Logoticket
Logoعربي
book tickets

Privacy Policy

Al Ain Museum Website Privacy Notice Policy

  1. 1. About Al Ain Museum

    Established in 1969 under the guidance of the late Sheikh Zayed bin Sultan Al Nahyan, Al Ain Museum is the oldest museum in the United Arab Emirates. It chronicles the history of Al Ain from the Stone Age to the foundation of the UAE, showcasing artefacts uncovered across the region's archaeological sites. Located beside the historic Sultan Fort (Eastern Fort), built in 1910, the museum stands as a testament to the region's deep cultural heritage and the enduring legacy of the Al Nahyan family.

    2. About the Privacy Notice

    This Privacy Notice complies with UAE PDPL. It outlines the legal basis for processing, user rights, and data protection practices. This Privacy Notice applies to information we collect about:

    • Visitors to our digital channels (e.g., website, apps, social media channels).
    • People who choose to receive our marketing-related communications.

    The notice provides information on how we use any personal information we collect about anyone interacting with us through online platforms. Their individual rights to access, correct, and manage the information we hold about them including privacy preferences and cookie settings. Additionally, it outlines how to contact us for queries or complaints about our use of personal information or how to opt out from non-transactional communication

    3. Processing of Personal Information

    Each processing activity is based on a lawful basis such as consent, legitimate interest, legal obligation, or contract. When requesting your personal information, we will clearly explain the purpose for which it is needed and how it will be used. We will also guide our visitors to any relevant Privacy Notice for further details. Safeguarding your data is a top priority for us, and we take great care in storing this data.

    4. When do We Collect Personal Information

    Personal information is collected directly from you when you interact with us and allow us to do so.

    For instance, we gather your information when you perform the following actions with us:

    • Sign up for Al Ain Museum's services or activities, including but not limited to, creating a website profile, signing up to marketing related communications, etc.
    • Send or receive an email from us
    • Make an enquiry
    • Visit our website or other platforms
    • Apply for a role with us
    • Provide us with your feedback
    • Contact us via our customer contact center

    Information may be collected through our website, social media channels, or from any form of communication established with us.

    5. What we Collect and How We Collect it

    The personal information we collect may include the following but not limited to:

    • Full Name
    • Email Address

    Cookie Usage Our website does not use cookies to collect personal data.

    We only use cookies that are strictly necessary for the basic functionality of the website.The information that we may collect about you broadly falls into the following categories:

    5.1. How we use your information

    General Visit Information: The General Visit Information is used to help Us to better understand how our customers behave. We do this by generating reports based on such aggregated data. We may also aggregate and combine your General Visit Information with the General Visit Information of many people across our network.

    We use the reports for a variety of purposes, such as:

    • Improve customer experience and service;
    • Improve operation of Our facilities;
    • Determine timing for promotions and sales;
    • Measure the effects of advertising and marketing;
    • Plan and execute marketing and advertising campaigns;
    • Set staffing levels;
    • Set store hours; and
    • Other business and operational purposes, such as financial and product planning and execution.

    Please note, once you are Registered with us Our Services your General Visit Information is combined with your Registration Information and Activity Information. We discuss how this combined information, and Activity Information" section below. This information helps us to improve your experience in case you opt-in to receive communications with the General Visit Information of many people for marketing communications also based on your visits. Such data may also be combined with Third Party Data and used for research and analytics and/or to help serve personalized communications. We discuss how this combined information, and Activity Information" section below. This information helps us to improve your experience in case you opt-in to receive personalized advertising, marketing based on your visits. Such data may also be combined with Third Party Data and used for research and analytics and/or to help serve personalized communications. We do not combine Registration Information and Activity Information with General Visit Information from previously-collected General Visit Information from mobile devices.

    Registration Information and Activity Information: As noted above, once you Register with the Our Services, we may combine your Registration Information and Activity Information with your General Visit Information.

    All such information may be used by us for the following purposes:

    • So that we may provide you with more personalized advertising, offers, experiences and features;
    • Providing advertising we or they believe is more relevant and tailored to your interests;
    • Contacting you with special offers and incentives, where it is in accordance with your marketing preferences;
    • Analytics and market research purposes, such as understanding the shopping preferences of you and groups of people (for example, helping our partners understand which people like to go to a restaurant for dinner after seeing a movie);
    • Fulfilling your requests;
    • Other business and operational purposes, such as financial and product planning and execution.

    Other Uses: We also use your information to:

    • Help us internally operate and maintain the Our Services (such as, for the purposes of fixing malfunctioning technology, testing our systems, etc.);
    • Enhance, improve and further develop the Services (such as, creating new features or functions, refining the user experience, increasing the technical performance of our services, etc.);
    • Provide you with notices relate to your use of the Service (such as account notifications and legal notices).

