Get in Touch
Legal

Privacy Policy

Effective date: 1 January 2026  ·  Last updated: 23 March 2026  ·  Applies to: wizzro.com

Wizzro is committed to protecting the privacy of every individual and organisation that engages with our services. This policy explains clearly what data we collect, why we collect it, how we use it, and your rights over it.

01Who We Are

Wizzro is an AI-powered knowledge transformation and technology services brand operating across Saudi Arabia, the UAE, Qatar, Bahrain, and the wider GCC. Wizzro is commercially traded and registered under Ace Mindset Consulting, a company registered in the Kingdom of Bahrain. Our primary contact address is hello@wizzro.com.

For the purposes of this policy, Wizzro (operated under Ace Mindset Consulting, Bahrain) acts as the data controller in respect of personal data collected through this website (wizzro.com) and through the delivery of our services.

References to “Wizzro”, “we”, “us”, or “our” throughout this policy refer to the Wizzro brand as operated by Ace Mindset Consulting — eCommerce Solutions (Bahrain). We also operate a knowledge digitisation partnership with Thothica. Where either partner processes data on our behalf, appropriate data processing agreements are in place.

02Information We Collect

Information you give us directly

  • Contact enquiries: name, email address, company name, and the content of your message when you contact us via email or any contact form.
  • Client onboarding: business name, billing address, VAT or commercial registration number, and authorised representative details.
  • Project delivery: documents, files, and data assets you provide to us for the purpose of knowledge transformation, digitisation, or AI pipeline development. This may include proprietary business documents — we treat all such material as strictly confidential.
  • Communications: records of correspondence with our team by email, phone, or messaging platforms.

Information we collect automatically

  • Usage data: pages visited, time spent on pages, referring URLs, and browser type, collected via server logs or privacy-respecting analytics tools.
  • Technical data: IP address, device type, operating system, and browser version.
  • Cookies: see Section 8 for full details.

Information we do not collect

We do not knowingly collect sensitive personal data (such as racial or ethnic origin, political opinions, health data, or biometric identifiers) unless strictly necessary for a specific client engagement and subject to a separate data processing agreement.

03How We Use Your Information

PurposeData UsedLegal Basis
Responding to enquiries and providing quotationsContact details, message contentLegitimate interest / pre-contract
Delivering contracted servicesClient data, project filesContract performance
Invoicing and financial record-keepingBusiness and billing detailsLegal obligation
Improving our website and servicesUsage and technical dataLegitimate interest
Sending service updates or relevant news (opt-in only)Email addressConsent
Complying with legal and regulatory obligationsAs required by lawLegal obligation

We will never sell your personal data to third parties, nor use it for automated decision-making that produces legal or similarly significant effects without your explicit consent.

04Legal Basis for Processing

We process personal data under the following legal bases, consistent with applicable data protection law including the Saudi Personal Data Protection Law (PDPL), UAE Federal Decree-Law No. 45 of 2021, Bahrain Personal Data Protection Law (PDPL 2018), and where applicable the GDPR:

  • Contract performance: processing necessary to fulfil our service obligations to clients.
  • Legitimate interests: operating our business, improving our services, and communicating with prospects — where not overridden by your rights.
  • Legal obligation: compliance with tax, financial reporting, and regulatory requirements in the jurisdictions we operate.
  • Consent: for optional communications such as newsletters or marketing updates. You may withdraw consent at any time.

05Sharing Your Information

We do not sell, rent, or trade your personal data. We may share data only in the following limited circumstances:

  • Service delivery partners: Thothica and Ace Mindset Consulting, under data processing agreements, where necessary to deliver contracted services.
  • Technology infrastructure: cloud hosting providers (operating in GCC-compliant data centres) used solely to operate our systems.
  • Professional advisers: lawyers, accountants, or auditors under obligations of confidentiality.
  • Legal authorities: where required by law, court order, or regulatory authority in Saudi Arabia, the UAE, Bahrain, or other applicable jurisdictions.
  • Business transfers: in the event of a merger, acquisition, or sale of business assets, where data would transfer under equivalent protections.

