Privacy Policy

Your privacy matters to us. This policy explains what data we collect, how we use it, and how we keep it safe.

Jump to Section
Introduction Data We Collect How We Use It Cookies Third-Party Services Data Security Your Rights Contact Us
Privacy Policy
Data Protection

This policy is prepared in compliance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL), the primary data protection legislation in the United Arab Emirates.

Contact Us
Last Updated: January 15, 2025. This policy is effective immediately for new users and from February 1, 2025 for existing users.

1. Introduction

Doctor Icon LLC ("Doctor Icon", "we", "us", or "our") is a dental supplies and equipment company registered and operating in the United Arab Emirates. We are committed to protecting the personal information of every individual who visits our website, places an order, or communicates with our team. This Privacy Policy outlines, in clear and transparent terms, the types of personal data we collect, the purposes for which we process it, the parties with whom we may share it, and the rights available to you under applicable law.

This Privacy Policy has been prepared in compliance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and any executive regulations issued thereunder. It applies to all data processing activities carried out by Doctor Icon in connection with our website located at doctoricon.com, our customer portal, our mobile applications (if any), and any related digital or offline services we provide.

This policy applies to:

  • Visitors who browse our website without making a purchase or registering an account.
  • Registered customers and account holders who access our platform to view products, request quotes, or place orders.
  • Healthcare professionals, dental clinic managers, hospital procurement officers, and other business representatives who interact with Doctor Icon for commercial purposes.
  • Individuals who contact us through our website contact form, email, telephone, or live chat channels.
  • Newsletter subscribers and recipients of our promotional communications.
  • Participants in any surveys, feedback forms, events, or promotions we may conduct.

By accessing our website or using our services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our website and services immediately and contact us at privacy@doctoricon.com to discuss your concerns.

We may update this Privacy Policy from time to time to reflect changes in law, technology, business practices, or the range of services we offer. We will notify you of material changes by posting a prominent notice on our website and, where appropriate, by sending a direct notification to your registered email address. The date of the most recent revision will always be displayed at the top of this page.

2. Data We Collect

We collect only the personal data that is necessary for us to provide our services, fulfil your orders, maintain our business relationship, and comply with our legal obligations. We collect data through several methods including information you provide directly to us, information collected automatically when you use our website, and information received from third parties.

Personal Identification Information

When you register an account, place an order, or contact us, we may collect the following personal details:

  • Full name — to address you correctly and personalise your experience.
  • Email address — to send order confirmations, invoices, shipping updates, and support communications.
  • Phone number — to coordinate deliveries and provide customer support.
  • Postal and delivery address — including street, city, emirate or country, and postal code, for order fulfilment and billing purposes.
  • National ID or trade license number — where required by UAE regulations for business account verification.
  • Professional credentials — such as your dental license number or clinic registration, where applicable for regulated product sales.

Business Information

For corporate or institutional accounts, we may also collect:

  • Company or clinic name and legal registration number.
  • VAT registration number (TRN) for tax invoice purposes.
  • Names and contact details of authorised purchasing representatives.
  • Billing and accounts payable details, including payment preferences and credit terms.
  • Professional specialisation, clinic size, and purchasing history, to help us recommend relevant products and tailor our offerings.

Technical and Usage Data

When you visit our website, we automatically collect certain technical information to ensure our website functions correctly and to improve your browsing experience:

  • IP address — to determine your approximate geographic location and protect against fraudulent access.
  • Browser type and version — to optimise website display for your device.
  • Device type and operating system — to ensure compatibility across platforms.
  • Pages visited and time spent — to understand how users interact with our content and identify areas for improvement.
  • Referral source — the URL of the website or search engine that directed you to us.
  • Clickstream data — the sequence of pages and links accessed during your session.
  • Cookie identifiers and session tokens — see our Cookies Policy section below for full details.

Communications Data

When you contact us by any channel, we retain records of those interactions, including:

  • The content of emails, live chat transcripts, and contact form submissions.
  • Call recordings or notes from telephone conversations, where you have been informed of recording.
  • Feedback, complaints, and any follow-up correspondence.

3. How We Use It

Doctor Icon processes your personal data only for lawful, specified, and legitimate purposes. We do not process personal data in a manner that is incompatible with those purposes. Below is a detailed breakdown of the purposes for which we use the data we collect:

Order Processing and Fulfilment

  • To receive, verify, and process your product orders and quote requests.
  • To arrange delivery or dispatch with our logistics and shipping partners.
  • To generate and send tax-compliant invoices, delivery notes, and receipts.
  • To handle returns, exchanges, warranty claims, and refund requests.
  • To verify your professional credentials for restricted or regulated dental products.

Customer Support and Account Management

  • To respond to your enquiries, support tickets, and complaints in a timely and effective manner.
  • To maintain and update your account details, order history, and preferences.
  • To assist with password resets, account security, and access issues.
  • To communicate important updates about your account, outstanding orders, or product recalls.

