Privacy Policy

FMCG Packaging (Visionics L.L.C-FZ)

Effective date: 22 April 2026

1. Introduction

This Privacy Policy explains how Visionics L.L.C-FZ (operating under the trade name “FMCG Packaging,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal data when you visit www.fmcgpackaging.com (the “Website”), submit an enquiry or lead form, interact with our advertisements, or otherwise do business with us.

Visionics L.L.C-FZ is a company registered in the Meydan Free Zone, Dubai, United Arab Emirates. We operate as a business-to-business (B2B) packaging sourcing and supply company serving clients globally. This policy is written to comply with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (“UAE PDPL”), the EU General Data Protection Regulation 2016/679 (“GDPR”) and the UK GDPR where applicable, and the California Consumer Privacy Act as amended by the CPRA (“CCPA/CPRA”) for California residents.

By using the Website or submitting personal data to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with it, please do not use the Website or submit personal data to us.

2. Data Controller

The data controller responsible for your personal data is Visionics L.L.C-FZ, registered in the Meydan Free Zone, Dubai, United Arab Emirates. Contact details for privacy matters are set out in Section 13 below.

3. Personal Data We Collect

We collect the following categories of personal data:

3.1 Information you provide directly

• Identity and contact data: first and last name, job title, company name, country, business email address, and business telephone number — typically submitted through our enquiry forms, Meta lead ads, or email correspondence.
• Commercial enquiry data: product specifications, order quantities, shipping destinations, target pricing, timelines, and any other information you voluntarily share to allow us to quote or fulfil a sourcing request.
• Communications data: the content of emails, messaging app conversations, call notes, and any other correspondence you exchange with us.

3.2 Information we collect automatically

• Device and connection data: IP address, approximate location (country/region level), browser type and version, operating system, device type, and referring URL.
• Usage data: pages viewed, time spent on pages, click paths, form interactions, and similar analytics signals.
• Cookies and similar technologies: as described in Section 6 below.

3.3 Information from third parties

• Lead-generation platforms: when you submit a form through a Meta (Facebook/Instagram) lead advertisement, Meta forwards your submitted details (name, email, phone, and any custom fields) to us.
• Publicly available sources: business directories, LinkedIn company pages, trade registries, and similar sources where we verify business contacts.

We do not knowingly collect special categories of personal data (such as data revealing racial or ethnic origin, religious beliefs, or health data) and we ask that you do not submit such data to us.

4. How We Use Your Personal Data and Lawful Bases

We use personal data for the purposes set out below. Under the GDPR we must rely on a lawful basis for each processing purpose; we have identified the applicable basis in each case.

4.1 To respond to your enquiry and provide quotations

We use your contact and commercial enquiry data to understand your requirements, prepare a quotation, source products, and communicate with you throughout the sales cycle.

GDPR lawful basis: performance of a contract or steps taken at your request prior to entering a contract (Art. 6(1)(b)); and our legitimate interests in conducting B2B commercial activity (Art. 6(1)(f)).

4.2 To fulfil orders and deliver products

If you proceed to place an order, we use your data to arrange manufacturing, shipping, customs clearance, invoicing, and after-sales support, including sharing minimum necessary data with freight forwarders, customs brokers, and manufacturers.

GDPR lawful basis: performance of a contract (Art. 6(1)(b)).

4.3 Marketing and lead nurturing

We may send you commercial communications about our products and services — including product updates, case studies, and offers — by email, WhatsApp, or similar channels, where you have given consent or where you are an existing B2B client and the communication relates to similar products (soft opt-in).

GDPR lawful basis: consent (Art. 6(1)(a)) for new prospects; legitimate interests (Art. 6(1)(f)) for existing B2B clients. You may withdraw consent or object at any time.

4.4 Website analytics and performance

We use aggregated and pseudonymised analytics data to understand how the Website is used, measure advertising effectiveness, and improve user experience.

GDPR lawful basis: consent (Art. 6(1)(a)) where cookies are non-essential; legitimate interests (Art. 6(1)(f)) for strictly necessary analytics.

4.5 Compliance, fraud prevention, and legal claims

We may process personal data to comply with legal or regulatory obligations (including anti-money-laundering, tax, and export-control rules), to prevent fraud, and to establish, exercise, or defend legal claims.

GDPR lawful basis: legal obligation (Art. 6(1)(c)); legitimate interests (Art. 6(1)(f)).

5. Third-Party Services and Recipients

We use the following categories of third-party service providers. Each provider processes personal data only on our instructions and under a written data-processing agreement where legally required.

5.1 Meta Platforms (Facebook and Instagram)

We run lead-generation advertising campaigns on Meta platforms. When you submit a Meta lead form, Meta transmits the details you entered to us. We also use the Meta Pixel and Conversions API on the Website to measure ad performance, optimise campaigns, and build custom and lookalike audiences. For more information about how Meta processes your data, see Meta’s Privacy Policy at https://www.facebook.com/privacy/policy.

5.2 Zoho Corporation (Zoho CRM)

We use Zoho CRM to store and manage information about leads, contacts, and business relationships. Personal data you submit to us is imported into Zoho CRM and accessed by authorised team members for sales, account management, and operational purposes. See Zoho’s Privacy Policy at https://www.zoho.com/privacy.html.

