Privacy policy.

1 · Who we are

Autometa AI (“Autometa,” “we,” “us”) builds AI-powered operating systems for real estate teams. We operate from Dubai, United Arab Emirates, and serve real estate brokerages across the UAE and the wider GCC.

This policy explains what information we collect when you visit autometa-ai.com, book an audit, sign up for playbook access, or engage us for a paid project — and what we do with that information.

2 · What we collect

Information you give us

• Contact details — name, company, email, phone number, role — when you book an audit, request playbook access or contact us.
• Account details — phone number you used to verify access to our playbook library (stored hashed, tied to a session token).
• Project content — CRM data, lead flows, workflow descriptions and similar business context you share during a paid engagement, under the terms of our engagement letter.
• Communications — the content of emails, calls, Looms and messages you exchange with us.

Information collected automatically

• Usage data — pages visited, device / browser type, approximate location (country + city from IP), referrer.
• Cookies & similar — see the cookies section below.

We do not knowingly collect sensitive personal data (religion, race, biometric data, etc.) through this site, and we don't buy contact lists.

3 · How we use it

We use your information for a small, specific set of purposes:

• To schedule and run the audits and engagements you've requested.
• To deliver the playbooks, CRM blueprints and automation templates you've signed up for.
• To reply to your enquiries and send you service-related messages.
• To measure how the site is used so we can improve it (aggregated analytics only).
• To meet legal obligations (tax records, anti-fraud, etc.).

Marketing

If you gave us your email through the newsletter or a booking form, we may send you occasional updates. Every email has a one-click unsubscribe. We never sell your email address, and we don't pass it to third-party marketers.

4 · Who we share it with

We keep our processor list short on purpose. The services below may process your data on our behalf, under written data-processing terms:

• Hosting & infrastructure — our cloud host (Supabase, Vercel or AWS depending on project).
• Scheduling — Cal.com, for booking audit calls.
• Email & messaging — Google Workspace (email), Twilio (WhatsApp / SMS for verification + outreach).
• Analytics — server-side events only, via PostHog or GA4. No cross-site tracking.
• Payment — Stripe, for paid engagements. We don't store card numbers.

We never sell personal information. We share with law-enforcement only when legally compelled to do so.

5 · Cookies

We use a small number of cookies and similar technologies:

• Strictly necessary — remembering your language preference (autometa-lang) and your playbook session token.
• Analytics — anonymised page-view counters. No third-party advertising cookies.

You can disable cookies in your browser; the site will still function but some preferences (like language) won't persist between visits.

6 · How we keep it safe

We take reasonable and appropriate measures to protect the data we hold:

• TLS encryption in transit, AES-256 at rest where applicable.
• Role-based access controls — only the team members who need access to a dataset have it.
• Multi-factor authentication on all internal accounts.
• Documented incident-response procedure; we'll notify affected users within 72 hours of any material breach.

No system is 100% secure, but we try to keep ours close.

7 · How long we keep it

• Audit / lead enquiries — up to 24 months from last contact, then deleted unless you become a paying client.
• Client project data — for the life of the engagement plus 12 months, then deleted or returned per the engagement letter.
• Playbook library accounts — while your account is active; deleted on request.
• Accounting records — 5 years, as required by UAE law.

8 · Your rights

Regardless of where you live, you can ask us to:

• Access — a copy of the personal data we hold about you.
• Correct — anything that's out of date or wrong.
• Delete — your data, subject to legal retention requirements.
• Unsubscribe — from any marketing communications at any time.
• Port — receive your data in a machine-readable format.

Email privacy@autometa-ai.com and we'll respond within 30 days.

9 · Children

This site is a B2B service. We don't knowingly collect data from anyone under 18. If you believe a minor has submitted information, email us and we'll delete it.

10 · Changes to this policy

We may update this policy when our services or the law change. The date at the top reflects the latest revision. If the changes are material, we'll flag them clearly on the site or via email if we have your address.