Blog Management PRIVACY POLICY

Personal Information: Any data that identifies or can be used to identify an individual, such as name, company name, email address, phone number, billing address, PayPal email ID, account name.

Non-Personal Information: Information that does not identify an individual, including aggregated, statistical, and anonymized data.

Device Data: Technical information obtained from users’ devices, including IP addresses, unique identifiers, browser and operating system details, language preferences, and country of access.

Processing Any operation performed on personal data, including collection, recording, organization, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, or deletion.

Cookies: Small data files stored on user devices containing information about website preferences, usage, and interaction patterns.

Third-Party Service Providers: External entities providing services to the Company and handling personal data on its behalf, such as analytics and hosting providers.

Location Information: Data indicating the geographical location of a user’s device, including GPS coordinates, IP address-based location, and other location-sensitive data.

Website: The blogmanagement.io digital platform accessible at https://www.blogmanagement.io/ , inclusive of all related services, features, and functionalities.

User Account: The registration profile created by users on the Website, which contains personal information and specified preferences.

Data Subject Rights: Legal rights afforded to individuals with respect to their personal information under applicable laws and regulations of the United Arab Emirates.

The Company collects personal information at the time of user registration, including but not limited to names, email addresses, and other voluntarily provided information to facilitate enhanced service delivery. In addition, the Company gathers non-personal information through automated means, such as device data, browsing patterns, and interaction metrics, for the purposes of service improvement and quality assurance .

To optimize platform functionality and improve user experience, the Company employs third-party technologies and service providers, including the use of cookies, analytics tools, and social media integrations. Consequently, certain personal data may be processed externally in accordance with contractual, privacy, and data protection obligations .

The Company is dedicated to safeguarding user privacy and ensuring transparency in all aspects of data collection, usage, processing, and retention practices. This Policy sets forth the framework by which personal and non-personal information is managed in connection with your use of the BlogManagement.io platform. The Company acknowledges the significance of user trust and endeavors to provide clear and comprehensive information regarding its data practices to allow Users to make informed decisions about sharing their personal information on the Website .

This Privacy Policy ("Policy") governs the collection, use, processing, storage, and disclosure of Personal Information and Non-Personal Information by Viacon Marketing and Technologies FZCO ("Company") in connection with the https://www.blogmanagement.io/ platform and related services.

This Policy applies to all Data Subjects who access, register for, or use the Website and services provided by the Company, including but not limited to:

• Registered users who create User Accounts on the platform;
• Guest users who browse or interact with the Website without registration;
• Individuals whose Personal Information is processed through third-party integrations or referrals.

The Company is committed to protecting the privacy and confidentiality of all Personal Information collected and processed in accordance with the applicable data protection laws of the United Arab Emirates, including laws on the Protection of Personal Data.

This Policy describes the Company's practices regarding:

• The types of Personal Information and Non-Personal Information collected;
• The methods and purposes of data collection and Processing;
• The use of Cookies and tracking technologies;
• Data sharing arrangements with Third-Party Service Providers;
• Data Subject Rights and available remedies;
• Security measures implemented to protect Personal Information.

By registering for, accessing, or using the Website and services, Data Subjects acknowledge that they have read, understood, and agree to be bound by the terms of this Policy.

Personal Information collected by the Company includes information that can identify you as an individual and comprises the following categories:

• Contact information including your name or company name, email address, and phone number provided during registration or account setup.
• Billing and payment information including billing address, PayPal email ID, and account name for transaction processing purposes.
• Account credentials and profile information you voluntarily provide to enhance your User Account and service experience.

In addition to personal and non-personal information described above, the Company may collect Know Your Customer (“KYC”) information from publishers registering for or using the Website. KYC information may include, but is not limited to, government-issued identification documents, company registration certificates, proof of address, and other documentation specified by the Company for identity verification, risk management, and compliance purposes.

Non-Personal Information automatically collected when you access or use the Website includes data that does not directly identify you personally:

• Device Data including IP address, unique device identifiers, device type, operating system, and browser information.
• Technical information about your browser including language settings, version, and configuration details.
• Geographic information including country of access and general location data derived from your IP address.

