Company	Effective Date	Last Updated
Oudience LLC – Sharjah Media City Free Zone (SHAMS)	21stOctober 2025	21stOctober 2025

 

This Vendor Privacy & Data Protection Policy (“Policy”) explains how Oudience LLC (“we,” “us,” or “our”) collects and processes information relating to businesses and individuals (“Vendors” or “you”) who list, sell, or provide goods and services through the OREYA marketplace.

It complements the Vendor Terms of Service and other Vendor Policies incorporated therein.

By registering or using the Vendor Dashboard, you acknowledge and agree to the terms of this Policy.

Oudience LLC acts as a data controller for information it collects directly from Vendors, and as a joint or independent controller with certain technical service providers for data processed through integrated e-commerce and payment systems.

We collect only the data necessary to lawfully onboard Vendors, facilitate marketplace operations, and ensure secure transactions.

Category	Examples	Source / Method
Business Identification Data	Representative name, Company name, Brand name, etc. as per the “Sell with us” page.	Provided by Vendor during onboarding
Financial & Payment Data	Bank details, payment gateway identifiers, payout records	Collected through integrated payment routing systems
Store & Listing Data	Product titles, images, pricing, descriptions, stock, quantity, and more as per the “Add Product” form.	Entered directly by Vendor via dashboard
Transactional Records	Orders, invoices, refunds, commissions, and payout history	Generated automatically through the marketplace infrastructure
Communication Logs	Emails, chat records, and support requests	Captured through helpdesk and communication systems

 

We do not collect or store Vendor passwords for external payment or e-commerce accounts.

We process Vendor data for legitimate business and compliance purposes, including:

·      Vendor Onboarding & Verification:to establish identity, verify licensing, and enable participation in the marketplace.

·      Marketplace Operation:to publish listings, process orders, and manage transactions.

·      Payment Routing & Accounting:to calculate commissions, issue invoices, and route payouts via licensed payment channels.

·      Compliance with Law:to satisfy tax, regulatory, and anti-fraud obligations under UAE law.

·      Communication  & Support:to manage technical queries, notifications, and account correspondence.

·      Business Analysis:to evaluate platform performance, maintain service integrity, and improve operational efficiency.

·      Mutual Duty of Confidence:Oudience LLC and Vendors shall keep all non-public business, financial, or technical information strictly confidential.

·      Access Control:Vendor data is available only to authorized Oudience LLC personnel and vetted technical providers on a need-to-know basis.

·      Sharia Compliance:All data handling follows the Islamic principle of trust — prohibiting unjust disclosure, misuse, or exploitation of private information.

Vendors may access limited Customer information (e.g., name, contact details, order contents) solely for legitimate order fulfilment and after-sales support.You must not:

·      Store Customer data beyond the fulfilment or legally required period;

·      Use Customer data for advertising, profiling, or marketing without explicit Customer consent; or

·      Disclose Customer data to any third party except as required for lawful transaction processing.

Failure to comply constitutes a material breach of the Vendor Policies and may result in suspension, bans or legal action.

·      Hosting Environment:Vendor and transaction data are hosted on secure e-commerce cloud infrastructure managed by trusted international service providers certified under globally recognized information-security standards.

·      Payment Data:All payment information is processed through licensed payment intermediaries that comply with PCI-DSS and equivalent financial-security frameworks. Oudience LLC does not store cardholders or full payment credentials.

·      Integration Middleware:Certain platform integrations act purely as technical connectors to enable automatic payment routing and dashboard synchronization. These integrations do not independently store Vendor data beyond what is processed through the e-commerce environment.

·      Retention Period:We retain Vendor data only as long as necessary for platform operation, accounting, and compliance. Once retention obligations expire, data is securely deleted or irreversibly anonymized.

Oudience LLC engages a limited number of authorized technical vendors to operate the marketplace ecosystem, including:

·      E-commerce infrastructure providers for hosting, order management, and catalogue synchronization;

·      Payment and payout systems for secure financial settlements; and

·      Monitoring and analytics tools for platform performance and security.

All such providers are carefully selected for their compliance with UAE Data Protection Law, robust security posture, and industry certification.Specific provider identities are not publicly disclosed to maintain confidentiality and prevent security risks.

Under the UAE Data Protection Law and principles of fairness and transparency, Vendors have the following rights:

·      Access:to obtain confirmation and a copy of data we hold about you.

·      Rectification:to correct inaccurate or incomplete information.

·      Deletion:to request erasure of data no longer required for lawful or contractual purposes.

·      Restriction:to limit processing while a dispute or inquiry is under review.

·      Complaint:to raise concerns directly with Oudience LLC

Requests can be sent by contacting us as described under the contact section of this document.

If a personal-data breach occurs that could result in significant risk to Users, Oudience LLC will:

·      Immediately assess and contain the incident;

·      Notify the UAE Data Office and affected Users without undue delay; and

·      Document the nature of the breach and remedial actions taken.

We also maintain an internal incident log for accountability and future risk mitigation.

·      Governing Law & Jurisdiction:This policy and any non-contractual obligations arising out of or in connection with them are governed by the laws of the United Arab Emirates, as applied in the Emirate of Sharjah, with reference to the principles of Islamic Sharia concerning morality, fairness, and public order. The courts of Sharjah shall have exclusive jurisdiction.

·      Language & Prevailing Version:This policy is drafted in English. Any translation is provided for convenience. In the event of inconsistency or ambiguity, the English version prevails, provided that any Arabic translation required for UAE court submission shall faithfully reflect the English version.

·      Entire Agreement & Updates:This policy, together with the incorporated Customer Policies, constitute the entire agreement between you and Oudience LLC regarding use of the Platform. We may update these policies or any Customer Policy by posting a revised version with an updated “Last Updated” date. Your continued use after posting constitutes acceptance of the updated terms.

Thank you for reading our Privacy & Data Protection Policy for Vendors. If you have any further questions, please feel free to contact usby filling out the form available in-app or on our website’s contact pageand we shall be happy to answer.