Comera Money

Menu



x
logo
c o m e r a m o n e y

 PRIVACY POLICY

 

 Last Updated: 10th July 2025

 

Introduction

 

Comera is a financial technology company specializing in Supply Chain Finance solutions. We empower businesses of all sizes to unlock working capital, enhance liquidity, and strengthen supply chain resilience through innovative, technology-driven financing models. This Privacy Policy explains how Comera Money L.L.C. (“Comera“, “we“, “us” or “the Company“) collects, uses, shares, and protects your personal data when you use the Comera website and engage with us for the provision of supply chain finance solutions and related services (“Services”). We are committed to protecting your privacy and handling your personal data in compliance with all applicable laws, including the UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection (PDPL), and the EU General Data Protection Regulation (GDPR). By using our Services, you agree to the collection and use of your information as described in this Privacy Policy and our Terms of Use.

We act as the “data controller” of your personal data when providing the Services (meaning we determine the purposes and means of processing).

 

User Consent and Legal Basis

 

By registering for or using Comera, you consent to our collection, processing, and transfer of your personal data for the purpose of reviewing and responding to your inquiry or interest in our services, and as otherwise permitted by law. This includes information you provide directly, information collected automatically, and information from third parties. We rely on different legal bases for processing under applicable laws, including your consent (for example, for receiving follow-up communication), our legitimate interests in evaluating inquiries and improving our business (balanced with your rights and expectations), compliance with legal obligations, where applicable.

You have the right to withdraw your consent at any time. If you withdraw consent, we will stop processing your personal data 

for purposes based on that consent. This will not affect the lawfulness of any processing carried out before your withdrawal. Since our website only facilitates inquiries and does not offer user accounts or features, withdrawing consent will simply result in us ceasing communication and deleting your submitted information (except as required or permitted by law for legal or compliance reasons).

To withdraw your consent, you may contact us at privacy@comeramoney.com or refer to the contact information as mentioned in this policy.

 

Information We Collect

We collect various types of information from and about you when you use Comera, including

  • Information You Provide: You may provide personal data directly to us:
    •  
    • Account Information: When creating a Comera account, you provide your name, company name, email address, mobile or phone number and a message or query.
    •  
    • User Communications: When you contact Comera for support or otherwise communicate with us (for example, via email at help@comeramoney.com), you may provide us with your name, email address, and the content of your inquiry. We will retain such correspondence and information as needed to respond and resolve your issue, consistent with this Policy.
    •  
    • Information Collected Automatically: When you use Comera, we automatically collect certain technical and usage data:
      •  
      • Usage and Log Data: We collect log data such as your browser type, operating system, IP address, pages viewed, time and date of your visit, and referring website. This information helps us understand how users interact with our website and supports system diagnostics and troubleshooting.
      •  
      • Device and Connection Information: We gather limited device-related data, such as browser type, language and regional settings, time zone, and IP address. This information is used for performance monitoring, security, and to tailor your browsing experience.
      •  
      • Cookies and Similar Technologies: Our website does not use cookies or tracking technologies for advertising, profiling, or analytics. If we introduce essential cookies in the future (e.g., for security or session management), we will update this Privacy Policy accordingly. You can always manage cookies through your browser settings.

 

How We Use Your Personal Data

 

We use the personal data we collect for the following purposes, in accordance with your settings and applicable law:

 

To Provide and Maintain the Services: We use your information to respond to your registration or contact submissions, manage our relationship with you, and offer access to information about our supply chain finance services. For example, if you submit a query through our website, we use your provided details to contact you and respond appropriately.

 

To Improve and Customize the Service: We process website usage data to understand how our Services are accessed and to enhance user experience, troubleshoot technical issues, and improve functionality and performance. This includes analyzing visitor trends, optimizing content, and maintaining security.

 

To Communicate with You: We may send you service-related communications (for example, updates about our terms or privacy policy, confirmations of account changes, or security alerts). We may also send you marketing communications about new features or promotions, but you can opt-out of marketing messages at any time.

