Privacy policy

Onyx Access places great importance on the protection of your personal data. This privacy policy describes how we collect, use and protect your information in accordance with both the United Arab Emirates Personal Data Protection Law (Federal Decree-Law No. 45 of 2021 — "UAE PDPL") and, where applicable to visitors from the European Union, the EU General Data Protection Regulation (Regulation (EU) 2016/679 — "GDPR").

1. Data controller

The controller responsible for processing your personal data is Onyx Access International Trading FZCO, whose registered office is located at Building A1, Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates.

Contact: info@onyx-access.com

Phone: +971 4 228 52 85

2. Data collected

We collect the following personal data:

Onyx Access does not process biometric data (fingerprints, facial recognition, etc.) through the onyx-access.com website. Should any future biometric identification feature be integrated into a product, it would be the subject of dedicated documentation and would be subject to applicable legal provisions (GDPR article 9 for the European Union, equivalent laws elsewhere).

  • First name and last name
  • Email address
  • Phone number
  • Company name
  • Browsing data (cookies, IP address)

2 bis. Technical data generated by connected devices

Smart Lock Connection devices are connected products capable of generating and transmitting technical and operational data to your access-control or supervision software. This data is not collected by Onyx Access through the onyx-access.com website: it remains under the responsibility of the end operator of the installation (the integrator, the distributor or the end customer operating the system).

Categories of data that may be generated by the device include:

  • Access logs and open/close events
  • Security alerts (intrusion, tampering, attempted forced entry)
  • Diagnostic data and hardware status
  • Firmware version and technical equipment information
  • Technical identifiers used for OSDP authentication

3. Purposes of processing

Your personal data is collected for the following purposes:

  • Responding to your contact and quote requests
  • Managing partner / distributor applications
  • Sending brochures and technical documentation
  • Improving our services and our website
  • Statistical analysis of website traffic

4. Lawful basis for processing

The processing of your data is based on:

  • Your consent: for the placement of non-essential cookies
  • Legitimate interest: for the improvement of our services and statistical analysis
  • Performance of a contract: for managing the commercial relationship

5. Retention period

Your personal data is retained for a period not exceeding what is necessary for the purposes for which it is collected, in accordance with applicable legal obligations. Contact data is retained for 3 years from the last contact. Browsing data is retained for a maximum of 13 months.

6. Your rights

Under the GDPR, you have the following rights:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure of your data
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw your consent at any time
  • Right to lodge a complaint with a competent supervisory authority (e.g. the UAE Data Office, or the CNIL in France)

To exercise your rights, contact us at: info@onyx-access.com

7. Cookies

For more information on our use of cookies, please refer to our Cookie Policy.

8. Data security

Onyx Access implements appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

9. Policy updates

Onyx Access reserves the right to modify this privacy policy at any time. Any modification will be published on this page with an updated date.

Last updated : June 2026

10. International data transfers

Your personal data may be processed by trusted third-party providers located outside the United Arab Emirates and the European Union, including: Netlify Inc. (hosting, United States), Google Ireland Limited (analytics, European Union) and Resend Inc. (transactional email, United States). These providers act as processors or subprocessors on behalf of the Company. Such transfers are carried out under appropriate safeguards required by the UAE PDPL and the GDPR (notably the EU Standard Contractual Clauses where applicable). The Company ensures that any subprocessor implements adequate technical and organisational measures to protect your data.

10 bis. Subprocessors and categories of recipients

Data collected through the website is accessible to the following persons, strictly limited to what is necessary for the performance of their duties:

  • Sales and technical-support teams of Onyx Access International Trading FZCO and its representatives
  • Hosting providers: Netlify, Inc. (website hosting and technical logs)
  • Analytics providers: Google Ireland Ltd. (visit statistics via Google Analytics, subject to consent)
  • Transactional email providers: Resend, Inc. (delivery of requested documents and confirmations)
  • Competent authorities solely upon duly motivated legal or judicial request

11. Complaints

For any question regarding personal data protection, the exercise of your rights, or a potential security incident, you may contact us at: info@onyx-access.com (subject: « Data protection »).

If you have any questions or concerns about the processing of your personal data, please contact us first at info@onyx-access.com. We are committed to responding as promptly as possible.

We use cookies to improve your experience. You can accept all cookies, reject non-essential ones, or customise your preferences.