Website usage information automatically gathered during your interaction with https://www.blogmanagement.io/ includes:

• Navigation data including referring and exit pages, landing pages, domain names, and URL paths visited.
• Behavioral metrics including time spent on the Website, number of clicks, page views, and interaction patterns.
• Session information including date and time of access, session duration, and frequency of visits.

Third-Party Service Providers may provide additional data to enhance our services including:

• Social media account information when you connect or interact with our social media integrations.
• Analytics data from Google metrics and similar services to understand Website performance and user engagement.
• Cookies and similar tracking technologies to store preferences and analyze Website usage patterns.

Location Information may be collected through various means including GPS data, IP address geolocation, and other location-sensitive features to improve service delivery in your geographic area.

Registration Collection: We collect Personal Information directly from you when you register for a User Account on the Website, requiring your name and email address as mandatory fields.

Voluntary Information: We collect additional Personal Information that you voluntarily provide to us, including:

• Company name and contact details
• Phone number and billing address information
• PayPal email identification and account name details

KYC information is collected directly from Data Subjects at the time of registration, during enhanced due diligence checks, and at other intervals as determined by the Company in accordance with risk assessment protocols. Such information may also be obtained through secure uploads, electronic forms, or third-party verification service providers engaged to authenticate submitted documents.

Automatic Collection: We automatically collect Non-Personal Information when you access or use the Website, whether as a registered user or guest user.

Device Data Collection: We collect Device Data through automated means, including:

• Internet Protocol (IP) address and unique device identifiers
• Browser type, version, language settings, and configuration
• Operating system type and version information
• Country of access and geographic location indicators

Website Interaction Data: We collect information about your interaction with the Website, including:

• Referring and exit pages, landing pages, and domain names accessed
• Time spent on specific pages and total Website session duration
• Number and pattern of clicks and navigation paths

Location Information: We may collect Location Information through various means including GPS data, IP address geo-location, and other location-sensitive technologies to enhance our services.

Third-Party Sources: We collect information from Third-Party Service Providers, including:

• Social media account data and profile information
• Analytics data from Google and other measurement services
• Information obtained through browser Cookies and similar tracking technologies

Cookie Implementation: We use Cookies to collect information about your preferences and Website interactions for the purpose of improving user experience and personalizing services during future visits.

The Company shall Process Personal Information collected from Data Subjects solely for the legitimate business purposes outlined in this Privacy Policy and in accordance with applicable UAE data protection laws and regulations.

• Personal Information is used to provide, maintain, and improve the https://www.blogmanagement.io/ platform services and User Account functionality.
• The Company uses Personal Information to personalize User Accounts and customize service offerings based on individual user preferences and requirements.
• Personal Information enables the Company to provide customer support services and respond to user inquiries, complaints, and service requests.

• The Company analyzes Personal Information in conjunction with user feedback to enhance existing services and develop new features for the BlogManagement.io platform.
• Personal Information is used to conduct internal research and analytics to understand user behavior patterns and improve overall user experience.

• The Company uses Personal Information to send transactional communications including account verification messages, welcome communications, billing notifications, service reports, and other account-related correspondence.
• Personal Information enables the Company to communicate important updates, news, and service information related to the BlogManagement.io platform.
• Subject to user consent and applicable opt-out mechanisms, the Company may use Personal Information to send marketing communications, promotional materials, and surveys that may be of interest to Data Subjects.

• Personal Information may be Processed to comply with applicable UAE laws, regulations, legal processes, and governmental requests.
• The Company may use Personal Information to enforce its terms of service, prevent fraudulent activities, and protect the security and integrity of the Website.

• Personal Information is used for billing purposes, payment processing, and maintaining accurate financial records in connection with services provided.
• The Company may Process Personal Information for legitimate business interests including mergers, acquisitions, or sale of assets, subject to appropriate data protection safeguards.

The KYC information collected by the Company is used for the following purposes:

• Verifying the identity and legitimacy of publishers and advertisers on the platform;
• Mitigating risks related to fraudulent activities and financial crimes;
• Complying with anti-money laundering (AML), counter-terrorism financing (CFT), and international best practices as applicable;
• Protecting the legal, regulatory, and commercial interests of the Company and maintaining platform integrity.

KYC information is collected solely for the purposes stated in this Policy.

Cookie Usage: The Company uses Cookies and similar tracking technologies on the Website to enhance user experience, save user preferences, and analyze Website usage patterns.

Types of Cookies: The Company employs the following categories of Cookies:

• Essential Cookies: Cookies necessary for the Website's basic functionality and user authentication.
• Preference Cookies: Cookies that store user settings and preferences for future visits to the Website.
• Analytics Cookies: Cookies that collect information about user interactions, page views, and Website performance metrics.
• Marketing Cookies: Cookies used to deliver relevant content and track the effectiveness of marketing campaigns.

Third-Party Cookies: The Company may allow Third-Party Service Providers to place Cookies on the Website for analytics, social media integration, and service enhancement purposes.

Cookie Consent: By continuing to use the Website, users consent to the placement and use of Cookies as described in this Privacy Policy.

Cookie Management: Users may control Cookie settings through their browser preferences and can delete or block Cookies at any time.

• Disabling certain Cookies may affect Website functionality and user experience.
• Users may opt-out of analytics Cookies through the respective Third-Party Service Provider's opt-out mechanisms.

Cookie Duration: Cookies may be session-based (deleted when the browser is closed) or persistent (stored for a specified period or until manually deleted).

The Company may engage Third-Party Service Providers to assist in the operation, maintenance, and improvement of the Website and services provided through https://www.blogmanagement.io/

• Third-Party Service Providers may include but are not limited to:
• Analytics and measurement services including Google Analytics and similar platforms;
• Social media integration services and platforms;
• Payment processing services including PayPal and other financial service providers;
• Cloud storage and hosting service providers;
• Email communication and marketing service providers.

Personal Information shared with Third-Party Service Providers is limited to information necessary for the specific service being provided and is subject to contractual obligations requiring such providers to:

• Use the Personal Information solely for the purposes of providing services to the Company;
• Implement appropriate technical and organizational security measures;
• Not disclose Personal Information to any other parties without the Company's prior written consent.

The Company does not sell, trade, rent, or otherwise transfer Personal Information to third parties for their own commercial purposes or marketing activities.

Non-Personal Information and aggregated data may be shared with Third-Party Service Providers for analytics, research, and service improvement purposes without restriction.

The Company may disclose Personal Information to third parties when required by applicable UAE law, court order, or governmental authority, or when necessary to protect the Company's legal rights and interests.

Users acknowledge that Third-Party Service Providers may collect information directly through their own technologies, including Cookies and tracking mechanisms, subject to their respective privacy policies.

The Company maintains a list of current Third-Party Service Providers which may be made available to users upon request through the contact information provided in this Privacy Policy.

The Company implements appropriate technical and organizational measures to protect Personal Information and Non-Personal Information against unauthorized access, alteration, disclosure, or destruction.

Technical Security Measures include but are not limited to:

• Industry-standard encryption protocols for data transmission and storage of sensitive Personal Information.
• Secure server infrastructure with regular security updates and vulnerability assessments.
• Firewalls and intrusion detection systems to monitor and prevent unauthorized network access.
• Regular automated backups of data with secure storage and recovery procedures.

Access Controls are maintained through:

• Role-based access restrictions limiting employee access to Personal Information on a need-to-know basis.
• Multi-factor authentication requirements for administrative access to systems containing Personal Information.
• Regular review and revocation of access privileges for former employees and contractors.

Organizational Security Measures include:

• Mandatory privacy and data security training for all employees with access to Personal Information.
• Confidentiality agreements requiring employees and contractors to protect Personal Information.
• Regular internal security audits and risk assessments of data Processing activities.

Third-Party Security Requirements mandate that all Third-Party Service Providers implement equivalent security measures and comply with contractual data protection obligations.

Security Incident Response procedures are maintained to detect, investigate, and respond to potential data breaches in accordance with UAE legal requirements.

