top of page

PRIVACY POLICY
Last Updated: November 14, 2025


1.      Introduction and Scope
The Imperfect Self FZ-LLC (hereinafter referred to as "The Imperfect Self," "we," "us," or "our") is a company registered in the Dubai World Trade Centre Free Zone, United Arab Emirates. We are committed to protecting the privacy and security of your personal data in compliance with applicable data protection laws, including the UAE Federal Decree-Law No. 45 of 2021 regarding the Protection of Personal Data (PDPL) and the European Union General Data Protection Regulation (GDPR).
 
This Privacy Policy governs the collection, use, storage, and protection of your personal information when you interact with our website, located at www.theimperfectself.com, or engage with our services, including:

  • Visiting our website.

  • Signing up for our early access program.

  • Participating in market research questionnaires (for both users and coaches).

  • Subscribing to our newsletters or updates.

  • Contacting us through email or social media channels.

By accessing our website or providing your personal data to us, you acknowledge that you have read and understood the terms of this Privacy Policy.
 
2.      Data Controller
The Imperfect Self FZ-LLC acts as the Data Controller for the personal data processed under this policy.
 
For residents of the European Union and the United Kingdom, we have appointed a designated representative in accordance with the GDPR. You may contact our representative at hello@theimperfectself.com for all matters related to this policy.
 
3.      Categories of Personal Data Collected
We collect personal data that you voluntarily provide to us and data that is automatically collected during your interaction with our services. The provision of your personal data to us is voluntary; however, certain data are necessary for us to provide you with our services. If you choose not to provide the required information, some services may not be available to you.
 

1. Information Provided Directly by You

This category includes data collected when you register for early access, complete a questionnaire, or communicate with us:

  • Identity and Contact Data: Name, email address, and country of residence.

  • Professional and Role Data: Your designated role type (e.g., user or coach).

Voluntary Feedback Data: Responses to research questionnaires concerning interests, goals, and motivations, as well as any voluntary comments or feedback you provide.

​2. Automatically Collected Data

When you access our website, we automatically collect certain technical and usage data:

  • Technical Data: Internet Protocol (IP) address, browser type and version, operating system, and device type.

Usage Data: Date and time of access, referring website address, pages visited, and the duration of your visit. This data is primarily collected via anonymized analytics.

3. Cookies and Similar Technologies

We currently utilize essential cookies necessary for the operation of our website. Should we introduce optional cookies for analytics, performance, or personalization in the future, we will obtain your explicit consent prior to their deployment. Our use of analytics, advertising, or performance cookies complies fully with the GDPR and the ePrivacy Directive. Please refer to our separate Cookie Policy for comprehensive details on the use of these technologies. 
 
4.      Purposes and Legal Basis for Processing
We process your personal data only when we have a valid legal basis to do so, as outlined below in accordance with GDPR and PDPL principles.
We process your personal data for the following purposes and under the corresponding legal bases:

  • Early Access Registration: To confirm your participation in the early access program and to provide relevant updates regarding the product launch. This processing is based on your consent.

  • Communication and Updates: To send you updates, newsletters, and information about opportunities related to our mission and services. The processing is based on your consent or our legitimate interest for existing users, provided your interests and fundamental rights do not override those interests.

  • Market Research: To gather insights from questionnaire responses for the purpose of product design, feature development, and service refinement. This processing is based on your consent.

  • Product Development and Improvement: To analyze usage patterns and feedback to enhance the user experience, functionality, and performance of our services. This processing is necessary for our legitimate interestin improving our business and services.

  • Website Analytics: To measure and analyze website performance, traffic sources, and user engagement to ensure operational efficiency. This processing is necessary for our legitimate interest in monitoring and maintaining the performance of our website.

  • Legal Compliance: To comply with legal obligations, including responding to lawful requests from public authorities and meeting data protection requirements. 

We always balance our legitimate interests against your rights and freedoms, and we do not process your data in a way that overrides your interests. We affirm that we do not engage in profiling or automated decision-making that produces legal effects concerning you or similarly significantly affects you.
 
5.      Data Retention and Deletion
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Early Access Data: Retained until the official product launch or until you withdraw your consent by unsubscribing.

  • Questionnaire Data: Retained for a maximum period of twenty-four (24) months, after which it is securely anonymized for long-term statistical analysis.

  • Communication Records: Retained for up to twelve (12) months following the last communication, unless a longer retention period is required by law.

  • Analytics Data: Anonymized within six (6) months of collection.