Marketing and Communications

  • To send you promotional emails, catalogues, and newsletters about new products, special offers, and industry news — only where you have given us your consent or where permitted by law.
  • To personalise website content and product recommendations based on your browsing and purchasing history.
  • To conduct surveys and gather feedback to improve our services.
  • To invite you to participate in events, webinars, or product demonstrations.
  • You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email or contacting us directly.

Legal and Regulatory Compliance

  • To comply with applicable UAE laws and regulations, including tax, customs, and healthcare product distribution requirements.
  • To respond to lawful requests from government authorities, regulators, or courts.
  • To detect, prevent, and investigate fraud, unauthorised access, and other illegal activities.
  • To maintain accurate financial records for auditing and reporting purposes.

Website Improvement and Analytics

  • To analyse website traffic patterns, user behaviour, and engagement metrics to optimise site performance.
  • To test and develop new features, product categories, and service offerings.
  • To identify and fix technical errors, bugs, and security vulnerabilities.

4. Cookies Policy

Our website uses cookies and similar tracking technologies (such as web beacons, pixel tags, and local storage objects) to enhance your browsing experience, analyse site usage, and support our marketing activities. A cookie is a small text file that is placed on your device by a website server when you visit. Cookies cannot be used to run programmes or deliver viruses to your device; they are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie.

Essential Cookies

These cookies are strictly necessary for the website to function and cannot be disabled without breaking core site features. They include:

  • Session management cookies that keep you logged in during your visit.
  • Shopping cart cookies that retain the contents of your cart between pages.
  • Security cookies that help detect and prevent malicious activity.
  • Load-balancing cookies that ensure stable website performance during peak traffic.

Analytics Cookies

We use analytics cookies, primarily through Google Analytics, to understand how visitors interact with our website. These cookies collect data in aggregate and anonymised form, including:

  • The number of unique visitors and sessions.
  • Pages visited, time on page, and bounce rates.
  • Traffic sources and referral paths.
  • Device and browser breakdown.

You can opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-On.

Preference Cookies

Preference cookies allow the website to remember choices you have made and provide enhanced, personalised features. Examples include:

  • Your preferred language (English or Arabic) and text direction (LTR or RTL).
  • Your currency preference for displaying product pricing.
  • Your consent choices recorded through our cookie consent banner.
  • Previously viewed product categories to personalise your homepage experience.

Third-Party Cookies

Some cookies on our website are set by third-party services that appear on our pages. We do not control how these third parties use their cookies. Third-party cookies on our site may include:

  • Google Maps — to embed interactive location maps on our Contact page.
  • Social media platforms (Facebook, Instagram, LinkedIn, X/Twitter, WhatsApp) — to enable sharing buttons and track social referrals.
  • YouTube — if we embed product demonstration or training videos on our pages.
  • Advertising networks — for retargeting campaigns, only with your prior consent.

You may control and manage cookie preferences through your browser settings. Please note that disabling certain cookies may affect website functionality. For more information about managing cookies, visit www.allaboutcookies.org.

5. Third-Party Services

To deliver a high-quality service, we work with a number of trusted third-party service providers. These providers process personal data on our behalf as data processors, and we ensure through contractual arrangements that they maintain appropriate security standards and process data only for the purposes we specify.

Google Services

  • Google Maps API — used to display our office location and provide directions on the Contact page. Google's use of data is governed by the Google Privacy Policy.
  • Google Analytics — used to analyse website traffic and user behaviour. Data is transmitted to Google's servers and processed in accordance with Google's data processing terms.
  • Google Workspace — used internally for email communications, document management, and customer correspondence.

Payment Processors

  • We work with certified payment gateways to process credit card and bank transfer transactions. These providers are PCI-DSS compliant and handle card data directly — Doctor Icon does not store your card details on our servers.
  • Payment processors may collect billing name, card number (masked), expiry date, and billing address solely to authorise and complete transactions.

Logistics and Shipping Partners

  • We share your name, delivery address, phone number, and order reference with our logistics and courier partners to arrange delivery of your purchases.
  • Shipping partners may send you SMS or email delivery notifications on our behalf.
  • For international shipments, we may share data with customs authorities as required by law.

Email Marketing Platform

  • We use a third-party email marketing service to manage our newsletter subscriber list and send promotional communications. This provider stores subscriber email addresses and tracks open rates and click-through rates on our behalf.
  • You may unsubscribe at any time using the link provided in every marketing email.

Social Media Platforms

  • Our website includes links and sharing buttons for Facebook, Instagram, LinkedIn, X (Twitter), and WhatsApp. If you click these links, you will be directed to the respective platform, and your interaction will be subject to that platform's own privacy policy.
  • We are not responsible for the data practices of social media platforms.

CRM and Helpdesk Software

  • We use Customer Relationship Management (CRM) software to manage our sales pipeline, customer records, and support tickets. Access to this system is restricted to authorised Doctor Icon personnel only.

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes. Any data shared with third parties is limited to what is strictly necessary for the delivery of services and is governed by appropriate data processing agreements.