5.3 Google Analytics

We use Google Analytics (GA4) to collect aggregated, pseudonymised data about how visitors interact with the Website. Google Analytics uses cookies and similar identifiers; IP addresses are truncated before storage where supported. See Google’s Privacy Policy at https://policies.google.com/privacy.

5.4 Email marketing and automation

We use an email marketing provider (for example, Zoho Campaigns, Mailchimp, or a comparable tool) to send newsletters, product updates, and transactional messages. The provider processes your email address, name, engagement events (opens, clicks), and any preferences you have set.

5.5 Other service providers

We also share personal data, on a need-to-know basis, with: hosting and infrastructure providers; payment processors and banks (for invoicing and receipts); freight forwarders, shipping lines, and customs brokers; accountants, auditors, and legal advisors; and manufacturers and suppliers strictly to the extent required to fulfil your order.

6. Cookies and Similar Technologies

The Website uses cookies and similar technologies (pixels, local storage, server-side tags) to operate, secure, and improve the site and to measure advertising effectiveness. We use the following categories:

• Strictly necessary cookies: required for the Website to function (e.g., session management, load balancing).
• Analytics cookies: used by Google Analytics to understand usage patterns.
• Advertising and retargeting cookies: used by the Meta Pixel and similar platforms to measure ad performance and serve relevant ads.

Where required by law (including the EU ePrivacy Directive), we request your consent before placing non-essential cookies through a cookie banner. You can withdraw or change your consent at any time by clicking the cookie-settings link in the footer of the Website or by clearing cookies in your browser.

7. International Data Transfers

Because we operate globally, your personal data may be transferred to and processed in countries other than your own, including the United Arab Emirates, the United States, India, the European Union, and wherever our service providers operate.

Where personal data is transferred out of the European Economic Area, the United Kingdom, or another jurisdiction with restrictions on cross-border transfers, we implement appropriate safeguards — typically the European Commission’s Standard Contractual Clauses, the UK International Data Transfer Addendum, or a recognised adequacy decision — and conduct a transfer impact assessment where required.

For transfers governed by the UAE PDPL, we transfer personal data only to jurisdictions with an adequate level of protection or on the basis of contractual safeguards and, where necessary, the data subject’s consent.

8. Data Retention

We retain personal data only for as long as necessary for the purposes set out in this policy, and then delete or anonymise it. Typical retention periods are:

• Active leads and prospects: up to 24 months after last meaningful contact.
• Client records (after contract formation): for the duration of the commercial relationship plus 7 years, to meet UAE corporate and tax record-keeping requirements.
• Marketing lists: until you unsubscribe or object, after which your email is added to a suppression list to honour your opt-out.
• Website analytics: up to 14 months in aggregated form.
• Records required for legal claims or compliance: for the period required by the applicable statute of limitations or regulation.

9. Your Rights

Depending on the law that applies to you, you have the following rights in respect of your personal data. We honour all of these rights for any individual who submits a verifiable request, regardless of location.

9.1 Rights under the GDPR and UK GDPR

• Right of access: obtain confirmation of, and a copy of, the personal data we hold about you.
• Right to rectification: correct inaccurate or incomplete data.
• Right to erasure: request deletion where one of the grounds under Art. 17 GDPR applies.
• Right to restrict processing: in the circumstances set out in Art. 18 GDPR.
• Right to data portability: receive your data in a structured, commonly used, machine-readable format.
• Right to object: object to processing based on legitimate interests or for direct marketing at any time.
• Right to withdraw consent: at any time, without affecting the lawfulness of processing before withdrawal.
• Right to lodge a complaint: with your local supervisory authority (for example, the UK Information Commissioner’s Office).

9.2 Rights under the UAE PDPL

• Right to be informed of processing.
• Right to request access, correction, or deletion of your personal data.
• Right to restrict or object to processing.
• Right to request transfer of your personal data.
• Right to withdraw consent where consent is the lawful basis for processing.
• Right to lodge a complaint with the UAE Data Office.

9.3 Rights under the CCPA/CPRA (California residents)

• Right to know what personal information we collect, use, disclose, and sell or share.
• Right to delete personal information, subject to statutory exceptions.
• Right to correct inaccurate personal information.
• Right to opt out of the sale or sharing of personal information. We do not sell personal information for monetary consideration. Our use of advertising cookies (including the Meta Pixel) may constitute “sharing” under the CPRA; you can opt out by changing your cookie preferences or by emailing us.
• Right to limit the use of sensitive personal information. We do not use sensitive personal information for purposes that trigger this right.
• Right to non-discrimination for exercising any CCPA/CPRA right.

9.4 How to exercise your rights

To exercise any of these rights, email us at privacy@fmcgpackaging.com with enough information for us to verify your identity. We will respond within 30 days, or such shorter period as the applicable law requires.

10. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These include encryption in transit (TLS), access controls, logging, staff training, vendor due diligence, and written data-processing agreements with our key service providers. No method of transmission or storage is completely secure; if we become aware of a personal data breach that meets the applicable notification threshold, we will notify affected individuals and regulators within the timelines required by law.

11. Children’s Privacy

The Website and our services are directed at businesses and professional buyers, not children. We do not knowingly collect personal data from anyone under 18. If you believe a child has submitted personal data to us, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will update the effective date at the top of this policy and, where appropriate, notify you by email or through a notice on the Website. We encourage you to review this policy periodically.

13. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us: