Get Support

800 1234 1234

GDPR Policy

Organisation Name: 1XL LLC FZ and One XL Info LLP (referred to as “Organisation”)
Organisation Email ID: info@1XL.com
Organisation Website: 1XL.com
Registered Address: Floor 141, Burj Khalifa, Dubai. P. O. Box No. - 74242
Jainam Tower, Sai Park, Thergaon, Pune - 411033, Maharashtra, India
Registered Countries: U.A.E. and India
Last Modified Date of GDPR Policy: 28th March 2025

At 1XL LLC FZ and One XL Info LLP, we prioritise the protection and privacy of your personal data. This Privacy Policy outlines how we collect, use, share, and protect your personal data in compliance with the UAE Data Protection Law, General Data Protection Regulation (GDPR) (when applicable), and other relevant data privacy regulations. Our services include SaaS platforms, online courses, events, podcasts, travel services, and associated websites.

By accessing our Website, subscribing to our services, or purchasing products, you agree to this Privacy Policy and the collection, use, and processing of your personal data as described herein. If you do not agree with the terms outlined in this Privacy Policy, please refrain from using our services.

Website Data Protection Statement for Data Subjects Pursuant to Articles 13 and 14 of the EU General Data Protection Regulation (GDPR)

Data protection is of paramount importance to 1XL LLC FZ and One XL Info LLP (hereinafter referred to as “Organisation”, “we”, “our”, or “us”). The use of our website and associated platforms is possible without the requirement to provide personal data; however, to use specific services on our website (including SaaS, courses, events, podcasts, travel services, and related services), personal data processing may be necessary. Where the processing of personal data is required and no legal basis exists, we will seek consent from the data subject. We may request that you provide certain personally identifiable information that allows us to contact or identify you.

This Privacy Policy outlines how we collect, use, and process your personal data, as well as your rights concerning this data, in compliance with the General Data Protection Regulation (GDPR) and the UAE Data Protection Law, along with other applicable privacy regulations.

Table of Contents
  • Definitions
  • Controller
  • Collection of General Data and Information
  • Subscription to Newsletters
  • Newsletter Tracking
  • Routine Erasure & Data Blocking
  • Rights of Data Subjects
    • Right to Confirmation (Art. 15 GDPR)
    • Right of Access (Art. 15 GDPR)
    • Right to Rectification (Art. 16 GDPR)
    • Right to Erasure / Right to be Forgotten (Art. 17 GDPR)
    • Right to Restriction of Processing (Art. 18 GDPR)
    • Right to Data Portability (Art. 20 GDPR)
    • Right to Object (Art. 21 GDPR)
  • Automated Decision-Making & Profiling
  • Right to Withdraw Consent
  • Data Protection for Job Applications & Hiring Process
  • Legal Basis for Processing
  • Law Enforcement & Legal Disclosure
  • Security Measures for Data Protection
  • Email Marketing & Communication
  • Payments & Financial Transactions
  • Retention Period for Personal Data
  • Provision of Personal Data: Contractual & Legal Requirements
  • IT-Security & Encryption Measures
  • International Transfers
  • Existence of Automated Decision-Making
  • Changes & Updates to the Privacy Policy
Definitions
  • Website : Refers to all online platforms and services provided by the Organisation, including but not limited to SaaS platforms, online courses, events, podcasts, and travel bookings.
  • Personal Data : Any information relating to an identified or identifiable individual (“data subject”), including identifiers such as name, identification number, location data, online identifiers, and other personal characteristics.
  • Data Subject : A natural person whose personal data is being processed by the Organisation.
  • Processing : Any operation performed on personal data, such as collection, storage, alteration, retrieval, consultation, use, disclosure, or erasure.
  • Controller : The entity responsible for determining the purposes and means of processing personal data. In this case, the Organisation (1XL LLC FZ and One XL Info LLP).
  • Processor : Any third-party entity that processes personal data on behalf of the controller.
  • Consent : A freely given, specific, informed, and unambiguous indication of the data subject's agreement to the processing of their personal data.
Controller

The Controller responsible for the processing of personal data is:

  • 1XL LLC FZ (UAE)
  • One XL Info LLP (India)
  • Contact: info@1XL.com

The above entities jointly determine the purposes and means of processing personal data collected via our platforms.

Collection of General Data and Information

When you visit our website, the following general data and information are automatically collected and stored in server log files:

  • Browser types and versions used
  • The operating system used by the accessing system
  • The website from which the system accesses our website (referrer URL)
  • Sub-pages accessed on our platforms (e.g., SaaS products, online courses, event pages, podcasts, or travel bookings)
  • Date and time of access
  • Internet Protocol (IP) address
  • Internet Service Provider (ISP) of the accessing system

This general data is used to optimise the content of our website, enhance security, and improve user experience across our services. Additionally, this data helps in the protection of our IT systems and ensures compliance with law enforcement when required.

