to applicable data protection laws in the United Arab Emirates, including the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021, "PDPL"), as well as international standards such as the EU General Data Protection Regulation ("GDPR"). By using Flatt, you agree to the practices described in this Policy. If you do not agree, please discontinue use of the app. We encourage you to read this Policy carefully to understand our practices and your rights.
We only collect personal data that is necessary to provide our services. Below are the types of information we collect and process:
When you create an account or use Flatt, we collect information such as your name, email address, and mobile phone number. Your mobile number is used for login authentication and to identify your account.
With your permission, we collect your device's location information to enable location-based features (for example, showing nearby services or confirming property locations). You can choose to allow or deny location services via your device settings at any time.
If you are a property owner or tenant user, you may upload property-related documents (e.g. title deeds, lease or rental agreements) to the app. These documents may contain personal information. We store these documents for your use in managing your property and to facilitate any services you request (such as sharing with an authorized party when necessary).
If you register as a contractor or service provider on Flatt, you may upload business documents like your trade license or Tax Registration Certificate (TRC). We collect and store these documents to verify your credentials and compliance. We treat these documents as confidential business/personal data. Certain details (such as your business name or license number) may be shown to users to indicate that you are a verified contractor, but the documents themselves are not shared with others except as needed for verification or legal compliance.
When you schedule and pay for property services through Flatt, we record transaction details (such as the service booked, date and amount paid). Note: We do not collect or store your payment card details or bank account information. Payments are processed securely by a licensed third-party payment gateway (e.g. Stripe), so payment information like credit card numbers never reaches our servers.
We may collect limited technical data about your use of the app for maintenance and improvement purposes. This includes information like your device model, operating system version, unique device identifiers, IP address, and usage logs or crash reports. We do not use this data to identify you or track you across other apps. It is used solely to ensure the app functions properly, to debug issues, and to improve user experience.
If you contact us for support or feedback (for example, via email or in-app chat if available), we will collect the information you provide in those communications (such as your contact details and the content of your message). We use this to respond to you and resolve any issues.
We do not ask for or collect sensitive personal identification documents (such as Emirates ID or passport copies) or direct payment details within the app. We also do not knowingly collect any information from children (the app is intended for adult users).
We use the collected information for the following purposes, in accordance with applicable laws and your expectations:
We process your personal data to create and manage your account, and to provide the core services of the Flatt app. This includes using your name and contact details to set up your profile, using your phone number to authenticate your login via one-time passcode, and using your information to deliver features you request. We also use data (like usage logs or feedback) to maintain, troubleshoot, and improve the app's functionality and performance.
Your uploaded property documents are used to facilitate convenient property management. For example, the app stores your title deed or lease so you can access them easily and share with relevant parties when needed. We may use these documents to verify your ownership or tenancy status if required for providing services (e.g. confirming you are the owner before connecting you with certain contractor services).
If you choose to book maintenance, cleaning, or other services through Flatt, we use your information to connect you with the appropriate contractor. For instance, when you book a service, we will share your name, contact number, service address or location, and relevant details about the request with the contractor so they can perform the service and communicate with you. Likewise, if you are a contractor, information from your profile (such as your name, business name, contact info, and verification status) will be shown to users seeking services. This use of data is necessary to enable the two-way communication and fulfillment of services between users and contractors.
We use your information to facilitate secure payments for services. For example, when you pay for a contractor's service through the app, we transmit the necessary information (such as your order details and contact info) to our payment processor (Stripe) to charge your card. As noted, we do not handle your card data directly; we rely on Stripe's secure payment platform. We maintain a record of your transactions (date, amount, service, and status) to provide you with receipts, transaction history, and to resolve any payment disputes or refunds.
We process certain data to keep the app and our users safe. This includes using your phone number for authentication (to ensure the person logging in is you), and monitoring usage and transaction information to detect and prevent fraudulent activity or misuse of our platform. If necessary, we may use and retain data to investigate potential violations of our Terms of Service or illegal activities (such as fraud, money laundering, or other misbehavior) and to take action to prevent harm.
Our use of your data is justified by various legal grounds under data protection law. Primarily, we process your information to perform our contract with you – i.e. to provide the services you request through Flatt. In certain cases, we rely on your consent (for example, when accessing your location, you consent via your device settings; you can withdraw this consent at any time by disabling location permission). We may also process data to comply with a legal obligation or when it is in our legitimate interests to do so (such as improving our services or ensuring security), provided these interests do not override your fundamental rights. We will always ensure we have a valid legal basis to use your personal data in accordance with UAE PDPL and international standards.
We treat your personal data with care and confidentiality. We do not sell or rent your personal information to third parties. However, in order to operate the Flatt service, we sometimes need to share information with third parties under strict conditions. The scenarios in which we share user data include:
We use reputable third-party companies to help us deliver our services. This includes:
We may disclose personal information to government authorities, regulators, or other third parties if required to do so by law or legal process. For example, if we receive a lawful court order, subpoena, or request from the UAE Data Office or law enforcement, we will review it and may release the requested data, but only to the extent we are legally compelled. We may also share information when necessary to investigate or remedy suspected fraud, security issues, violations of our Terms of Service, or any harm to our rights or the rights of others. This kind of disclosure will only occur in compliance with applicable laws and regulations.
In all cases of sharing, we only share the minimum information necessary and we require third parties to protect your data. We do not share your personal information with any third parties for their own marketing or advertising purposes without your explicit consent.