The Company acknowledges that no security system is completely secure and cannot guarantee absolute protection of Personal Information against all potential security threats.

Users are responsible for maintaining the confidentiality of their User Account credentials and promptly notifying the Company of any suspected unauthorized access.

Access Rights

• Data Subjects have the right to request access to their Personal Information held by the Company and obtain information about how such data is being processed.
• Upon receiving a valid access request, the Company will provide a copy of the Personal Information in a commonly used electronic format within thirty (30) days.

Correction and Update Rights

• Data Subjects may request correction of inaccurate or incomplete Personal Information at any time by contacting the Company through the designated channels.
• Users may update certain Personal Information directly through their User Account settings, including name, email address, and billing information.

Deletion Rights

• Data Subjects may request deletion of their Personal Information, subject to legal and contractual obligations that may require retention of certain data.
• Account deletion requests will result in the removal of the User Account and associated Personal Information, except where retention is required for legal compliance or legitimate business purposes.

Data Subjects have the right to request access to, correction, or deletion of their KYC information held by the Company, subject to business, legal, and regulatory retention requirements. Requests may be submitted via the contact information provided in this Privacy Policy, and the Company will process such requests in accordance with applicable law and internal procedures for verification.

Marketing Communications Opt-Out

• Data Subjects may opt-out of receiving marketing communications, surveys, and promotional materials by using the unsubscribe mechanism provided in such communications or by contacting the Company directly.
• Opting out of marketing communications will not affect transactional communications necessary for service delivery, including verification letters, billing notifications, and security alerts.

Cookie Preferences

• Data Subjects may manage cookie preferences through their browser settings to control the collection of Non-Personal Information through Cookies.
• Disabling certain Cookies may impact the functionality and user experience of the Website.

Data Subjects may disable location-based services through their device settings or browser preferences to prevent collection of Location Information.

Exercise of Rights

• Data Subject Rights may be exercised by contacting the Company through the contact information provided in this Privacy Policy.
• The Company may require verification of identity before processing requests related to Data Subject Rights.
• The Company will respond to valid requests within thirty (30) days and will provide reasons if any request is denied or limited.

Certain rights may be limited where Processing is necessary for compliance with legal obligations, protection of vital interests, or legitimate interests that override the Data Subject's rights.

The Company retains Personal Information for as long as necessary to fulfill the purposes for which it was collected, provide services to users, and comply with legal obligations under UAE law.

Active User Accounts: Personal Information associated with active User Accounts is retained for the duration of the account relationship and for a period of three (3) years following account closure or deactivation.

Inactive Accounts: Personal Information for accounts that remain inactive for more than two (2) consecutive years may be anonymized or deleted at the Company's discretion, subject to legal retention requirements.

Transaction Records: Billing information, payment records, and transaction data are retained for a minimum of five (5) years from the date of the last transaction to comply with UAE commercial and tax regulations.

Non-Personal Information including Device Data and aggregated usage statistics may be retained indefinitely for analytical purposes, service improvement, and business intelligence, provided such data cannot be used to identify individual users.

KYC information is retained only for as long as necessary to accomplish the purposes stated in this Privacy Policy and to comply with applicable legal, regulatory, and contractual obligations. Upon expiration of relevant purposes or applicable retention periods, KYC data is securely deleted or anonymised in accordance with industry standards and UAE law.

Cookies and similar tracking technologies are retained according to their respective expiration dates as set by the Company, typically ranging from session-based to a maximum of two (2) years.

Communication Records: Customer service communications, support tickets, and transactional emails are retained for three (3) years from the date of the last interaction.

Legal Hold: Notwithstanding the above retention periods, the Company may retain Personal Information for longer periods when required by law, legal proceedings, regulatory investigations, or to protect the Company's legitimate interests.

Upon expiration of the applicable retention period, Personal Information is securely deleted or anonymized using industry-standard data destruction methods to prevent unauthorized recovery or reconstruction.

Users may request information about specific retention periods applicable to their Personal Information by contacting the Company through the designated channels specified in this Privacy Policy.

