In short: we collect only the information we need to deliver the VVIP Membership service, we store it on Google Cloud infrastructure with bank-grade encryption, we do not sell it, and we give you the ability to see, correct, or delete it at any time.
1. Who we are
This policy describes how VVIP Membership
(“VVIP”, “we”, “us”) processes
personal information collected through the VVIP Membership mobile
application for iOS and Android, the member web portal at
vvipmembership.com, and the
associated admin and agent tools operated at
panel.vvipmembership.com and
admin.vvipmembership.com.
We are the controller of your personal information within the meaning of applicable UAE data-protection legislation, including Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.
2. Information we collect
Account and identity
- Name, email address, phone number, profile photo.
- Date of birth, nationality, and gender where required for KYC.
- Identity documents you upload (Emirates ID, passport, proof of address) as part of Know-Your-Customer verification.
- Authentication data including password hashes, multi-factor authentication secrets (TOTP), and backup codes.
Service usage
- Banking enquiries, statement requests, and quick-pay details you submit for processing by our banking partners.
- Real-estate interests (properties viewed, buy/sell/lease requests, co-working enquiries, leasing enquiries).
- Auction activity including bids placed, reserves viewed, and buy-requests.
- Concierge requests, chat messages, attachments, and notes exchanged with your assigned agent.
- Payment status, subscription state, and transaction references linked to your membership.
Device and technical data
- Device type, operating system, application version, language and region settings.
- Push-notification tokens issued by Firebase Cloud Messaging so we can send timely alerts about your requests.
- Approximate location, where you grant permission, to show regionally relevant services.
- Diagnostic data such as crash reports and error logs, with personal identifiers redacted before upload.
3. How we use your information
- Provide the service — operate the app, fulfil your requests, deliver statements and quotes, and route messages between you and your agent.
- Authenticate and secure — verify identity at sign-in, enforce multi-factor authentication, detect suspicious activity, and protect your account.
- Comply with law — perform KYC and anti-money- laundering checks required of regulated financial service providers in the UAE.
- Communicate — send transactional emails, receipts, verification codes, and service updates. Marketing communications are only sent with separate consent.
- Improve the product — measure aggregate feature use, diagnose crashes, and prioritise improvements. We do not build advertising profiles from this data.
4. How we share your information
We do not sell personal information. We share it only as strictly necessary to operate the service:
- Infrastructure providers — Google Cloud and Firebase (authentication, Firestore database, Cloud Storage, Cloud Functions, Crashlytics, Cloud Messaging) process data on our behalf under their data-processing terms.
-
Email delivery — Mailgun delivers transactional
emails (verification codes, request notifications, receipts)
originating from
no-reply@vvipmembership.com. - Banking and payment partners — with your explicit instruction, we pass the minimum information required to execute banking enquiries, quick payments, and subscription charges.
- Your assigned agent — admins and agents employed or contracted by VVIP may view the details of your requests to fulfil them. Access is permission-scoped and audit-logged.
- Regulators and authorities — where required by a court order, regulatory directive, or applicable UAE law.
5. Storage and security
Personal information is stored in Google Cloud regions. Data in transit is encrypted with TLS; data at rest is encrypted by the platform. On the device, sensitive credentials are held in the platform keychain (iOS) or the encrypted shared-preferences store (Android) — never in plain text.
Member-visible data is partitioned per account through Firestore security rules, so one member cannot read or alter another member's records. Administrative access is restricted by role-based permissions and recorded in audit logs.
Chat content is scanned against our community standards and members may report or block other users directly from the app. Rate limits protect the moderation queue from abuse.
6. Your rights
You may, at any time:
- Access the personal information held about you by contacting privacy@vvipmembership.com.
- Correct inaccurate details from within the app or through your agent.
- Delete your account and associated data — the in-app remove-account flow initiates this; regulatory records may be retained for statutory periods noted below.
- Export a copy of the information you have provided in a structured, machine-readable format.
- Withdraw consent to non-essential processing, including marketing emails and non-essential analytics.
7. Data retention
We retain account information for the lifetime of your membership and for a reasonable period thereafter. Transaction and KYC records are retained for at least five years after the end of the relationship, as required of regulated providers under UAE anti-money-laundering regulations. Chat history is retained for as long as the associated service request remains open, plus thirty days.
8. International transfers
Our infrastructure providers operate globally. Personal information may be processed in countries outside the UAE. Where this occurs, we rely on the data-export safeguards provided by those vendors' standard contractual terms and on the adequacy assessments of the UAE Data Office.
9. Children
VVIP Membership is intended for adults aged 18 and above. We do not knowingly collect information from anyone below the age of majority in their jurisdiction. If you believe a minor has supplied information to us, contact us and we will delete it.
10. Changes to this policy
We may update this policy to reflect changes in the service or the law. Material changes are announced in-app and by email at least seven days before they take effect. The effective date at the top of this page reflects the latest revision.
11. Contact us
For privacy questions, access requests, or complaints, write to privacy@vvipmembership.com or through the support chat inside the application. You also have the right to lodge a complaint with the UAE Data Office.