Privacy Policy

Forza provides consultancy, custom software, and AI-powered operating systems for growing companies. This policy explains what data we collect, why, and what rights you have over it.

Effective date: 19 April 2026
Controller: Forza, Dubai, United Arab Emirates
Contact: [email protected]

1. Who we are

Forza ("we", "us", "our") is a consultancy based in Dubai that builds and operates custom business systems for its clients, including CRM, sales automation, WhatsApp messaging, dashboards, and internal AI agents. This policy applies to the forzasystems.ai website, our WhatsApp business channel (+971 58 583 6856), and any systems we operate directly on behalf of clients under this domain.

2. What data we collect

We collect only what we need to respond to you, qualify enquiries, and deliver services we've been engaged to deliver. Specifically:

• Identification & contact data — your name, email address, phone number, company, and job title, where you provide them through a form, email, or WhatsApp message.
• Messaging content — the text, images, and attachments you send to our WhatsApp business number or our email addresses.
• Enquiry metadata — approximate time, source (e.g. which page or campaign referred you), and a short internal summary we generate to qualify the enquiry.
• Technical data — when you visit forzasystems.ai, our hosting provider records standard server logs (IP address, user agent, referrer, timestamp) for security and abuse prevention.

We do not use third-party advertising cookies or cross-site tracking pixels on forzasystems.ai.

3. WhatsApp business messaging

Our WhatsApp channel is delivered through the Meta WhatsApp Business Platform (Cloud API). When you message us on WhatsApp:

• Your message content and WhatsApp profile name are processed so we can respond.
• We may use an AI assistant to draft responses and qualify the conversation; a human at Forza reviews commercial conversations before closing.
• We retain the conversation history so we can continue the thread across sessions and avoid asking you the same question twice.
• Meta Platforms Ireland Ltd. acts as a processor of the message transport and applies its own WhatsApp Privacy Policy to that transit layer.

You can stop the conversation at any time by replying STOP, blocking our number, or emailing [email protected].

4. Why we use your data

• To answer your enquiry and provide the information or quote you've asked for.
• To qualify potential engagements (for example, to check fit for the services we offer).
• To perform the services agreed under a signed engagement, including operating systems we've built for you.
• To keep records for accounting, legal, and compliance obligations.
• To secure and debug the services we operate, including reviewing server logs for abuse.

Our legal bases are your consent (when you voluntarily start a conversation or send a form), performance of a contract (once you become a client), and our legitimate interest in running and defending the business.

5. How we share it

We do not sell personal data. We share it only with:

• Infrastructure providers we rely on to operate the service, including Meta Platforms (WhatsApp Cloud API), Railway (hosting), OpenAI and Anthropic (AI model inference), and the email provider we use for info@, sales@, and admin@ addresses.
• Advisors such as lawyers and accountants, where strictly necessary.
• Authorities, where we are legally required to disclose.

All our providers are contracted to process personal data only on our instructions and to keep it secure.

6. How long we keep it

• Unqualified enquiries: up to 12 months after the last message, then deleted or anonymised.
• Qualified leads and active client conversations: for the duration of the engagement plus 24 months, for continuity and to honour warranty/support obligations.
• Accounting records: retained for the period required by UAE tax and commercial law.
• Server logs: typically 30 days.

7. Where it's stored

Data is stored on servers operated by our infrastructure providers, primarily in the European Union and the United States. Where transfers leave the UAE or EU, we rely on our providers' standard contractual clauses and equivalent safeguards.

8. Your rights

You can ask us, at any time, to:

• Confirm what personal data we hold about you and provide a copy.
• Correct data that is inaccurate or out of date.
• Delete your data, where we are not legally required to retain it.
• Stop processing your data for marketing or qualification purposes.
• Export your data in a portable format.

To exercise any of these, email [email protected] from the address or number we have on file, and we'll respond within 30 days.

9. Security

We protect personal data with access controls, encryption in transit (HTTPS/TLS), encryption at rest on our main data stores, and the principle of least privilege across our team. If a breach occurs that affects your personal data, we will notify you and the relevant authority as required by law.

10. Children

Our services are not directed at children under 16. We do not knowingly collect data from children.

11. Changes to this policy

We may update this policy as our systems or the law evolves. Material changes will be posted on this page with an updated effective date. If you are an active client, we will notify you directly.