The Company may transfer Personal Information to countries outside the United Arab Emirates in connection with the provision of services through the blogmanagement.io platform.

International transfers of Personal Information may occur in the following circumstances:

• When utilizing Third-Party Service Providers located outside the UAE for data processing, analytics, or technical support services.
• When users access the Website from locations outside the UAE, resulting in cross-border data transmission
• When integrating with social media platforms or other third-party services that operate internationally.

Prior to any international transfer of Personal Information, the Company shall:

• Assess the adequacy of data protection laws in the destination country.
• Implement appropriate technical and organizational safeguards to ensure data protection standards equivalent to those required under UAE law.
• Enter into contractual arrangements with recipients that include data protection obligations and transfer restrictions.

The Company shall obtain explicit consent from Data Subjects for international transfers where required by applicable UAE data protection regulations.

Data Subjects have the right to:

• Be informed of specific countries or international organizations to which their Personal Information may be transferred.
• Receive copies of safeguards implemented for international transfers upon request.
• Object to international transfers under certain circumstances as provided by law.

The Company shall maintain records of all international data transfers, including the legal basis, safeguards applied, and recipient details.

In the event of any data security incident involving internationally transferred Personal Information, the Company shall notify relevant UAE authorities and affected Data Subjects in accordance with applicable notification requirements.

The Website is not intended for use by individuals under the age of eighteen (18) years, and the Company does not knowingly collect Personal Information from children under this age.

If a User is under eighteen (18) years of age, they must obtain verifiable parental or legal guardian consent before registering for or using the Website services.

• Such consent must be obtained in writing or through other verifiable means as determined by the Company from time to time.
• The Company reserves the right to request proof of parental consent and age verification at any time.

Parents and legal guardians have the right to review, modify, or request deletion of their child's Personal Information by contacting the Company using the details provided in this Privacy Policy.

If the Company becomes aware that Personal Information has been collected from a child under eighteen (18) years without proper parental consent, such information will be deleted from the Company's systems within a reasonable timeframe.

Parents and legal guardians may request access to their child's User Account and monitor their child's use of the Website services.

The Company will take additional precautions when Processing Personal Information of users under eighteen (18) years, including limiting data collection to what is strictly necessary for service provision.

Marketing communications and promotional materials will not be sent to users identified as being under eighteen (18) years of age without explicit parental consent.

This section shall be interpreted and applied in accordance with UAE federal laws and regulations pertaining to the protection of minors and their personal data.

For Data Subjects located in the European Union, the Company shall comply with the General Data Protection Regulation (EU) 2016/679 (GDPR) in addition to applicable UAE data protection laws. The Company processes Personal Information of EU Data Subjects based on one or more of the following legal bases: Consent where Data Subjects have provided explicit consent for specific processing activities, Contract Performance where processing is necessary for the performance of the service agreement with the Data Subject, Legitimate Interests where processing is necessary for the Company's legitimate business interests provided such interests do not override the Data Subject's fundamental rights, and Legal Compliance where processing is necessary to comply with applicable legal obligations.

EU Data Subjects have additional enhanced rights under GDPR, including the Right to Data Portability which is the right to receive Personal Information in a structured, commonly used, and machine-readable format and to transmit such data to another controller, the Right to Object to processing based on legitimate interests or for direct marketing purposes, the Right to Restrict Processing in certain circumstances, and the Right not to be subject to Automated Decision-Making that produces legal effects based solely on automated processing.

For GDPR-related inquiries, EU Data Subjects may contact our Data Protection Officer at info@blogmanagement.io. EU Data Subjects also have the right to lodge complaints with their local Supervisory Authority if they believe their Personal Information has been processed in violation of GDPR. Any transfers of EU Personal Information to third countries will be subject to appropriate Data Transfer Safeguards as required by GDPR, including Standard Contractual Clauses or adequacy decisions.

The Company reserves the right to update, modify, or amend this Privacy Policy at any time at its sole discretion to reflect changes in business practices, legal requirements, or service offerings.