Upon the expiration of the applicable retention period, your personal data will be securely deleted or permanently anonymized. You have the right to request the deletion of your data at any time by contacting our Data Protection Contact. We will confirm the deletion within thirty (30) days of receiving a valid request.
 
6.      Data Security and Protection Framework
We have implemented robust technical and organizational measures to protect your personal data from accidental loss, unauthorized access, alteration, disclosure, or destruction. Our security framework is aligned with the principles of the UAE PDPL and GDPR.

  • Encryption: All data is encrypted both in transit (using SSL/TLS) and at rest (using industry-standard encryption, such as AES-256).

  • Data Minimization: We adhere to the principle of data minimization, collecting only the personal data strictly necessary for the specified purposes.

  • Access Control: Access to personal data is strictly limited to authorized personnel on a need-to-know basis, enforced through role-based access control.

  • Audits and Testing: We conduct regular backups, vulnerability testing, and periodic reviews of our systems and third-party compliance to ensure ongoing security.

  • Incident Response: We maintain a formal Data Breach Procedure to immediately contain, investigate, and mitigate any security incident. Affected individuals will be notified within seventy-two (72) hours of becoming aware of a breach, where required by law.
     

7.      Data Sharing and Third-Party Processors
We may share your personal data with third-party service providers (Processors) who perform services on our behalf. These Processors are contractually bound to process your data only under our instructions and to maintain equivalent security and confidentiality standards, in compliance with GDPR, UAE PDPL, or equivalent frameworks.
 
We utilize the following third-party service providers (Processors) to perform services on our behalf. These Processors are contractually bound to process your data only under our instructions and to maintain equivalent security and confidentiality standards, in compliance with GDPR, UAE PDPL, or equivalent frameworks.

  • Webflow: Used for website hosting and infrastructure. Data is processed in the EU/US under Privacy Policy.

  • MailerLite: Used for email marketing and newsletter distribution. Data is processed in the EU under Privacy Policy.

  • Google Analytics: Used for website traffic and usage analysis. Data is processed globally under Privacy Policy.

  • Typeform: Used for hosting of surveys and questionnaires. Data is processed in the EU under Privacy Policy.

  • Notion: Used for internal documentation and operational data storage. Data is processed in the US under Privacy Policy.
     

8.      International Data Transfers
As we operate globally, your personal data may be transferred to, and stored at, a destination outside of your country of residence, including countries that may not provide the same level of data protection as your jurisdiction.
For transfers of personal data originating from the European Economic Area (EEA) or the United Kingdom, we ensure that such transfers are lawful and secure by implementing appropriate safeguards, including:

  • Utilizing Standard Contractual Clauses (SCCs) approved by the European Commission.

  • Ensuring that the recipient country is deemed to provide an adequate level of protection by the relevant authority.

  • Adhering to the UAE PDPL principles of fairness, transparency, and accountability for all international transfers.
     

9.      Your Data Protection Rights
Under the GDPR and the UAE PDPL, you have specific rights regarding your personal data. We are committed to facilitating the exercise of these rights.
 
Under the GDPR and the UAE PDPL, you have the following specific rights regarding your personal data:

  • Right of Access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and related information.

  • Right to Rectification: You have the right to obtain the rectification of inaccurate personal data concerning you and to have incomplete personal data completed.

  • Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your personal data under certain conditions, such as when the data is no longer necessary for the purposes for which it was collected.

  • Right to Restriction of Processing: You have the right to obtain restriction of processing where the accuracy of the data is contested, the processing is unlawful, or we no longer need the data for the purposes of the processing.

  • Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit that data to another controller without hindrance.

  • Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on legitimate interests.

  • Right to Withdraw Consent: Where the legal basis for processing is consent, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement.

To exercise any of these rights, please submit your request in writing to our Data Protection Contact at hello@theimperfectself.com. We will respond to all legitimate requests within thirty (30) days.
 
10.   Children's Privacy
Our services are not intended for, and we do not knowingly collect data from, individuals under the age of eighteen (18). If we become aware that we have inadvertently collected personal data from a minor without parental consent, we will take immediate steps to delete such information from our records.
 
11.   Links to External Websites
Our website may contain links to third-party websites or services that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.
 
12.   Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, services, or legal requirements. Any changes will be posted on this page with a revised "Last Updated" date. We encourage you to periodically review this policy to stay informed about how we are protecting your information.
 
13.   Contact Information
If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact us:
The Imperfect Self FZ-LLC
Dubai World Trade Centre Free Zone
Dubai, United Arab Emirates
hello@theimperfectself.com

bottom of page