    We may also use your provided Personal Information to contact you regarding products, services, and offers when you opt-in to receive them. We allow you to opt-out from receiving promotional communications from us, as described in the "How you can opt-out" section below.

    5.2. How we use cookies and similar technology

    We may use cookies and similar tracking technology (collectively "Cookies") to collect and use Activity Information about you (including to serve interest-based advertising). For further information about the types of Cookies we use, why, and how you can control Cookies, please see our Cookie Notice.

    5.3. Who we share your information with

    Except as described in this Policy, we will not disclose your Personal Information to third parties without your consent. We may disclose Personal Information to third parties in the following circumstances:

    • To Service Providers: We may disclose Personal Information to third-party service providers (e.g., payment processing, data storage and processing services) that provide their services and databases and that provide other services to us. We limit the Personal Information provided to these service providers to that which is reasonably necessary for them to perform their function, and we require them to agree to maintain technical and organizational measures necessary to ensure adequate security. We seek to limit our service providers' use of the Personal Information we disclose to them to the specific purpose for which we are disclosing it. Please note, if we engage in a joint activity, such as a competition, joint marketing campaign or similar activity, such Personal Information is transferred into a country, in which another data protection level is common and for which no adequacy decision of the Commission or the EU exists.
    • Upon Transfer of the Business: Information about users, including Personal Information, may be disclosed and otherwise transferred to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of Our company assets, or similar transaction, as well as in the event of an insolvency, bankruptcy or receivership in which Personal Information is transferred to one or more third parties as one of Our business assets.
    • To Affiliated Companies: We may disclose Personal Information and other information to our parent Company and/or other corporate enterprises. These affiliated companies may collect, use and disclose Personal Information and other information that we disclose to them in accordance with their privacy policies and procedures.
    • To Protect Our Interests: We also may disclose Personal Information and other information if we believe that doing so is legally required or is in Our interest to protect Our property or other legal rights (including, but not limited to, enforcement of agreements) or the rights or property of others, or to otherwise help protect the safety or security of the Services or other users of the guest Wi-Fi services.

    5.4. How you can opt-out

    Promotional communications opt-out

    We offer you choices regarding the receipt of promotional communications when you access the guest Wi-Fi services. If you receive promotional communications from us or from our Customers, you may unsubscribe at any time by contacting us using the contact details provided under the "Contacting Us" heading below.

    Once we receive your opt-out request, you will no longer receive communications for direct marketing purposes from us and/or from our customers.

    Your "opt-out" will not affect the lawfulness of the processing based on the consent before the withdrawal.

    For clarity, we may still collect and use (except for direct marketing purposes) your MAC Address.

    6. Information we collect automatically

    6.1. Location Data

    When you carry your device (with its Wi-fi and/or Bluetooth function enabled) into one of our venues, the technology we use detects the following: the presence of your device, its signal strength, its manufacturer (Apple, Samsung, etc.), the geographic position and a unique identifier known as its Media Access Control address (the "MAC Address"). This combination of attributes identifies a specific device to the surrounding Wi-Fi or Bluetooth networks. Because the MAC Address does not disclose the phone number, name or other obviously identifiable information about the device or its user, the information is initially anonymous or de-personalized by its nature. General Visit Information is collected as your mobile device interacts across different Locations that use our technology. For clarity, this information is automatically collected if your device's WiFi is enabled – even if you do not actually "connect" to the Location's WiFi network.

    6.2. Activity Information

    When you use Our Service, we may also automatically collect additional information from your mobile device. In some countries, including countries in the European Economic Area ("EEA"), this information may be considered personal information under applicable data protection laws. We refer to this information as – "Activity Information". This information does not reveal your identity but may include include information about the specific mobile device you are using to access Our Service, such as unique device identifiers associated with your device, the MAC Address, the model, manufacturer, operating system, browser type and language, your browser's Internet Protocol address, start and stop timestamps of your connections, amount of data uploaded/downloaded and the logged session type. We may also include broad geographic location-related data (e.g. country or city-level location). We may use cookies and other tracking technologies to collect some of this Activity Information, as further explained under the section headed "How We Use Cookies and Similar Tracking Technologies".

    7. Information you provide voluntarily

    7.1. Registration Information

    When you use the guest Wi-Fi services in one of our venues, registration is sometimes required. The "Registration Information" may include some, but not necessarily all, of the following: name, email address or demographic information (e.g. date of birth, gender, geographic area and preferences). You understand that in providing Registration Information to us through this platform, you may be permitting Us to store and access your personal data. b) link your personal data to the MAC address and your location, as offered by your mobile device, and c) use your Registration Information in such other ways which accord with the terms of this Privacy Notice and other terms that govern your use of the particular Location's guest WiFi services.