 

To Provide Support: We use the information you provide in support requests (such as your email and issue description) to assist you and resolve your questions or problems.

 

To Ensure Safety and Integrity: We may process technical data to maintain the integrity and security of our website, detect fraudulent access attempts, and protect against misuse. This may include analysis of IP addresses and browser logs to identify suspicious activity.

 

Legal Compliance: We process personal data as required to comply with applicable laws and regulations. If we receive lawful requests from authorities, we may process data to comply (see Disclosure of Information below).

 

To Establish or Defend Legal Claims: If needed, we will use or preserve information to protect our legal rights or address disputes and claims, including enforcing our agreements or defending against any claims. We also do not use your personal data for any purposes other than those described here without informing you and obtaining your consent if required.

 

  • Automated Decision-Making and AI: Comera does not use artificial intelligence (AI) or automated decision-making systems to process your personal data in a way that produces legal or similarly significant effects on you. However, we may use limited automated tools to ensure website functionality and information security, as outlined below:
    •  
    • Website Security & Diagnostics: We may use automated mechanisms such as security firewalls, browser behavior analysis, or traffic filters to protect our website from spam, bots, and malicious content. These processes are not used for profiling or making decisions that impact you individually.
    •  
    • No AI Chatbots or Profiling Tools: Comera does not provide AI-based features such as smart assistants, automated financial recommendations, or chatbot interactions.
    •  
    • No Automated Legal or Significant Decisions: We do not make automated decisions or profiles that affect your legal rights, access to services, or similar matters without human review.
    •  
    • Future Updates: If Comera introduces automated processing or AI-based features in the future, we will notify you in advance, update this Privacy Policy, and where required, obtain your explicit consent.

 

  • Disclosure of Your Information (Information Sharing)
    •  
    • We share your personal data with third parties only where necessary to operate the Website and deliver our services to you or where required by law. We ensure appropriate safeguards and legal agreements are in place to protect your personal data, as required under applicable data protection laws.
    •  
    • Disclosure to Service Providers: We may disclose your personal data to trusted third-party service providers who perform essential services on our behalf, such as website hosting, cloud storage, email delivery, customer query management, and analytics. These service providers are contractually bound to process your data only in accordance with our instructions and to implement adequate technical and organizational measures to protect your information.
    •  
    • For Legal Compliance and Safety: We may disclose information about you if we are required to do so by law or legal process, or to respond to valid legal requests by public authorities (such as a subpoena, court order, or government demand). We will only provide the data that we are compelled to disclose and will object to overly broad requests where appropriate. We may also share information when we believe in good faith that such disclosure is necessary to:
      • Investigate, prevent, or take action regarding suspected illegal activities, fraud, or security vulnerabilities;
      • Enforce our Terms of Service or other agreements;
      • Protect the rights, property, or safety of Comera, our users, or the public. This may include exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
    •  
    • Business Transfers: If we are involved in a merger, acquisition, restructuring, or asset sale, your personal data may be transferred as part of that transaction. In such cases, we will ensure the continued protection of your data in line with this Policy and applicable law.
    •  
    • Aggregated or De-Identified Data: We may also share information that has been aggregated or anonymized in such a way that it can no longer be associated with you. For example, we might share general user trends with partners. This information does not constitute personal data and may be shared for lawful purposes.

 

International Data Transfers

Comera is a global service provider. By using our app, you acknowledge that your personal data may be transferred to and processed in countries other than your own. In particular:

  •  
  • Our primary server is located in the United Arab Emirates.
  •  
  • If you are located outside the UAE, your information will be transferred to the UAE (and potentially to other locations where we or our service providers operate). Many of these locations may have data protection laws different from (and potentially less protective than) the laws in your country. We take measures to protect all personal data, regardless of location, as described in this Policy.
  •  
  • Under the UAE PDPL, we will ensure that any transfer of personal data outside the UAE is done to jurisdictions approved by the UAE Data Office as having adequate data protection, or we will adopt alternative safeguards (such as contractual agreements) as required by law. We will not transfer UAE users’ data out of UAE except in compliance with PDPL’s regulations and any future directives of the UAE Data Office.
  •  
  • Regardless of where your data is processed, we will protect it with the same high standards described in this Policy. We also require our service providers to comply with applicable transfer safeguards.
  •  
  • If you have questions about our international data transfers or need more information about the safeguards in place, you can contact us at the details provided in the Contact section.

