MawadOnline is better on the app!
Get app-exclusive deals

Open
Register
Categories
All

Your Cart is empty

Register
All Categories
Shop by Brand
Our Vendors Latest Products Finishing Materials Why Join? Blog
Explore Mawad Expo

Data Protection and AI Use Addendum

Last updated: 25/12/2025


  1. Purpose and Scope

This Data Protection and AI Use Addendum governs the collection, use, processing, storage, disclosure, and retention of data in connection with use of the MawadOnline marketplace, the MawadVendor application, and related Platform systems. This Addendum applies to all Buyers, Vendors, and users of the Platform. It forms part of the contractual framework governing Platform use and applies in addition to, and without limiting, other applicable Terms and Policies.

  1. Roles and Responsibilities

    1. Platform role

The Platform is operated as an intermediary marketplace only. For data processing activities relating to operation, security, compliance, analytics, and enforcement of the Platform, the Platform acts as a data controller under applicable data protection law.

  1. Vendor role

Each Vendor is an independent business entity and acts as a separate data controller for personal data it collects and processes in connection with its own products, customers, fulfillment, warranties, and after sales obligations.

  1. Buyer role

Buyers provide personal data directly to the Platform and to Vendors in connection with account registration, orders, delivery, payment authorization, and dispute handling.

  1. No agency expansion

Nothing in this Addendum creates an agency, joint controllership, partnership, or employment relationship between the Platform and any Vendor in respect of personal data processing.

  1. Lawful Basis for Processing

Personal data is processed only where one or more lawful bases apply, including:

  1. performance of a contract between the Buyer and the Platform or between the Buyer and the Vendor;

  2. compliance with legal or regulatory obligations;

  3. legitimate interests of the Platform in operating, securing, improving, and enforcing the marketplace, provided such interests do not override the rights of data subjects;

  4. consent, where required by applicable law.

  1. Categories of Data Processed

The Platform may process, as applicable:

  1. account information, including names, contact details, business identifiers, and login credentials;

  2. transaction and payment related information, excluding full payment card data which is processed by independent payment gateways;

  3. delivery, logistics, and confirmation records, including photographic evidence;

  4. communications and support records;

  5. technical data, including device information, logs, identifiers, and usage metadata;

  6. content uploaded by Vendors, including product listings, images, technical documents, CAD, BIM, and other digital assets;

  7. Data generated through use of the Platform applications, including audit trails and enforcement records.

  1. AI Training and Automated Processing Disclosure

  1. Use of data for AI: The Platform may use data and content available through the Platform for artificial intelligence and machine learning purposes, including search optimization, recommendation systems, catalog structuring, analytics, forecasting, fraud detection, and compliance monitoring.

  2. Training inputs: AI systems may be trained using product data, technical documentation, digital assets, metadata, and aggregated or pseudonymized usage data.

  3. Personal data safeguards: Use of personal data for AI purposes is limited to what is permitted under applicable law and is subject to appropriate safeguards, including minimization, access controls, and security measures.

  4. No reliance or guarantees: Outputs generated by AI systems are provided for Platform operational purposes only and carry no warranty as to accuracy, completeness, or suitability for any specific purpose.

  1. Content and Data License

By uploading or submitting content or data to the Platform, Vendors grant the Platform a perpetual, worldwide, royalty free, sublicensable license to store, host, reproduce, display, modify for technical compatibility, analyze, and use such content for Platform operation, catalog management, analytics, enforcement, and AI training. This license survives suspension or termination of a Vendor account or eShop. Ownership of Vendor content is not transferred.

  1. Data Retention and Deletion

  1. Retention: Data is retained for as long as necessary to fulfill contractual obligations, comply with legal and regulatory requirements, resolve disputes, enforce Platform rules, and protect Platform interests.

  2. Deletion and restriction: Requests for deletion or restriction of personal data are assessed and handled in accordance with applicable law. Certain data may be retained notwithstanding a request where retention is legally required or necessary for enforcement, fraud prevention, dispute resolution, or record keeping.

  3. Catalog persistence: Product and catalog data may remain in Platform databases even if a Vendor ceases operating an eShop, where required for marketplace integrity, auditability, or compliance.

  1. Security Measures

The Platform implements reasonable technical and organizational measures designed to protect data against unauthorized access, loss, alteration, or disclosure. Users are responsible for maintaining the confidentiality of their credentials and securing their devices.

  1. Data Breach Handling

In the event of a personal data breach, the Platform will assess the incident and take steps required by applicable law, including notification to authorities or affected users where legally mandated. The Platform is not responsible for breaches arising from Vendor systems or third-party services outside the Platform’s control.

  1. Cross Border Transfers

Where personal data is transferred outside the United Arab Emirates, such transfers will occur only in accordance with applicable legal requirements and approved safeguards.

  1. Enforcement and Cooperation

The Platform may access, review, preserve, and disclose data where required to:

  1. Enforce Platform Terms and Policies;

  2. Investigate suspected violations, fraud, or misuse;

  3. Comply with legal obligations or lawful requests from authorities;

  4. Protect the rights, safety, and integrity of the Platform and its users.

  1. No Expansion of Liability

Nothing in this Addendum expands the Platform’s liability or obligations beyond those expressly stated. Vendors remain solely responsible for their own compliance with data protection laws in relation to their independent activities.

  1. Governing Law

This Addendum is governed by the laws of the United Arab Emirates, as applied in the Emirate of Abu Dhabi, unless mandatory law requires otherwise.