    7.2. Information we collect from third party sources

    If you Log-In to the WiFi network via a third-party service, such as Facebook Login, Twitter Login or Google OpenID, we may access the information described in the third-party service's request for authorization, such as your name, email address, gender, age, and home zip code. Please review your privacy settings with these third-party services to ensure you are sharing the information you wish to share.

    8. How long we retain your information

    We retain your information for as long as you are a user of the guest WiFi services. We also retain this information after you are no longer a user until it is no longer necessary for the purposes for which it was collected. As far as such information is subject to any statutory data retention period exceeding sixty-six days since your last use of the Wi-Fi Services, we will store the data for the duration stipulated in the respective statutory provisions; in the latter case, the data will be stored in restricted form whereas further processing is excluded. The establishment of legal claims, the exercise and legal defence, protection of the rights of another person, or reasons of important public interest.

    After this period, your personal data will be irreversibly destroyed. Any personal data held by us for marketing and service update notifications will be kept by us until such time that you notify us that you no longer wish to receive such information.

    9. Where we store your information

    9.1. Data storage location

    As Al Ain Museum is in the United Arab Emirates (UAE). We use third party service provider who may process your personal data on our behalf. We assessed the compliance and security measures intended to, but do not provide, are as set out in Processing and Data Transfer agreements (where applicable) that them that comply with the PDPL & GDPR.

    9.2. How we keep your personal information secure

    We use appropriate administrative, organizational, technical, and physical safeguards to protect the personal information submitted to us, both during transmission and once we receive it. The measures are designed to provide a level of security appropriate to the risk of processing your personal information and to help ensure that your data is safe. However, no method of transmission over the internet or method of electronic storage is 100% secure. We use reasonable efforts to protect your information but we cannot guarantee its absolute security against our network, systems, and the data stored by us have security measures. These security measures include password protected user access to IT. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so you should take care in deciding what information you send us in this way.

    9.3. Third party sites

    The pages on Our Service may, from time to time, contain links to and from the website of third parties. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any Personal Information that may be collected through these websites or services. Please check these policies before you submit any personal data to these websites or use these websites.

    9.4. Privacy Policy for children

    We do not knowingly collect information from anyone under the age of 16 unless we first obtain permission from a parent or legal guardian. However, if despite our best efforts we learn that we have collected information from a child under the age of 16 on our Platform, we will delete that information as quickly as possible. If you become aware that your child has provided us with personal information without your consent, please contact us using the contact details provided under the "Contacting Us heading below.

    9.5. Recourse, enforcement and liability

    We are dedicated to ensuring that its privacy practices are in compliance with the Principles and this Policy. Any employee that we determine is in violation of this Policy may be subject to disciplinary action up to and including termination of employment. Any third-party agent or service provider that processes personal information on our behalf and violates the Principles or fails to take reasonable steps to investigate and work with us expeditiously. To receive any complaints or disputes in accordance with the Principles and this Policy. If we do not provide a timely response to you, or you are not satisfied with the way we have handled your matter, please contact an appropriate independent dispute resolution service identified in the beginning of this Policy. The services we have Selected for this purpose are provided at no cost to you.

    We promise to do our best to remedy any problems arising out of the failure to comply with the Principles, including those responsible for handling privacy notices and we will take action against any received under the Privacy Shield. If the third party agent does not process your personal information consistent with the Policy and the Principles, and We are responsible for the events giving rise to the damage you have incurred. If the third party Privacy Shield recipient or someone else fails to act consistently with the amended terms. We reserve the right to apply the amended terms to the information we have already collected, subject to any legal requirements. We suggest that you review our Privacy Policy regularly to see if there have been any changes.

    9.6. Amendments to this policy

    We may update this Privacy Notice from time to time. This Privacy Notice applies to information we collect while that notice is in effect. When such changes occur, you will be able to view the new version of this Privacy Policy on our website. If we change this Policy in a manner that substantially alters your rights or obligations under this Policy, we will use reasonable efforts to notify you of the change. For example, we could send an email or similar notification when you access the services for the first time after such material changes are made. Your use of the Platform after the effective date of the changes constitutes acceptance of the amended terms. We reserve the right to apply the amended terms to the information we have already collected, subject to any legal requirements. We suggest that you review our Privacy Policy regularly to see if there have been any changes.

