Daira home

Privacy Policy

Data collection, processing, and protection.

Flow Metrics Accounting and Bookkeeping L.L.C. (“Daira,” “we,” “us,” or “our”) is committed to protecting the privacy and security of data processed through our technology platform (the “Platform”). This Privacy Policy explains how we collect, use, store, share, and protect information when you use the Platform, including data obtained from your enterprise resource planning (“ERP”) systems and accounting software.

This Privacy Policy applies to all users of the Platform, including business administrators, authorised users, and any individual whose personal data may be processed through the Platform. By using the Platform, you consent to the practices described in this Privacy Policy.

1. Data Controller and Contact Information

Flow Metrics Accounting and Bookkeeping L.L.C. acts as the data processor on behalf of its customers (the “Data Controllers”) for all Customer Data processed through the Platform. For matters relating to data privacy, you may contact us at: contact@daira.me or Office 411, Downtown Dubai Mall — Level M Fountain Views, UAE.

2. Data

2.1 Financial Transaction Data

When you connect your ERP system (such as Zoho Books, Odoo, QuickBooks, Xero, or other supported platforms) to the Daira Platform, we access and process the following categories of financial data:

  • Chart of accounts, account balances, and general ledger entries.
  • Accounts receivable and accounts payable records, including invoice details, payment terms, and aging schedules.
  • Bank transaction records, including deposits, withdrawals, transfers, and reconciliation data.
  • Revenue and expense transactions, categorised by account type, department, or cost centre.
  • Cash flow records, including opening and closing balances.
  • Tax-related data, including VAT records, tax filing information, and compliance data.
  • Payroll summary data (aggregate figures only; individual employee salary data is not collected unless expressly authorised).
  • Fixed asset registers and depreciation schedules.

2.2 Business Profile Data

  • Company name, trade licence number, and registration details.
  • Industry classification and business type.
  • Contact information for authorised business representatives.
  • Banking institution details (bank name and branch; not account numbers or credentials).

2.3 User Account Data

  • Name, email address, and phone number of authorised users.
  • Role and access level within the Platform.
  • Login credentials (stored in encrypted form; passwords are hashed and never stored in plaintext).
  • Usage logs, including login times, features accessed, and actions performed within the Platform.

3. How We Record and Store Data

3.1 Data Synchronisation

The Platform connects to your ERP system via secure API integrations. Data is synchronised at regular intervals as configured by the Customer (e.g., daily, weekly, or in real-time where supported). Each synchronisation event is logged with a timestamp, data volume summary, and synchronisation status for audit trail purposes.

3.2 Data Storage

All Customer Data is stored on secure cloud infrastructure hosted in the United Arab Emirates or such other jurisdictions as disclosed to the Customer. Data is encrypted both at rest (using AES-256 encryption) and in transit (using TLS 1.2 or higher). Access to stored data is controlled through role-based access controls and multi-factor authentication.

3.3 Data Retention

Customer Data is retained for the duration of the Customer's subscription and for a period of one hundred and eighty (180) days following termination, after which it is permanently deleted unless: (a) the Customer requests earlier deletion; (b) retention is required by UAE law or regulation; or (c) the data has been anonymised and aggregated in a manner that does not identify the Customer.

4. How We Use Your Data

4.1 Primary Purposes

  • To provide, maintain, and improve the Platform and its features.
  • To generate financial health scores, cash flow forecasts, and analytical insights for the Customer.
  • To produce reports, dashboards, and benchmarks requested by the Customer.
  • To provide customer support and technical assistance.
  • To ensure the security and integrity of the Platform.

4.2 Aggregated and Anonymised Data

We may create Aggregated Data by combining and anonymising Customer Data such that no individual Customer or business can be identified. We use Aggregated Data for the following purposes:

  • Developing and publishing industry benchmarks, trend reports, and research insights.
  • Improving our algorithms, machine learning models, and analytical capabilities.
  • Creating comparative analyses that help SMEs understand their performance relative to industry peers.
  • Marketing and promotional purposes (in anonymised form only).

For the avoidance of doubt, Aggregated Data will never reveal the identity, specific financial figures, or proprietary business information of any individual Customer.

4.3 Communications

We may use your contact information to send transactional communications (such as service notifications, security alerts, and billing information) and, with your consent, marketing communications about Daira products and services. You may opt out of marketing communications at any time.

5. Data Sharing and Disclosure

We do not sell Customer Data or personal data to third parties. We may share data in the following limited circumstances:

  • Service Providers: We engage trusted third-party service providers who assist in operating the Platform (e.g., cloud hosting providers, analytics tools, customer support platforms). These providers are contractually bound to use Customer Data only for the purposes of providing services to Daira and are subject to confidentiality obligations no less protective than those in this Privacy Policy.
  • Legal Requirements: We may disclose data if required by law, regulation, legal process, or governmental request, including to comply with UAE Federal authorities, ADGM, DIFC, or other regulatory bodies.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, Customer Data may be transferred to the successor entity, subject to the same privacy protections described herein.
  • With Customer Consent: We may share data with third parties where the Customer has provided explicit written consent.

6. Data Subject Rights

Depending on applicable data protection laws (including UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data), individuals whose personal data is processed through the Platform may have certain rights, including:

  • The right to access personal data held about them.
  • The right to request correction of inaccurate or incomplete personal data.
  • The right to request deletion of personal data (subject to legal retention requirements).
  • The right to object to certain types of data processing.
  • The right to data portability.

To exercise any of these rights, please contact us at contact@daira.me. We will respond to verified requests within thirty (30) calendar days.

7. Security Measures

Daira implements and maintains comprehensive security measures designed to protect data, including:

  • Encryption of data at rest (AES-256) and in transit (TLS 1.2+).
  • Regular security audits and penetration testing.
  • Employee security training and background checks.
  • Secure software development lifecycle practices.

8. International Data Transfers

Customer Data is primarily stored and processed within the United Arab Emirates. If any data is transferred to jurisdictions outside the UAE, Daira shall ensure that appropriate safeguards are in place to protect the data in accordance with applicable data protection laws, including the use of standard contractual clauses or other legally recognised transfer mechanisms.

9. Cookies and Tracking Technologies

The Platform may use cookies, web beacons, and similar tracking technologies to enhance your experience, analyse usage patterns, and improve our services. You may manage your cookie preferences through your browser settings. Essential cookies required for the Platform to function may not be disabled.

10. Children's Data

The Platform is not intended for use by individuals under the age of eighteen (18). We do not knowingly collect personal data from minors. If we become aware that we have collected personal data from a minor, we will take steps to delete such data promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to Customers through the Platform or by email at least thirty (30) days before they take effect. The “Effective Date” at the top of this Privacy Policy indicates when it was last revised.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Flow Metrics Accounting and Bookkeeping L.L.C.
Email: contact@daira.me
Address: Office 411, Downtown Dubai Mall — Level M, Fountain Views, Dubai, UAE

Questions about how we handle your data?

Email us and we'll walk you through it.

Email usBook a free consultation