All third parties we engage are contractually required to handle your data in accordance with applicable privacy law and our own standards.

06Data Retention

We retain personal data only for as long as necessary for the purposes set out in this policy:

  • Enquiry and pre-sales data: up to 24 months from last contact, unless a contract follows.
  • Client and project data: for the duration of the contract and a minimum of 5 years thereafter, to satisfy financial and legal record-keeping obligations.
  • Website analytics data: up to 14 months on a rolling basis.
  • Marketing consent records: until consent is withdrawn, plus 12 months for audit purposes.

On expiry of the applicable retention period, personal data is securely deleted or anonymised.

07International Transfers

Wizzro operates primarily within the GCC. Where data is processed or stored outside your country of residence, we ensure appropriate safeguards are in place, including:

  • Using cloud infrastructure with GCC or MENA regional data centres wherever possible.
  • Applying equivalent contractual protections where cross-border transfer is unavoidable.
  • Complying with the cross-border transfer requirements of the Saudi PDPL, UAE data law, and Bahraini PDPL.

You may request details of any specific safeguards in place for your data by contacting us at hello@wizzro.com.

08Cookies & Tracking

Our website uses a minimal set of cookies necessary for technical operation and basic analytics. We do not use advertising cookies or third-party tracking pixels.

Cookie TypePurposeDuration
EssentialSession management, security, and core functionalitySession
AnalyticsAggregate, anonymised usage statistics to improve the websiteUp to 14 months
PreferenceStoring your cookie consent choice12 months

You can manage or withdraw your cookie consent at any time via the Cookie Settings link in the footer. Most browsers also allow you to block or delete cookies through their settings.

09Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your data where there is no legitimate reason for us to continue processing it.
  • Restriction: request that we limit the processing of your data in certain circumstances.
  • Portability: receive your data in a structured, machine-readable format where processing is based on consent or contract.
  • Objection: object to processing based on legitimate interests, including direct marketing.
  • Withdraw consent: where processing is consent-based, withdraw at any time without affecting prior lawful processing.

To exercise any of these rights, contact us at hello@wizzro.com. We will respond within 30 days. We will not charge a fee for reasonable requests. If you are dissatisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

10Children’s Privacy

Our services are directed at businesses and professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has provided us with personal data, please contact us immediately at hello@wizzro.com and we will take prompt steps to delete it.

11Security

We implement technical and organisational measures appropriate to the risk, including:

  • Encryption of data in transit (TLS) and at rest.
  • Role-based access controls limiting internal access to personal data on a need-to-know basis.
  • Regular security assessments and monitoring of our systems.
  • Air-gapped or private-cloud deployment options for client data requiring the highest security classification.

In the event of a personal data breach that poses a risk to individuals, we will notify the affected parties and relevant authorities within the timeframes required by applicable law.

12Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. When we make material changes, we will update the “Last updated” date at the top of this page. Where the changes are significant, we will notify active clients by email.

We encourage you to review this policy periodically. Continued use of our website or services following any update constitutes acceptance of the revised policy.

13Contact Us

For any questions, requests, or concerns regarding this Privacy Policy or the way we handle your data, please contact us:

Emailhello@wizzro.com
Websitewizzro.com
BrandWizzro — Knowledge · AI · Tech
Registered asAce Mindset Consulting — eCommerce Solutions, Bahrain
DigitisationThothica (knowledge digitisation partner)

Wizzro is commercially traded and registered under Ace Mindset Consulting in the Kingdom of Bahrain. This policy is therefore primarily governed by the laws of the Kingdom of Bahrain, including the Bahrain Personal Data Protection Law (PDPL 2018). Where clients or users are based in Saudi Arabia or the UAE, the Saudi PDPL and UAE Federal Decree-Law No. 45 of 2021 also apply respectively.