Privacy policy

Last updated: 20.06.2023

Version: 1.01

  • 1. Introduction

    SABAI FRIENDS FZCO (hereinafter, the “Company”, “Sabai”, “we”, “us”, “our”) is a legal entity incorporated under the laws of the United Arab Emirates, registration number: DSO-FZCO-10882. Our registered address is: Dubai Silicon Oasis, DDP, Building A2, Dubai, United Arab Emirates.

    This Privacy Policy (the “Policy” or the “Privacy Policy”) explains how Sabai collects, processes and discloses personal information through its general website available at: (the “Website”), a browser game “Sabai Light” (“Sabai Light”), a real estate platform “Sabai Property” (“Sabai Property”), and other online products and services that fall under this Policy (collectively, the “Services”), or when you otherwise interact with us.

    Sabai is responsible for the protection of privacy and safeguarding of the personal data of the following categories of data subjects (hereinafter, each separately or collectively referred to as “you” or “your”):

    The Website

    Sabai Light

    Sabai Property









    real estate owners

    Your privacy is important to us. This Privacy Policy outlines how we collect, process, manage the personal data we collect from your use of our Services, through your interaction with us on social media or your other dealings with us.

    Should you have any questions or concerns regarding your personal data, please contact us at: [email protected].

  • 2. What kind of personal data do we collect?

    • Clients’ data includes name and surname, password, company summary (name, location).
    • Contact data means clients’, visitors’ or real estate owners’ email addresses.
    • Visitors’ data includes name and surname, company summary (name, location).
    • Real estate owner’s data include name and surname, company summary (name, location); name, location, price and other characteristics of the real estate unit.
    • Payment information includes wallet services data and payments data.
    • Communication data includes custom support, online form, chat window, etc.
    • Automatically collected data/usage data includes device data, operating system, browser version, mobile carrier, locale and language settings, user activity on our Services, Sabai Light activity (such as Sabai Light play content/product interaction and advertising data); diagnostic data, activities on the Website, including analytics; IP address, scripts, web browser, etc.
  • 3. Purposes for which we use personal data

    Sabai, as a data controller, may only use your personal data if there is a lawful basis for such use. The most common lawful bases used by Sabai are:

    • consent: in some cases, we may process your personal data only if we obtain your prior consent;
    • performance of a contract: we will require your personal data to be able to offer you the Services in accordance with the contract terms between you and us;
    • compliance with a legal obligation: due to the nature of the Services we provide, the laws applicable to our activities require us to collect and store certain data about you; and
    • legitimate interests: sometimes we rely on our legitimate interests to process your data (e.g., to improve our Services) and we will do so except where such interests are overridden by your interests or fundamental rights and freedoms.

    Below you will find the table describing how we may use your personal data and which of the legal bases are used by the Company to ensure lawful data processing.


    Type of data

    Lawful basis for processing

    • To identify person, to verify the identity, to provide the security of the Website, Sabai Light
    • To comply with legal requirements
    • Clients’ data
    • Visitors’ data
    • Real estate owner’s data
    • Performance of a contract when we provide our Services to you
    • Compliance with a legal obligation
    • To contact you
    • To send you marketing emails
    • Contact data
    • Performance of a contract when we provide our Services to you
    • Consent
    • To ensure smooth operation of the Services and user convenience
    • Communication data
    • Automatically collected data/usage data
    • Performance of a contract when we provide our Services to you
    • Our legitimate interests to promote and improve our Services
    • To ensure safe money transfers for each side of transactions
    • Payment information
    • Performance of a contract when we provide our Services to you

    If you fail or refuse to provide your personal data which we need to provide the Services to you or if the processing of personal data is necessary for compliance with our legal obligations, you will not be able to access the Services.

    Please note that we may process your data for the purposes of monitoring your compliance with our terms of use (Anti-Cheat & Fraud Prevention). We reserve the right to remove your account if we find out that you have violated our terms of use.

  • 4. Cookies and interest-based advertising

    We may use cookies for various purposes when you access or use the Services. Please review our Cookie Policy to find out more about our use of cookies.

    We may work with third-party ad networks, channel partners, measurement services and others (e.g. Google Analytics and Facebook Pixel) to display advertising on our Services, and to manage our advertising on third-party sites. We and these third-party ad companies may use cookies, pixels tags, and other tools to collect activity information on our Services (as well as on third-party sites and services), as well as IP address, device ID, cookie and advertising IDs, and other identifiers, general location information, and, with your consent, your devices geolocation information; we and these third-party ad companies use this information to provide you more relevant ads and content and to improve and evaluate such ads and content.

  • 5. Sources of personal data

    Most of the personal data we process about you is received directly from you. For example, when you register to use the Services or communicate with us, we may receive your Clients’ data from you.

    In other cases, we may receive personal data about you from various third parties, including, but not limited to, analytics providers or external wallet providers.

    When you use the Services, we may also collect Automatically collected data/usage data through the use of cookies and similar technologies.

  • 6. How do we protect your personal data?

    We take all reasonable and appropriate technical and organisational measures to protect all personal data collected by us from loss, theft, misuse and unauthorised access, disclosure, alteration and destruction.

    Also, we use Shufti Pro, a KYC provider; role-based access to user data; Sabai ID for user communication issuing encrypted keys for ecosystem products access.

  • 7. How long do we keep your personal data?

    Generally, we will retain your personal data for as long as necessary to fulfil the specific purpose we collected it for, including the purpose of satisfying any legal, accounting, reporting requirements and our legitimate interests. For example, most of your data will be retained up to 5 years after the end of the business relationship with us. However, we may need to keep certain information for longer in order to comply with our legal obligations.

    In certain cases, the authorities may require us to store the personal data longer if they deem necessary (e.g., in case of an ongoing investigation).

  • 8. Your rights

    With regards to our collection and processing of your personal data, you have the right to (subject to applicable exceptions):

    • Obtain confirmation from us as to whether we process your personal data.
    • Access your personal data processed by Sabai.
    • Correct your personal data.
    • Withdraw consent and remove your personal data we collected on the basis of your consent (e.g., to opt out from marketing communications from us).
    • Obtain restriction of processing, for instance, where you contest the accuracy of your personal data for a period enabling us to verify the accuracy of the personal data.
    • Have your personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
    • Erasure of your personal data under certain circumstances. See more information about our data retention obligations in section “How long do we keep your personal data” above.
    • Object to our processing of your personal data when the processing is related to the performance of our task carried in the public interest or the exercise of official authority vested in us.

    If you wish to make use of any of the above rights, please contact us stating your name and question related to any of the above rights at: [email protected].

    Sabai will endeavour to provide you with information on the actions it has taken on your request related to your rights, specified above, within 1 (one) month of receipt of the request. That period may be extended by 2 (two) further months if the request is complex, or if Sabai is in the process of resolving a large number of requests. We will inform you if any such extension is required within 1 (one) month of receipt of the request, together with the reasons for the delay.

  • 9. How do we share your personal data?

    We do not share your personal information with third parties, except as described in this Privacy Policy.

    Sabai may engage service providers and partners to assist with delivery of the Services:



    KYC providers (e.g., Shufti Pro)

    • Verification of new clients
    • Preventing fraud, money laundering, and terrorist financing

    Hosting providers (e.g., AWS)

    • Hosting of personal data

    Analytics (e.g., Google Analytics)

    • Product analytics
    • Marketing analytics and reporting

    We will host the personal data of data subjects from the EEA, Switzerland and UK on servers of Amazon, which are located in Lithuania.

    In case your personal data is provided to service providers outside the EEA and where applicable, we will implement appropriate safeguards to protect your personal data, including Standard Contractual Clauses as adopted by the European Commission. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA. Moreover, Sabai requires its service providers to implement appropriate security measures to ensure the protection of your personal data in accordance with applicable data protection legislation.

    In other cases, we may disclose your personal data:

    • to the relevant government agencies and regulatory authorities when required by the applicable laws;
    • with affiliates and subsidiaries within the Sabai group (if applicable), which includes parent and ultimate holding companies, affiliates, subsidiaries, business units, and other companies that we acquire in the future after they are made part of the Sabai group (if applicable);
    • in the event of any merger, acquisition, sale or change of control or a similar transaction or proceeding;
    • with professional advisors, such as lawyers, accountants, and auditors;
    • if you have consented to the disclosure;
    • to establish, exercise or defend legal claims.
  • 10. Age limitations

    Sabai does not allow use of our Services and the Website by anyone younger than 16 years old, to the extent prohibited by applicable law. If you learn that anyone younger than 16 has unlawfully provided us with personal data, please contact us and we will take steps to delete such information.

  • 11. Privacy Policy updates

    Sabai may update this Privacy Policy from time to time and introduce new Services as we launch them. In the event we materially change this Privacy Policy, including how we collect, process or use your personal information, we will notify you by means of the publication of the updated Privacy Policy on our Website or by any other acceptable means.

  • 12. Contact information

    If you have questions about this Privacy Policy or our privacy practices, or if you are seeking to exercise any of your rights, you may contact us at: [email protected].

    If you are a resident of the EEA, you have the right to lodge a complaint with the data protection supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.