We respect your rights to your personal data. Under UAE law and international data protection standards, including GDPR, you have various rights regarding the personal information we hold about you. These include:
You have the right to request confirmation of whether we are processing your personal data, and to obtain a copy of the personal data we hold about you, along with information about how we use it. We will provide you with a summary of your personal information in our records upon request. This helps you understand what data we have and verify that we are processing it lawfully.
If any of your personal information is inaccurate or incomplete, you have the right to have it corrected or updated. You can edit certain basic details (like your name, email address, profile information, and uploaded documents) directly within the Flatt app. For security reasons, you cannot change your registered mobile number through the app's interface (since it is your primary login identifier). If you need to update your phone number, please contact us at our support email so we can verify your identity and assist with the change.
You may request that we delete your personal data. You can do this, for example, if you no longer wish to use Flatt. We will honor deletion requests and erase your personal information from our records, provided we do not have a valid legal reason to keep it (such as an ongoing contractual engagement or a legal obligation to retain certain data). If you request account deletion, we will remove your profile information, personal details, and uploaded documents from active databases.
To the extent applicable under law, you can request a copy of the personal data you provided to us in a structured, common electronic format, so that you can transfer it to another service provider. For example, you could request an export of your account information and any documents or records you have uploaded to Flatt. We will provide this in a machine-readable format (such as JSON or CSV) upon legitimate request.
You can exercise most of the rights above by contacting us at the email or phone number provided in the "Contact Us" section of this Policy. Please specify which right you wish to exercise and provide enough information for us to verify your identity (for example, contacting us from your registered email or providing your phone number). This is to protect your account from unauthorized requests. We will respond to your request as soon as possible, and in any event within the timeframe required by law (generally within 30 days).
We understand the importance of securely storing your personal data. Flatt uses robust measures to protect your information from unauthorized access, disclosure, or loss.
We employ a range of technical and organizational security measures to safeguard your data. This includes encryption of data in transit (our app and servers use HTTPS/TLS encryption for all communications, so that data like your login credentials and documents are encrypted when transmitted). We also encrypt sensitive data at rest in our databases and storage. Access to personal data within our organization is restricted on a need-to-know basis – only authorized personnel and contractors who require access to operate or improve the service are allowed to handle data, and they are bound by strict confidentiality obligations.
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. In practice, this means we keep your account information and uploaded documents for as long as you maintain an active account. If you delete your account or request deletion, we will initiate the process of removing your data. Some data may persist in secure backups for a short period (due to regular backup cycles), but we will purge it according to our data retention schedule.
Despite our best efforts, no security measures are 100% foolproof. In the unlikely event of a data breach that compromises your personal data, we will act promptly in accordance with applicable laws. We have a data breach response plan which includes notifying the relevant UAE authorities and, where required, informing affected users without undue delay. If you are an EU user, we will also fulfill any GDPR breach notification obligations. We will take all steps to mitigate the impact and prevent future incidents.
Flatt is designed for users primarily in the UAE, but the infrastructure and some third-party services we rely on may be located in other countries. Therefore, your personal information may be transferred to and processed in countries other than your country of residence. Those countries may have data protection laws that are different from those in your jurisdiction.
Whenever we transfer personal data across borders, we take steps to ensure compliance with relevant data transfer restrictions and to protect your data. This includes adequacy assessments, contractual safeguards, and your consent where applicable. If we transfer data from the UAE to another country, we will do so in line with the UAE PDPL's requirements for cross-border data transfer. Similarly, if we transfer data out of the EEA (for any EU users), we will ensure the receiving country has been deemed adequate by the European Commission, or we will use Standard Contractual Clauses or obtain your consent, as required by GDPR.
Flatt.ae does not use cookies or similar tracking technologies in our mobile application. Cookies are small text files used mainly in web browsers; since Flatt is a mobile app, there are no traditional web cookies stored on your device for our service. We also do not use web beacons, pixel tags, or third-party ad tracking libraries in the app.
We do not serve third-party advertisements within the app, and we do not track your activities across other apps or websites for advertising purposes. You will not receive targeted ads based on your use of Flatt.
The app may use secure local storage on your device for certain functional data – for example, to keep you logged in (storing an authentication token) or to cache content for faster performance. This data stays on your device and is not accessible to outside parties. It is strictly to enhance your user experience and is not used to monitor your behavior.
We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will revise the "Effective Date" at the top of the Policy. If the changes are significant, we will provide a more prominent notice of the update (such as a notification within the app or an email to users, where appropriate).
We encourage you to review this Policy periodically to stay informed about how we are protecting your information. Continued use of the Flatt app after a Policy update constitutes your acceptance of the changes, to the extent permitted by law. If you do not agree to the revised terms, you should stop using the app or exercise your rights (such as deleting your account).
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please do not hesitate to contact us. We are here to help and are committed to addressing any privacy-related issues.
privacy@flatt.ae or team@flatt.ae
This is our dedicated email for privacy inquiries and support. Please include as much detail as possible in your request or question, along with your contact information, and we will respond promptly.
For quick support questions and general assistance, you can reach our team via WhatsApp. This is ideal for non-urgent privacy questions and account support.
You may call our support line for urgent matters. Our support team will verify your identity and direct your call to the appropriate privacy officer or department.
We will endeavor to resolve any issues directly and amicably. If you feel that we have not addressed your privacy concern adequately, you have the right to seek further recourse. For UAE residents, you can contact the UAE Data Office or relevant authority under the PDPL. For individuals in other jurisdictions (such as the EU), you may reach out to your local data protection authority.