Privacy Policy
Last updated: 18 April 2026
This policy explains what data basimibrahim.com collects, why, and how it is protected. As a cybersecurity professional, privacy is not a checkbox — it is a commitment.
1. Data Controller
The data controller for this website is:
This site operates under UAE Federal Decree-Law No. 45 of 2021 (Personal Data Protection Law — PDPL) and, where applicable to visitors from the European Economic Area, the EU General Data Protection Regulation (GDPR).
2. What Data We Collect
2.1 Contact Form
When you submit the contact form, we collect your name, email address, and message content. This data is used solely to respond to your enquiry and is never sold or shared with third parties for marketing.
2.2 Server Logs
Our web server automatically records standard access logs containing your IP address, browser type, referring URL, and pages visited. This is standard server infrastructure logging retained for security and troubleshooting purposes only.
2.3 Analytics (Consent Required)
If you accept analytics cookies, Microsoft Clarity collects behavioural data as described in Section 3 below. No analytics data is collected if you decline or have not yet responded to the cookie banner.
3. Microsoft Clarity & Analytics
This website uses Microsoft Clarity, a behavioural analytics tool provided by Microsoft Corporation. Clarity is only activated after you explicitly accept analytics cookies via the consent banner.
When active, Clarity may collect:
- Mouse movements, clicks and scroll depth (session replays)
- Heatmap data showing aggregate interaction patterns
- Pages visited, time on page and navigation paths
- Device type, screen resolution and browser
- Approximate geographic location (country/city level)
Important: What Clarity Does NOT Collect
Microsoft Clarity automatically masks passwords, payment card fields and other sensitive inputs. No personally identifiable financial or credential data is ever captured. Microsoft acts as a data processor under a Data Processing Agreement.
Data collected by Clarity is stored by Microsoft in Azure datacentres and is subject to Microsoft's Privacy Statement. You can opt out of Clarity entirely via the cookie preference manager on this page.
5. Legal Basis for Processing
Contact Form Data
Processed on the basis of legitimate interest and contractual necessity — to respond to a professional enquiry you initiated. (UAE PDPL Art. 4; GDPR Art. 6(1)(b))
Analytics (Clarity)
Processed on the basis of explicit consent given via the cookie banner. You may withdraw consent at any time. (UAE PDPL Art. 5; GDPR Art. 6(1)(a))
Server Logs
Processed on the basis of legitimate interest in maintaining security, diagnosing errors and preventing abuse. (UAE PDPL Art. 4; GDPR Art. 6(1)(f))
Essential Cookies
No legal basis required — strictly necessary for the website to function and to protect against CSRF attacks. Exempt from consent requirements under UAE PDPL and ePrivacy Directive.
6. Data Retention
- Contact form submissions — retained for up to 12 months from the date of receipt, then securely deleted.
- Server access logs — retained for up to 90 days for security monitoring, then automatically purged.
- Microsoft Clarity data — retained by Microsoft for up to 13 months per Microsoft's data retention policy.
- Consent records — retained for 1 year to honour your stated preference.
7. Third-Party Services
The following third-party services are used on this site:
| Service | Provider | Purpose | Privacy Policy |
|---|---|---|---|
| Microsoft Clarity | Microsoft Corporation (US) | Behavioural analytics (consent-gated) | privacy.microsoft.com |
| Google Analytics | Google LLC (US) | Page view and traffic analytics | policies.google.com |
| Bootstrap CDN | jsDelivr (Luxembourg) | CSS/JS framework delivery | jsdelivr.com |
| Google Fonts | Google LLC (US) | Web font delivery (deferred, non-tracking) | policies.google.com |
No data is sold to third parties. No advertising networks or social media tracking pixels are used on this site.
8. Your Rights
Under UAE PDPL and GDPR, you have the following rights regarding your personal data:
Access
Request a copy of the personal data we hold about you.
Correction
Ask us to correct inaccurate or incomplete data.
Erasure
Request deletion of your data, subject to legal retention obligations.
Restriction
Ask us to pause processing of your data in certain circumstances.
Objection
Object to processing based on legitimate interest.
Portability
Receive your data in a structured, machine-readable format (GDPR).
Withdraw Consent
Revoke analytics consent at any time — this does not affect past processing.
Lodge a Complaint
File a complaint with the UAE DIFC Commissioner of Data Protection or your local data protection authority.
To exercise any right, contact privacy@basimibrahim.com. Requests will be acknowledged within 72 hours and resolved within 30 days as required by UAE PDPL.
10. Contact & Data Requests
For any privacy-related enquiry, data access request, or to report a concern:
Email: privacy@basimibrahim.com
Response time: Within 72 hours
Resolution time: Within 30 days (UAE PDPL requirement)
This policy may be updated periodically. Material changes will be indicated by a revised "Last updated" date at the top of this page. Continued use of the site after changes constitutes acceptance of the updated policy.