The Company shall provide notice of material changes to this Privacy Policy through one or more of the following methods:

• Posting a prominent notice on the Website homepage for a period of not less than thirty (30) days prior to the effective date of such changes.
• Sending email notification to users' registered email addresses at least thirty (30) days prior to the effective date of material changes.
• Displaying an in-platform notification upon user login for a period of thirty (30) days.

Material changes include, but are not limited to, changes in the purposes for which Personal Information is collected, significant modifications to data sharing practices, or substantial alterations to Data Subject Rights.

Non-material changes, including administrative updates, contact information changes, or clarifications that do not affect user rights, may be implemented without prior notice.

The updated Privacy Policy shall become effective on the date specified in the notice, provided that for material changes, such effective date shall be no earlier than thirty (30) days after notice is provided.

Users are responsible for regularly reviewing this Privacy Policy to stay informed of any changes, and continued use of the Website after the effective date of any modifications constitutes acceptance of the updated Privacy Policy.

The current version of this Privacy Policy shall always be available on the Website, with the effective date clearly displayed at the top of the document.

If a user does not agree to any modifications, the user must discontinue use of the Website and may request deletion of their Personal Information in accordance with the data retention provisions herein.

For all privacy-related inquiries, complaints, or requests regarding the processing of Personal Information, Data Subjects may contact the Company through the following channels:

• Email: info@blogmanagement.io

Data Subjects seeking to exercise their Data Subject Rights under applicable UAE data protection laws may submit written requests to the contact details specified in hereinabove.

All privacy-related communications must include sufficient information to verify the identity of the requesting party and specify the nature of the inquiry or request.

The Company will acknowledge receipt of privacy inquiries within five (5) business days and provide a substantive response within thirty (30) days of receiving a complete request, unless extended timeframes are permitted under applicable law.

For urgent privacy matters or data breach notifications, Data Subjects may contact the Company immediately using the email address specified hereinabove.

The Company maintains these contact channels during regular business hours (Sunday to Thursday, 9:00 AM to 6:00 PM UAE time) and will respond to communications received outside business hours on the next business day.

Data Subjects may also submit complaints regarding the Company's privacy practices to the relevant UAE regulatory authorities in accordance with applicable data protection legislation.

This Privacy Policy and all matters arising from or relating to the collection, processing, and protection of Personal Information shall be governed by and construed in accordance with the laws of the United Arab Emirates, including Federal Law No. 45 of 2021 on the Protection of Personal Data and any amendments or replacements thereof.

Any disputes, claims, or controversies arising out of or relating to this Privacy Policy, the processing of Personal Information, or the exercise of Data Subject Rights shall be subject to the exclusive jurisdiction of the competent courts of the United Arab Emirates.

The Company shall comply with all applicable UAE federal and emirate-level data protection laws, regulations, and guidelines issued by relevant regulatory authorities, including the UAE Data Office and other competent authorities.

In the event of any conflict between the provisions of this Privacy Policy and mandatory provisions of UAE law, the mandatory provisions of UAE law shall prevail to the extent of such conflict.

All legal proceedings relating to this Privacy Policy shall be conducted in the Arabic language, with certified translations provided where necessary for the convenience of parties.

The Company complies with anti-spam laws including CAN-SPAM Act, TCPA, and applicable international regulations when sending marketing communications to publishers and users. All marketing emails include clear sender identification, truthful subject lines, and functional unsubscribe mechanisms, with opt-out requests processed within ten (10) business days. Publishers must obtain proper consent before sharing user contact information and are prohibited from engaging in spam activities, bulk unsolicited communications, or deceptive email practices that could harm the platform's reputation or violate applicable laws.

The Company collects, analyzes, and shares publisher performance data including traffic patterns, engagement metrics, and revenue statistics for platform optimization, advertiser reporting, and business intelligence purposes.

The Company reserves the right to modify this Privacy Policy to ensure continued compliance with changes in UAE data protection laws and regulations, with appropriate notice provided to Data Subjects as required by law. By registering for an account, accessing, or using the https://www.blogmanagement.io/ platform, Data Subjects acknowledge that they have read, understood, and agree to be bound by the terms of this Privacy Policy.

Version 1.1

Last Updated 30th September, 2025.