 

Data Retention and Deletion

We retain your personal data only for as long as necessary to fulfill the limited purpose for which it was collected namely, to evaluate and respond to your inquiry submitted via our website form and to comply with applicable legal requirements. This means:

  •  
  • Lead Form Data: When you submit your name, email address, phone number, company name, and optional message through our website, we retain this data only for as long as necessary to evaluate your inquiry and determine whether to contact you. If no business relationship is established, your data is securely deleted within a reasonable period, typically no longer than 24 months, unless required for legal compliance.
  •  
  • Website Analytics Data: We may retain anonymized website analytics data (e.g., page views or device/browser types) for up to 12 months for internal performance evaluation and security purposes. This data does not contain personally identifiable information.
  •  
  • Legal Holds: If we are subject to a legal obligation to preserve data (e.g., a court order to retain data related to an investigation), or if data is needed to resolve a dispute or enforce our rights, we will retain the specific data for that purpose and for the period required (and no longer than necessary).

6.4. Data Deletion: When retention is no longer necessary or upon valid request for erasure, we will securely delete your personal data. If complete deletion is not technically feasible (e.g., due to archival backup systems), we will isolate and protect the data until deletion can be completed.

 

Data Security

We implement appropriate technical and organizational measures to protect the limited personal data collected via our website form (name, email, phone number, company name, and message) against unauthorized access, disclosure, loss, misuse, or alteration. These measures include:

  •  
  • Encrypted Transmission: Data submitted through our website contact form is transmitted over secure HTTPS connections using Transport Layer Security (TLS), helping protect it from interception during transit.
  •  
  • Secure Storage: All form submissions are stored on secure servers with encryption at rest, and access to such data is restricted to authorized personnel only for limited business purposes (e.g., assessing business leads).
  •  
  • Restricted Access: Access to your personal data is limited to authorized staff members who are subject to confidentiality obligations. They are only granted access to fulfill specific business needs such as lead evaluation or compliance.
  •  
  • Breach Notification: In the unlikely event of a data breach that affects your personal data, we will notify you and the relevant authorities as required by law and take all steps necessary to mitigate the impact.
  •  
  • Website Maintenance and Updates: We follow secure web development practices and apply software updates to our website platform and hosting environment to mitigate potential vulnerabilities.
  •  
  • Your Responsibilities: While we take steps to safeguard the information you submit, we encourage you to avoid entering sensitive personal information or confidential details in the optional message field. If you believe your personal data has been compromised or submitted in error, please contact us immediately at privacy@comeramoney.com.

 

While we strive to protect your data, no method of transmission or storage is 100% secure. Therefore, we cannot guarantee absolute security. If you receive any communication that purports to be from Comera asking for your data, please exercise caution – we will never ask you for sensitive authentication information via unsolicited communications. If you suspect any misuse of your account or a security breach, contact us immediately.

 

User Rights and Contact Management

 

As Comera does not maintain user accounts or profiles, your interaction with the website is limited to submitting the contact form. If you wish to access, rectify, or request deletion of the personal data you submitted (name, email, phone number, company name, and message), you may do so by contacting us at privacy@comeramoney.com.

 

We will process your request in accordance with applicable data protection laws and will respond within the legally required time frame.

 

Your Rights as a Data Subject

Depending on your jurisdiction, you have certain legal rights over your personal data. Comera is committed to upholding these rights, and in many cases, we extend the same rights to all users regardless of location. Your principal rights under the GDPR and UAE PDPL (and similarly under other laws) are as follows:

 

Right to Be Informed and Access Your Data: You have the right to request information about the personal data we hold about you (i.e., the name, email, phone number, company name, and any message you submitted through the website form). Upon request, we will confirm whether we process your data and provide a copy of it, subject to applicable legal exceptions.