    10. Cookie Usage

    Our website does not use cookies to collect personal data. We only use cookies that are strictly necessary for the basic functionality of the website.

    11. How We Use Your Information

    We collect your information to fulfil our public task (serves as our legal basis for this data collection) and provide you with the service(s) you have requested.

    When you sign up, subscribe, and opt in to our communications through online channels, then you are giving us your consent to send you non-transactional communications through email. We will never send you these communications without your explicit consent, or seek to assess them out without proper unsubscribe mechanisms. You can opt out or unsubscribe from receiving these notifications at any time.

    The personal data we collect from you is only used for the purposes for which it was obtained. We ensure that we have a legal basis to use your personal information for the purposes mentioned in this Notice (usually with your consent, further to a legitimate interest's assessment, or because the use of your data is necessary to comply with a legal obligation).

    12. Transactional communications

    There are transactional communications that we are required to send regardless of your contact preferences. These are essential communications, deemed necessary to fulfil our contractual obligations to you. This may include thanking you for and renewal letters, member benefits, queries regarding returned mail, bounced payments, booking, and purchases-related communications.

    13. Responding to your queries

    If you contact us with queries, comments, complaints they we will keep a record of this correspondence and any associated documents so that we have the information available in the event of a follow up, dispute, or investigation.

    14. Notifying you of changes to policies

    If we make updates to our policies that may affect you, we will use your contact details to inform you of the changes.

    15. Marketing and Communications

    We may send you promotional communication based on your consent. The communication that we might share with you includes:

    • Details of other products, services, or events related to the museum, such as exhibitions, events, eCommerce shop, cafe, or restaurant offers etc.
    • News and updates about the museum such as our programmes, learning, promotions, or newsletters.
    • Studies and feedback surveys to provide you a better experience and serve you better.

    16. Analytics

    It is within the museum's legitimate interests to store and perform analytics on your data to continue to improve our understanding of our visitors. This allows us to deliver world-class transformative, visitor-focused experiences, customer support, and knowledgeable visit.

    Visitor analytics is done on aggregate basis so that individuals cannot be readily identified.

    We carry out customer analytics to improve our understanding of our target audiences. This helps us target our marketing more effectively, understand what topics you are interested in, and personalize and improve your experience if you have consented to receive communications from us.

    You can choose to opt out from our marketing related communications at any time by visiting our website.

    17. Sharing Information with Third Party

    We will never sell, trade, or transfer your personal information to any third parties or external organizations, except as required by law. Your data will be used solely for the purposes stated in this Privacy Notice and will not be shared or sold under any circumstances.

    18. How Long Do We Retain Your Data?

    The information that we hold about you will only be kept for such periods as is necessary to perform the required purpose unless longer retention of your personal information is required by law.

    19. Your Rights to Manage Your Data

    Under the UAE data privacy legislation, you have the following rights to have your data managed as per your wish:

    • The right to be informed about the collection and use of your personal data.
    • The right to access personal data and supplementary information.
    • The right to have inaccurate personal data rectified or completed if it is incomplete.
    • The right to erasure (to be forgotten) in certain circumstances.
    • The right to restrict processing in certain circumstances.
    • The right to data portability, which allows you to obtain and reuse your personal data for your own purposes across different services.
    • The right to object to processing in certain circumstances.
    • Rights in relation to automated decision-making and profiling.
    • The right to withdraw consent at any time (where relevant).
    • The right to complain to the relevant Supervisory Authority.

    Please note that the above rights are not absolute, and we may be entitled to refuse your requests where exceptions apply.

    20. Protection of Your Data

    We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal information to those employees, agents and contractors who have a business need to know. They will only process your personal information on and as per our instructions, and they are subject to a duty of confidentiality.

    21. Data Breach Notification

    We have put in place procedures to deal with any suspected data security breach and will notify you and the relevant authorities of a suspected breach where we are legally required to do so.

    22. Changes To This Privacy Notice

    Al Ain Museum may change and/or update this Privacy Notice from time to time to meet changes in the laws/standards, business needs, or to satisfy the needs of our visitors and members. We keep our Privacy Notice under regular review. Any changes to this Privacy Notice will be posted on our website and date-stamped so that you are always aware of the latest update.

    23. Have privacy - related queries?

    Contact us Should you have any concerns or questions regarding your privacy, you may submit your inquiries to [email protected]

Al Ain Museum Logo

46 Al Mut-haf St, Al Ain
United Arab Emirates

Stay Connected. Get the latest updates, stories, and news from Al Ain Museum.

Follow Us

© 2025 Al Ain Museum

Terms and ConditionsPrivacy PolicyCookie Policy