6. Data Security

Doctor Icon takes the security of your personal data extremely seriously. We have implemented a comprehensive set of technical and organisational measures to protect your data from unauthorised access, accidental loss, alteration, disclosure, or destruction. While no data transmission over the internet can be guaranteed to be completely secure, we maintain industry-standard safeguards and continuously review our security practices.

  • SSL/TLS Encryption — All data transmitted between your browser and our website is encrypted using Secure Sockets Layer (SSL) / Transport Layer Security (TLS) technology. You can confirm this by looking for the padlock icon in your browser's address bar and the "https://" prefix in the URL.
  • Access Controls — Personal data is accessible only to authorised Doctor Icon employees, contractors, and service providers who require access to perform their duties. All staff who handle personal data are subject to strict confidentiality obligations and receive regular data protection training.
  • Role-Based Permissions — Our internal systems implement role-based access control (RBAC) to ensure that each team member can only access the data necessary for their specific role, applying the principle of least privilege.
  • PCI-DSS Compliance — Our payment processing systems comply with the Payment Card Industry Data Security Standard (PCI-DSS), ensuring that cardholder data is handled in a secure and regulated manner. Doctor Icon does not store full card numbers on our servers at any time.
  • Data Minimisation — We collect only the personal data we genuinely need and do not retain data for longer than is necessary. When data is no longer required for the purpose for which it was collected, it is securely deleted or anonymised.
  • Secure Data Storage — Personal data stored in our databases and systems is protected by encryption at rest, regular security patching, and automated backup procedures.
  • Incident Response — In the event of a data breach that is likely to result in a high risk to individuals, we will notify the relevant UAE regulatory authority and affected individuals as required by the PDPL and any applicable executive regulations, within the timeframes prescribed by law.
  • Third-Party Security Reviews — We periodically review the security practices of our key third-party service providers and require them to maintain adequate technical and organisational security measures as a condition of our contracts with them.

You also play an important role in keeping your data safe. Please keep your account password confidential, use a strong and unique password, and log out of your account when using shared or public devices. If you believe your account has been compromised, contact us immediately at privacy@doctoricon.com.

7. Your Rights

Under the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, and subject to certain conditions and exceptions prescribed by law, you have the following rights with respect to your personal data. We are committed to responding to all valid requests within a reasonable timeframe, and in any case within the periods stipulated by applicable UAE law.

  • Right of Access — You have the right to request a copy of the personal data we hold about you, along with information about how and why it is being processed. We will provide this in a clear and accessible format.
  • Right to Rectification — If any personal data we hold about you is inaccurate, incomplete, or out of date, you have the right to request that we correct or update it promptly. You may also update many details directly through your online account settings.
  • Right to Erasure — Also known as the "right to be forgotten", you may request the deletion of your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn your consent (where processing was based on consent), or where you object to processing and there are no overriding legitimate grounds. Please note that certain data may need to be retained to comply with legal obligations or to resolve disputes.
  • Right to Restrict Processing — You have the right to request that we restrict the processing of your personal data in certain circumstances — for example, while we are verifying the accuracy of data you have disputed, or where you have objected to processing and we are assessing whether our legitimate grounds override your interests.
  • Right to Data Portability — Where processing is based on your consent or on a contract and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.
  • Right to Object — You have the right to object at any time to the processing of your personal data for direct marketing purposes. You may also object to processing based on our legitimate interests, and we will cease such processing unless we can demonstrate compelling legitimate grounds that override your rights and interests.
  • Right to Withdraw Consent — Where we process your personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal. To withdraw consent for marketing communications, use the "unsubscribe" link in any marketing email or contact us directly.

To exercise any of the rights listed above, or to raise a concern about our data practices, please contact our privacy team using the details provided in the Contact Us section below. We may need to verify your identity before processing your request. If you are not satisfied with our response, you have the right to raise a complaint with the relevant UAE data protection authority.

8. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, we encourage you to contact us directly. We are committed to addressing your queries promptly, transparently, and in accordance with our obligations under UAE data protection law.

You may contact our dedicated privacy team through the following channels:

  • Privacy Email: privacy@doctoricon.com — please use this address for all data protection queries, subject access requests, and consent withdrawals.
  • General Email: info@doctoricon.com
  • Phone: +971 4 000 1234 (Sunday to Thursday, 8:00 AM – 6:00 PM GST)
  • Postal Address: Doctor Icon LLC, Medical District, Building 7, Office 302, Dubai, United Arab Emirates.

When contacting us about a data protection matter, please include your full name, account email address (if applicable), a clear description of your request or concern, and any relevant reference numbers. This will help us identify you accurately and respond efficiently.

We aim to respond to all privacy-related requests within 14 calendar days. For complex requests, we may require up to 30 days, in which case we will notify you of the extension and the reason for it within the initial 14-day period.

Have a Privacy Question?

Our team is happy to help. Reach out through our contact form and we will get back to you within 14 days.

Go to Contact Form