 

Right to Rectification: If you believe the data you submitted is inaccurate or outdated, you may contact us to request that we correct or update it.

 

Right to Erasure (“Right to be Forgotten”): You have the right to request deletion of your personal data in certain circumstances. This right applies, for example, if the data is no longer necessary for the purposes collected, if you withdraw consent and no other legal basis for processing exists, if you object to processing and we have no overriding legitimate grounds to continue, or if we processed the data unlawfully. If you ask us to delete your data, we will do so, provided that no lawful exception applies. Note that this right is not absolute – for instance, we may retain data needed for legal compliance or to establish/defend legal claims.

 

Right to Restrict Processing: You have the right to request that we limit the use of your personal data in certain situations. For example:

If you believe the data we hold about you is inaccurate, you can ask us to restrict processing while we verify the information.

you object to our use of your data, you can ask us to pause processing while we consider your request.

When processing is restricted, we will store your data but will not actively use or process it except where processing is required by law, with your consent, or to establish or defend legal claims.

  •  
  • Right to Object to Processing: You have the right to object to the processing of your personal data in certain circumstances, especially where:
    • We are processing your data based on our legitimate interests; or
    • Your data is being used for direct marketing.
    • If you object to processing based on our legitimate interests, we will stop the processing unless we have compelling legal grounds to continue.
    • If you object to direct marketing, we will stop using your data for that purpose immediately and without exception.
  •  
  • Right to Withdraw Consent: If we rely on your consent to process personal data, you have the right to withdraw that consent at any time. Withdrawing consent will not affect processing that has already occurred but will take effect for future processing. If you withdraw consent we will stop processing your data for that purpose.
  •  
  • Right to Lodge a Complaint: If you believe your data protection rights have been violated, you have the right to file a complaint with a supervisory authority.
    •  
    • For users in the European Economic Area (EEA) or United Kingdom, you can lodge a complaint with your country’s Data Protection Authority (for example, in the EU, with the supervisory authority in the Member State of your habitual residence or where an alleged infringement occurred).
    •  
    • In the United Arab Emirates, you can raise a complaint with the UAE Data Office, the national regulator established under the PDPL. Additionally, if your issue pertains to a consumer right (like in a financial service context), you may contact the Consumer Protection Department at the Central Bank of UAE.
  •  
  • To exercise any of these rights, please contact us at privacy@comeramoney.com. We will verify your identity and respond to your request within the time limits required by law.

 

Children’s Privacy

 

Our website and services are intended for business and professional use only and are not directed to children. We do not knowingly collect personal data from anyone under the age of 18 or the applicable age of digital consent in your jurisdiction.

If we learn that we have inadvertently collected personal information from a child below the applicable age, we will promptly delete such information. Parents or guardians may contact us at privacy@comeramoney.com to request deletion.

 

Note: For users in the European Union, where GDPR applies, the age of consent for online services may be 16 (unless lowered by a member state, but not below 13). For the UAE PDPL, similar protections for minors’ data may apply. We abide by all such requirements in the jurisdictions we operate.

 

Changes to This Privacy Policy

 

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. If we make material changes, we will notify you by means of a prominent notice within the app or via other communication, and/or seek your consent where required by law. The “Last Updated” date at the top of this Policy will indicate when the latest changes were made. We encourage you to periodically review this Policy to stay informed about how we are protecting your information.

 

We encourage you to periodically review this, Policy. Your continued use of the website after changes become effective constitutes your acceptance of the updated Policy. If you do not agree to the changes, you should stop using the website and may contact us to request deletion of your data.

 

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us using the information below. We will address your inquiry as promptly as possible.

 

Comera Money L.L.C. (Data Controller)
Address: Masdar City, Khalifa City A, Abu Dhabi, United Arab Emirates, P.O. Box 130666
Email: privacy@comeramoney.com


We will endeavor to respond to inquiries or requests within a reasonable timeframe. For additional contact options or updated contact details, please visit the “Contact Us” section on our website.