Privacy Notice

We collect and process the following categories of personal data:

Website Usage Data: IP address, geographical location, browser type, device type, operating system, referral source, visit duration, page views, navigation paths, and data collected via cookies (see Section 13).

User-Provided Data:

• Contact information: name, email address, phone number, country, job title, company
• Job application data: CVs, cover letters, employment history, education, and any other data you provide voluntarily for recruitment
• Communication data: information provided via contact forms or customer service inquiries
• Other Data: Publicly available professional information, publications, or data you voluntarily provide

We do not intentionally collect sensitive personal data (e.g., racial origins, health, political opinions) unless required for lawful recruitment or compliance purposes.

We may receive personal data from third parties, such as business partners, professional networks, or event organizers, when they provide your contact details for potential collaboration, recruitment, or service delivery.

Providing certain personal data (e.g., name, contact details) is necessary to communicate with you or provide services, such as responding to inquiries or processing job applications. If you choose not to provide this data, we may be unable to respond or deliver services. You may provide minimal information and edit your profile at any time.

We process personal data for the following purposes, based on the specified legal grounds:

4.1. Communications (GDPR Art. 6(1)(f) – legitimate interest; GDPR Art. 6(1)(a) – consent):

• To respond to inquiries, organize meetings, or enable participation in events, using your name, contact details, and provided information
• With your consent, communications may be recorded (where permitted by law)

4.2. Marketing and Website Analytics (GDPR Art. 6(1)(a) – consent):

• To analyze Website usage (e.g., IP address, navigation paths) for marketing research, personalize services, and send promotional materials (e.g., newsletters, updates on automotive, IoT, robotics, or AI services). You may withdraw consent at any time via info@urca.ai

4.3. Service Delivery (GDPR Art. 6(1)(b) – contract; GDPR Art. 6(1)(f) – legitimate interest):

• To provide software services (automotive, IoT, robotics, AI, etc.), using your name, contact details, payment information, and service records
• To invite you to events or share updates based on legitimate interests

4.4. Recruitment (GDPR Art. 6(1)(a) – consent; GDPR Art. 6(1)(b) – contract):

• To process job applications, including CVs, cover letters, and employment history, for recruitment purposes
• To contact you regarding job opportunities or maintain a talent pool with your consent

4.5. Business Relations (GDPR Art. 6(1)(f) – legitimate interest):

• To maintain relationships with clients, vendors, or partners, using your name, contact details, and professional information for contract management, invoicing, or compliance with anti-corruption and anti-money laundering laws

4.6. Compliance (GDPR Art. 6(1)(c) – legal obligation):

• To comply with PDPL, GDPR, CCPA, or other legal requirements, including public disclosures or audits

5.1. When you submit a CV through the Website:

• We collect only the data you voluntarily provide (e.g., CV, cover letter, employment history, education)
• Your data is stored securely and used solely for recruitment purposes
• You may be contacted regarding suitable job opportunities in automotive software, IoT, robotics, AI, or other services
• Your data will not be transferred outside the EU/Egypt unless adequate safeguards are in place (e.g., Standard Contractual Clauses)

5.2. You may withdraw your application, request deletion, or access your data at any time by contacting info@urca.ai.

We may share your data with:

• Urca affiliates for service delivery or recruitment, subject to PDPL and GDPR compliance
• Trusted service providers (e.g., hosting, analytics, payment processors) acting as data processors under Data Processing Agreements
• Government authorities or legal advisors to comply with legal obligations or defend our rights
• Parties involved in mergers or acquisitions, with appropriate safeguards

Urca does not sell or rent your personal data to third parties.

Due to our operations with customers in the USA and Europe, your data may be transferred outside Egypt or the European Economic Area (EEA) to countries like the USA, which may not offer equivalent data protection. We ensure compliance with PDPL and GDPR through:

• Standard Contractual Clauses (SCCs)
• Data Processing Agreements (DPAs)
• Transfers to countries with EU adequacy decisions

Contact info@urca.ai for copies of these safeguards.

Under PDPL and GDPR, you have the right to:

• Access and receive a copy of your personal data
• Rectify inaccurate data
• Request deletion ("right to be forgotten")
• Restrict or object to processing
• Data portability
• Withdraw consent at any time via info@urca.ai (without affecting prior lawful processing)

To exercise these rights, contact info@urca.ai. We will respond within six days (per PDPL) or one month (per GDPR), extendable by two months if complex.

You may lodge a complaint with Egypt's Data Protection Center (once established) or an EU supervisory authority for GDPR-related issues.

Under the CCPA, California residents may:

• Request disclosure of data collected, used, or shared
• Request deletion of personal data
• Opt out of data sales (Urca does not sell data)

Contact info@urca.ai to exercise these rights. We will verify your identity and respond within 45 days, extendable by 45 days if needed.

The Website is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If we discover such data, we will delete it promptly.

We retain personal data only as long as necessary for the purposes outlined in this Privacy Notice or as required by law. Job application data (e.g., CVs) is retained for up to 6 months after the recruitment process unless you consent to remain in our talent pool. Upon deletion requests, we will securely delete or anonymize your data unless retention is required by law (e.g., for tax or audit purposes). Contact info@urca.ai for details.

We implement technical and organizational measures (e.g., encryption, firewalls, secure hosting, restricted access controls) to protect your data from loss, misuse, unauthorized access, alteration, or disclosure. However, no online platform is 100% secure. In case of a data breach posing risks (e.g., identity theft), we will notify you and relevant authorities promptly, per PDPL and GDPR.

We use cookies and similar technologies (e.g., pixels) to enhance user experience and analyze Website usage:

• Strictly Necessary Cookies: Essential for Website functionality; cannot be disabled
• Performance Cookies: Collect anonymized data to improve Website performance
• Functional Cookies: Enable personalization
• Targeting Cookies: Used for advertising, set by third parties (e.g., Google Analytics)

You can manage cookie preferences via your browser settings or our Website's cookie consent banner. Blocking cookies may limit functionality. Google Analytics may transfer data to the USA; you may opt out via browser settings. Cookie processing is based on consent (GDPR Art. 6(1)(a)) or legitimate interest for necessary cookies (GDPR Art. 6(1)(f)). For more information, refer to our [Cookie Policy] (if available) or contact info@urca.ai.

We use industry-standard security measures to protect data, but no internet transmission is fully secure. You transmit data at your own risk. We aim to isolate and address any security incidents promptly and notify authorities if required.

For questions, to exercise your rights, or to file complaints, contact our DPO at info@urca.ai. We will investigate and respond promptly. EU users may contact their local supervisory authority, and California residents may pursue CCPA remedies.