Subscription to Newsletters

We offer an option for users to subscribe to newsletters, where we inform subscribers about updates related to our services, including SaaS products, online courses, events, podcasts, and travel bookings. Subscription requires:

  • A valid Email ID
  • Registration for the newsletter

We use a double opt-in process, meaning that after initial registration, you will receive a confirmation email to verify your intent to subscribe. For security purposes, we also store the IP address used for registration and the date and time of the subscription.

Newsletter Tracking

Our newsletter may contain tracking pixels that allow us to analyse the success of our campaigns. This includes monitoring if and when emails were opened and which links were clicked. This data helps us tailor our future newsletters to better suit your interests.

Routine Erasure & Data Blocking

We process and store personal data only for as long as necessary to fulfill the purposes for which the data was collected or as required by applicable law. Once data is no longer necessary for its purpose, it will be erased or blocked as required by law.

Rights of Data Subjects

As a data subject, you have the following rights:

  • Right to Confirmation (Art. 15 GDPR): You can request confirmation whether we process your personal data.
  • Right of Access (Art. 15 GDPR): You can obtain a copy of the personal data we hold about you, including information about the processing purposes and third-party recipients.
  • Right to Rectification (Art. 16 GDPR): You can request correction of inaccurate data or completion of incomplete data.
  • Right to Erasure / Right to be Forgotten (Art. 17 GDPR): You can request the erasure of your personal data when it is no longer necessary or if you withdraw consent (unless we are legally required to retain it).
  • Right to Restriction of Processing (Art. 18 GDPR): You can request a restriction on the processing of your data in certain situations.
  • Right to Data Portability (Art. 20 GDPR): You can request the transfer of your personal data in a structured, machine-readable format to another service provider.
  • Right to Object (Art. 21 GDPR): You can object to the processing of your data, especially for marketing purposes.
Automated Decision-Making & Profiling

We do not carry out automated decision-making or profiling that significantly affects you, except where explicitly agreed (e.g., personalised recommendations for SaaS services or course content).

Right to Withdraw Consent

You have the right to withdraw your consent for the processing of your personal data at any time. This can be done by contacting us directly at info@1XL.com.

Data Protection for Job Applications & Hiring Process

We collect and process personal data for job applications to assess candidates for positions within the Organisation. If no contract is concluded, the application data will be erased after six months, unless required for legitimate interests.

Legal Basis for Processing

The legal basis for processing your personal data includes:

We process personal data on the following legal bases:

  • Consent (Art. 6(1)(a)): For marketing emails, newsletter subscriptions.
  • Contractual Necessity (Art. 6(1)(b)): To fulfill SaaS access, course delivery, event registration, etc.
  • Legal Obligation (Art. 6(1)(c)): Compliance with legal obligations (tax, financial regulations).
  • Legitimate Interests (Art. 6(1)(f)): Analytics, service improvement, fraud prevention.
Law Enforcement & Legal Disclosure

We may disclose your personal data if required by law or in response to valid public authority requests, such as for law enforcement purposes, or to protect our rights and property.

Security Measures for Data Protection

We implement robust security measures, including encryption, to protect your personal data during transmission and storage. While we strive for maximum security, no system is 100% secure.

Email Marketing & Communication

We may use your personal data to send you newsletters, offers, and updates related to our services. You can unsubscribe at any time by following the instructions in the email or contacting us directly.

Payments & Financial Transactions

For payments related to our services, we use third-party payment processors (e.g., PayPal, Stripe, Google Pay). These processors adhere to PCI-DSS standards to ensure secure handling of your payment data.

Retention Period for Personal Data

We retain personal data for the duration necessary to fulfill contractual obligations or as required by law. Once the retention period expires, the data is deleted or anonymised.

Provision of Personal Data: Contractual & Legal Requirements

Providing personal data is necessary to fulfill contracts (e.g., SaaS services, event registrations). Failure to provide the required data may result in the inability to fulfill these services.

IT-Security & Encryption Measures

We use SSL encryption to secure data transfers. All sensitive information, including payment data, is transmitted securely using industry-standard encryption methods.

International Transfers

We ensure that international data transfers (including between UAE and India) comply with GDPR safeguards, including:

  • Adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
Existence of Automated Decision-Making

We do not engage in automated decision-making or profiling, except where explicitly necessary and based on your consent.

Changes & Updates to the Privacy Policy

We reserve the right to update this Privacy Policy to comply with new legal requirements or introduce new services. Updates will be posted on this page, and significant changes will be communicated to users directly.