Governing the Nodestreak website, AI Readiness Audit, and client engagement process. This Policy explains how we collect, use, disclose, and protect your personal data.
Nodestreak ("Nodestreak," "we," "us," or "our") designs and deploys AI agents, retrieval-augmented generation systems, and agentic automation for enterprise clients across the Gulf Cooperation Council region, Pakistan, and beyond. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit https://nodestreak.com (the "Website"), submit an enquiry or an AI Readiness Audit booking, communicate with us by email or WhatsApp, or otherwise interact with us as a prospective or existing client, partner, or website visitor.
This Policy is issued in alignment with ISO/IEC 42001:2023 and is designed to give effect to applicable data protection law, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data ("UAE PDPL"), the Kingdom of Saudi Arabia Personal Data Protection Law ("KSA PDPL"), the Qatar data protection framework administered by the NCSA, the Pakistan Personal Data Protection Bill ("Pakistan PDPB"), and, where our processing touches individuals located in the European Economic Area or United Kingdom, the EU/UK General Data Protection Regulation ("GDPR").
This Policy governs personal data collected through the Website and our sales, marketing, and onboarding process. It does not govern the personal data that Nodestreak processes on behalf of a client while building, hosting, or operating a client's AI system — that processing is governed by the applicable Master Services Agreement, Statement of Work, and Data Processing Addendum agreed with the client, together with the design and operational safeguards described in the Nodestreak AI Design Policy and the Nodestreak AI Acceptable Use Policy.
Data Controller: Nodestreak, registered in a United Arab Emirates free zone, with an engineering operations base in Pakistan (together, "Nodestreak"). For the purposes of the UAE PDPL, KSA PDPL, Pakistan PDPB, and GDPR, Nodestreak acts as the data controller in respect of the personal data described in this Policy.
Contact: hello@nodestreak.com · WhatsApp: +92 320 1243568
Where required by applicable law, Nodestreak's AI Governance Lead performs the functions of a privacy point of contact for data protection enquiries relating to this Policy. Requests may be sent to the address in Section 17 below.
We use the personal data described above for the following purposes:
| Purpose | Legal Basis (illustrative) |
|---|---|
| Responding to enquiries, scheduling and conducting AI Readiness Audits and discovery calls | Performance of pre-contractual steps taken at your request; legitimate interest in responding to enquiries |
| Preparing proposals, Statements of Work, and onboarding new clients | Performance of a contract or pre-contractual steps |
| Operating, securing, and improving the Website, including diagnosing technical issues | Legitimate interest in maintaining a secure, functioning website |
| Sending marketing communications about Nodestreak's services, case studies, or events | Consent, or legitimate interest with an opt-out, as required by the law applicable to you |
| Understanding aggregate Website usage and traffic sources | Legitimate interest / consent for non-essential cookies |
| Complying with legal, tax, regulatory, and contractual obligations, and responding to lawful requests from authorities | Legal obligation |
| Establishing, exercising, or defending legal claims | Legitimate interest |
The Website uses cookies and comparable technologies (such as pixels and local storage) to operate correctly, remember preferences, and understand how visitors use the Website. We categorise these as follows:
Where required by applicable law, non-essential cookies are only set after you provide consent through the Website's cookie banner or equivalent control. You can withdraw consent, and manage or delete cookies at any time, through your browser settings; doing so may affect certain Website features.
Nodestreak operates across the United Arab Emirates, the Kingdom of Saudi Arabia, Qatar, and Pakistan, and engages service providers that may process data in other jurisdictions, including the European Union, the United Kingdom, and the United States. Where personal data is transferred across borders, we apply appropriate safeguards proportionate to the sensitivity of the data, which may include standard contractual clauses, contractual confidentiality and security obligations, and, where applicable, reliance on an adequacy or equivalent legal basis recognised under the UAE PDPL, KSA PDPL, or GDPR. Data residency commitments made to clients for AI systems we build or operate are honoured as set out in the applicable contract, consistent with Section 4.4 of the Nodestreak AI Design Policy.
We retain personal data only for as long as reasonably necessary for the purposes described in this Policy, including to satisfy any legal, accounting, or reporting requirements. As a general guide:
We apply technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction, including access controls on a least-privilege basis, encryption of data in transit, restricted and logged access to Restricted assets (as defined in the Nodestreak AI Design Policy), and vendor security assessment prior to onboarding. No method of transmission or storage is completely secure; if we become aware of a personal data breach affecting you, we will notify affected individuals and, where required, competent authorities within the timelines mandated by applicable law, consistent with the incident-reporting timelines in the Nodestreak AI Acceptable Use Policy.
Subject to the law applicable to you and to any exemptions available under that law, you may have some or all of the following rights in relation to your personal data:
To exercise any of these rights, contact us using the details in Section 17. We may need to verify your identity before actioning a request, and we will respond within the timeframe required by applicable law.
The Website is directed at business professionals and is not intended for, and is not knowingly used to collect personal data from, children. If you believe a child has provided personal data to us, please contact us so we can delete it.
Where Nodestreak designs, builds, hosts, or operates an AI system for a client — such as a RAG chatbot, WhatsApp assistant, or agentic workflow — personal data processed by that system (for example, a client's customers, patients, students, or tenants) is processed by Nodestreak as a data processor or sub-processor on the client's documented instructions, under the terms of the applicable client contract and Data Processing Addendum, and in line with the data-governance and privacy-by-design requirements of the Nodestreak AI Design Policy. Individuals whose data is processed within a client's AI system should refer to that client's own privacy notice; this Website Privacy Policy does not itself govern that processing.
We do not use the personal data described in this Policy to make decisions about you (as a website visitor or prospect) that produce legal or similarly significant effects based solely on automated processing, without human involvement. Where a client's own AI system makes or materially informs decisions about individuals, human-oversight and transparency safeguards apply as set out in Sections 4.2 and 4.7 of the Nodestreak AI Design Policy and Section 4.4 of the Nodestreak AI Acceptable Use Policy.
The Website contains links to third-party platforms, including LinkedIn, Facebook, and the WhatsApp Business Platform. This Policy does not apply to those third-party platforms; your use of them is governed by their own privacy policies and terms.
We may update this Policy from time to time to reflect changes in our practices, our services, or applicable law. The "Effective Date" at the top of this Policy indicates when it was last revised. Material changes will be reflected on this page; where required by law, we will provide additional notice.
This Policy is designed to align with the following standards, frameworks, and laws as applicable to Nodestreak's activities:
If you have questions about this Policy or wish to exercise a privacy right, please contact us at: