Privacy Policy

Effective Date: April 01, 2026

Data Protection User Privacy Transparency

1. Introduction

1.1 Overview

This Privacy Policy ("Policy") provides a comprehensive overview of the data protection practices employed by Culia Limited, trading as Emirate Domains ("we", "us", "our"). Our organization is dedicated to protecting the privacy and personal data of our website users ("you", "your") and clients. We recognize the importance of privacy and are committed to implementing robust measures to ensure the confidentiality and security of your personal data. The purpose of this Policy is to inform you about how we collect, use, disclose, and safeguard your personal data when you interact with our services and website (https://emiratedomains.com). We adhere to stringent data protection principles and legal frameworks to ensure your data is handled with the utmost care and respect.

By using our services and website, you consent to the data practices described in this Policy. We encourage you to read this document thoroughly to understand how we manage your personal data and to be aware of your rights regarding your data.

This Policy is structured to provide clear and detailed information on our data protection practices, ensuring transparency and accountability in all our data processing activities. If you have any questions or concerns about this Policy or our data practices, please do not hesitate to contact us.

1.2 Company Information

Culia Limited (company number: 13395333) trading as Emirate Domains, is a company incorporated in England and Wales. Our registered office is located at 71-75 Shelton Street, London, England, WC2H 9JQ.

1.3 Legal Compliance

We are committed to ensuring that our data protection practices comply with applicable laws and regulations. Specifically, we adhere to the following legal frameworks:

  • Data Protection Act 2018 (DPA 2018): We comply with the DPA 2018, which governs the processing of personal data in the UK. This Act complements the UK General Data Protection Regulation (UK GDPR) and provides specific provisions on data protection and privacy.
  • UK General Data Protection Regulation (UK GDPR): As a data controller operating in the UK, we adhere to the UK GDPR. This regulation establishes the legal standards for the collection, processing, and storage of personal data and upholds individuals' rights to privacy and data protection.
  • EU General Data Protection Regulation (EU GDPR): In addition to the UK GDPR, we comply with the EU GDPR where applicable, particularly when processing personal data of individuals residing in the European Union. The EU GDPR sets out stringent requirements for data protection and privacy, ensuring that individuals' personal data is handled with care and respect.
  • California Consumer Privacy Act (CCPA): For users and clients located in California, we adhere to the CCPA. This Act provides California residents with specific rights regarding their personal data, including the right to access, delete, and opt-out of the sale of their personal information.


    • By aligning our data protection practices with these laws and regulations, we aim to uphold the highest standards of data privacy and security. If you have any questions or concerns about our compliance with these legal requirements, please do not hesitate to contact us.

    We encourage you to periodically review this policy to stay informed about our data protection practices and your rights.

    2. Data Controller

    2.1

    Culia Limited, a company registered in England and Wales with company number 13395333, is the designated data controller responsible for managing and protecting your personal data. As the data controller, we ensure that your personal data is processed in accordance with applicable data protection laws and regulations.

    Our responsibilities as a data controller include:

  • Determining the purposes and means of processing personal data.
  • Implementing appropriate measures to safeguard your personal data.
  • Ensuring transparency in how we collect, use, and disclose your personal


    • If you have any questions or concerns regarding the handling of your personal data, or if you wish to exercise any of your data protection rights, please contact us using the details provided in Section 13 of this Privacy Policy.

    3. Data Collection

    3.1 Types of Personal Data Collected In the course of providing our services and operating our website, we may collect, use, store, and transfer various types of personal data about you. The types of personal data we collect include, but are not limited to, the following:

    3.1.1 Contact Information

  • Name: Your full name as provided.
  • Email Address: Your email address for communication purposes.
  • Postal Address: Your residential or business address.
  • Telephone Number: Your contact number for reaching you directly.


    • 3.1.2 Identity Data
  • Government-Issued Identification Numbers: Any identification numbers issued by government authorities, such as passport numbers or national identification numbers, where necessary for verification purposes.


    • 3.1.3 Financial Data
  • Payment Details: Information related to financial transactions, including bank account details and payment card information, required for processing payments and managing financial transactions.


    • 3.1.4 Technical Data
  • Internet Protocol (IP) Address: Your IP address used to connect to the internet.
  • Browser Type and Version: Information about the web browser you use to access our website.
  • Time Zone Setting: Your local time zone setting.
  • Browser Plug-In Types and Versions: Details about the browser plug-ins installed on your device.
  • Operating System and Platform: Information about the operating system and platform of your device.
  • Other Technology: Details of other technology on the devices you use to access our website.


    • 3.1.5 Usage Data
  • Website Usage: Information about how you interact with our website, including pages visited, links clicked, and other usage patterns.
  • Product and Service Usage: Data on how you use our products and services, including frequency and nature of use.


    • 3.1.6 Marketing and Communications Data
  • Marketing Preferences: Your preferences regarding receiving marketing communications from us.
  • Communication Preferences: Your preferences for how we communicate with you, including preferred methods and frequency of contact. We collect this data to provide and improve our services, communicate with you effectively, and ensure the security and functionality of our website. If you have any questions about the data we collect or how it is used, please refer to the relevant sections of this Privacy Policy or contact us directly.


    • 3.2 Methods of Collection We employ various methods to collect data from and about you, which include:

    3.2.1 Direct Interactions You may provide us with personal data through direct interactions. This can occur in several ways, such as:
  • Filling in Forms: When you complete forms on our website, such as registration or contact forms.
  • Correspondence: When you communicate with us via post, telephone, email, or other communication methods.


    • 3.2.2 Automated Technologies During your interaction with our website, we may automatically collect technical data through automated technologies. This includes:
  • Technical Data Collection: Information about your device and browsing activities, such as your IP address, browser type and version, time zone setting, and operating system.
  • Usage Tracking: Data on your browsing actions and patterns, including pages visited and links clicked.


    • 3.2.3 Third Parties or Publicly Available Sources We may obtain personal data about you from external sources, including:
  • Analytics Providers: Companies that provide analytics services to help us understand user behavior and improve our website.
  • Advertising Networks: Organizations that assist in delivering targeted advertisements and measuring their effectiveness.
  • Publicly Available Sources: Information available in the public domain that may be relevant to our data processing activities.


    • These methods enable us to gather comprehensive data to enhance our services, ensure effective communication, and improve user experience. If you have any concerns about the data collection methods we use, please refer to the relevant sections of this Privacy Policy or contact us for more information.

    4. Legal Basis for Processing

    We process your personal data based on several legal grounds, as outlined below:

    4.1 Consent We may process your personal data when you have provided explicit consent for us to do so for a specific purpose. This consent is obtained through your clear and informed agreement, which allows us to handle your data in accordance with your preferences and the purpose for which consent was given.

    4.2 Contractual Necessity Processing of your personal data is necessary for the performance of a contract to which you are a party. This includes situations where processing is required to fulfill contractual obligations, such as delivering services or managing transactions, or to take steps at your request before entering into a contract.

    4.3 Legal Obligation We may process your personal data when it is required to comply with a legal obligation to which we are subject. This includes adherence to regulatory requirements, legal claims, or other obligations mandated by law.

    4.4 Legitimate Interests Processing is conducted based on our legitimate interests or those of a third party, provided that your interests, fundamental rights, and freedoms do not override these interests. Legitimate interests may include:

  • Operational Efficiency: Enhancing our services and business operations.
  • Fraud Prevention: Detecting and preventing fraud or other illegal activities.
  • Business Development: Improving user experience and tailoring marketing efforts.


    • Each processing activity based on legitimate interests is carefully assessed to ensure that it aligns with your rights and interests, and we undertake measures to mitigate any potential impact on your privacy.

    5. Use of Personal Data

    We use your personal data for various purposes essential to providing and improving our services. The detailed purposes for which we process your data are as follows:

    5.1 To Provide Services We utilize your personal data to deliver and facilitate our core services, including:

  • Domain Brokerage Services: Acting as an appointed representative in the buying and selling of domain names, matching buyers and sellers, and overseeing transactions.
  • Advisory Services: Offering expert advice and consultation related to domain acquisition, sales strategies, and market trends. This use ensures that we effectively perform our contractual obligations and meet your needs related to domain transactions and advisory.


    • 5.2 To Process Transactions Your personal data is used to manage and process financial transactions related to our services, including:
  • Payment Management: Handling payments, processing fees, and/or managing financial transactions associated with domain brokerage services.
  • Debt Collection: Collecting and recovering any amounts owed to us, including managing overdue payments and resolving payment disputes. This processing is crucial for maintaining the financial integrity of our services and ensuring proper transaction handling.


    • 5.3 To Manage Customer Relationships We use your personal data to maintain and enhance our relationship with you, including:
  • Notification of Changes: Informing you about any updates or changes to our terms and conditions, privacy policy, or other important aspects of our services.
  • Customer Support: Providing assistance and support in response to your queries, issues, or requests related to our services. Effective management of customer relationships ensures that we address your needs and maintain clear communication.


    • 5.4 To Improve Our Services We process your personal data to continually improve and enhance our services, including:
  • Business Administration: Managing and protecting our business operations and website.
  • Troubleshooting and Maintenance: Identifying and resolving issues, performing system maintenance, and ensuring the smooth functioning of our website.
  • Data Analysis and Reporting: Analyzing data to understand usage patterns, evaluate performance, and generate reports to inform business decisions.
  • System Support: Providing ongoing support to optimize service delivery and user experience. This use of data helps us enhance the quality and reliability of our services.


    • 5.5 Marketing and Communications We use your personal data to keep you informed and engaged with our offerings, including:
  • Notifications and Updates: Sending relevant information about our services, including updates, promotions, and special offers.
  • Promotional Content: Delivering marketing materials and content tailored to your interests and preferences.


    • This allows us to communicate effectively and provide you with information that may be of interest to you, subject to your preferences and consent.

    6. Data Retention

    We may share your personal data with various third parties and entities under specific circumstances, as detailed below:

    6.1 Service Providers We engage with third-party service providers to assist us in performing our functions and providing our services. This may include:

  • IT and System Administration Services: Providers who manage and support our IT infrastructure, including website hosting and maintenance.
  • Payment Processing Services: Companies such as Stripe, Wise and Escrow businesses that handle financial transactions, including processing payments and managing financial data.


    • These service providers are contractually obligated to handle your data securely and only use it for the purposes specified in their agreements with us.

    6.2 Professional Advisers We may disclose your personal data to professional advisers, including:
  • Lawyers: For legal advice and representation in matters related to our business operations and legal compliance.
  • Bankers: For financial services and transactions related to our business.
  • Auditors: For conducting audits and ensuring compliance with financial and regulatory requirements.
  • Insurers: For managing insurance policies and claims.


    • These advisers are bound by confidentiality obligations and are only permitted to use your data for the purposes of providing their professional services.

    6.3 Regulatory Authorities We may share your personal data with regulatory authorities where required to:
  • Compliance with Legal Obligations: Fulfill legal and regulatory requirements, such as reporting obligations, audits, or investigations.
  • Enforcement of Legal Rights: Protect and enforce our legal rights or those of our clients, including responding to legal processes and court orders. Such disclosures ensure that we adhere to legal and regulatory frameworks and maintain transparency in our operations.


    • 6.4 Third Parties in the Event of Business Changes In the event of significant business changes, such as:
  • Merger or Acquisition: If we undergo a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the new entity or purchaser as part of the business transaction.
  • Asset Sale: If we sell or transfer our business assets, your data may be included in the transaction to ensure continuity of services. We will take appropriate measures to ensure that your personal data is handled with the same level of protection as outlined in this Privacy Policy, even in the context of business transitions.


    • If you have any questions about how your data is shared or disclosed, or if you wish to obtain further information, please refer to the relevant sections of this Privacy Policy or contact us directly.

    7. International Transfers

    7.1 Data Transfer Outside the UK and EEA Your personal data may be transferred to and processed in countries outside the United Kingdom (UK) and the European Economic Area (EEA). Such international transfers are necessary for us to provide our services and fulfill our contractual obligations.

    When transferring personal data to countries that have not been deemed by the UK or the European Commission to provide an adequate level of data protection, we implement appropriate safeguards to ensure that your data remains protected. Specifically:

  • Standard Contractual Clauses (SCCs): For the transfer of personal data originating from the United Kingdom (UK) or the European Economic Area (EEA) to jurisdictions outside these territories that are not recognized as providing an adequate level of data protection, we mandate that all intra-group entities and external service providers adhere to the European Commission's Standard Contractual Clauses (SCCs). These SCCs are implemented as binding contractual obligations designed to ensure that the personal data of individuals within the UK and EEA is afforded a level of protection that is substantively equivalent to that which is legally required within the UK and EEA.


  • Other Safeguards: In the context of data transfers involving individuals who reside outside the UK and EEA, such as but not limited to the transfer of personal data from Americas to third countries, we undertake a rigorous assessment of the applicable legal frameworks in the originating jurisdiction. Where deemed necessary, we may impose contractual safeguards analogous to the SCCs to ensure that the data is subject to appropriate protection measures, taking into consideration the specific legal and regulatory context of the transfer in question.


    • By adhering to these safeguards, we ensure that your personal data is protected in accordance with the standards required by UK GDPR, EU GDPR, and other relevant data protection regulations.

    8. Data Security

    8.1 Data Security Measures We are committed to ensuring the security of your personal data. To protect your information from accidental loss, unauthorized use, access, alteration, or disclosure, we have implemented a range of appropriate security measures, including:

  • Technical Safeguards: Utilization of encryption technologies, secure servers, and robust firewall protections to safeguard data both in transit and at rest.
  • Access Controls: Implementation of strict access controls to ensure that only authorized personnel can access personal data. Access is granted based on the principle of "need-to-know," meaning that only employees, agents, contractors, and other third parties who require access to perform their duties are granted permissions.
  • Data Handling Procedures: Establishment of clear procedures and protocols for the handling and processing of personal data. This includes routine audits, data protection impact assessments, and regular reviews of security practices.
  • Confidentiality Obligations: All employees, agents, contractors, and third parties involved in the processing of personal data are bound by confidentiality agreements and must adhere to strict data protection policies. They are required to process personal data solely in accordance with our instructions and must maintain its confidentiality.


    • These measures are regularly reviewed and updated to respond to emerging threats and changes in technology, ensuring that we maintain a high standard of data protection and security.

    9. Data Retention

    9.1 Retention Period We are committed to retaining your personal data only for as long as necessary to achieve the purposes for which it was collected. This includes fulfilling legal, accounting, and reporting requirements. Our approach to data retention is governed by the following principles:

  • Purpose Limitation: Personal data will be retained only for the duration required to meet the specific purposes for which it was collected. Once these purposes have been fulfilled, we will assess whether further retention is necessary based on legal, regulatory, or business needs.
  • Legal and Regulatory Requirements: We retain personal data as required to comply with applicable legal and regulatory obligations. This may include obligations related to taxation, audit, and other legal reporting requirements.
  • Data Deletion: Once the retention period has expired or the data is no longer necessary for the purposes for which it was collected, we will securely delete or anonymize the data to prevent unauthorized access or use.


    • We regularly review our data retention practices to ensure compliance with legal requirements and to align with best practices in data protection.

    10. Your Legal Rights

    10.1 Access We are committed to retaining your personal data only for as long as necessary to achieve the purposes for which it was collected. This includes fulfilling legal, accounting, and reporting requirements. Our approach to data retention is governed by the following principles:

    10.2 Rectification You have the right to request the correction of inaccurate or incomplete personal data. If you believe that any information we hold about you is incorrect or needs updating, you may request us to rectify it. This right is applicable to residents of the UK, EU, and California.

    10.3 Erasure You have the right to request the deletion or removal of your personal data where there is no longer a valid reason for us to retain it. This right is also known as the “right to be forgotten” and is applicable to residents of the UK, EU, and California.

    10.4 Restriction of Processing You have the right to request the suspension of processing of your personal data under certain circumstances. This may include situations where you contest the accuracy of your data or object to its processing. This right applies to residents of the UK, EU, and California.

    10.5 Data Portability You have the right to request the transfer of your personal data to another organization or directly to you, in a structured, commonly used, and machine-readable format. This right applies where the processing is based on consent or a contract and is carried out by automated means, specifically for residents of the UK, EU, and California.

    10.6 Objection You have the right to object to the processing of your personal data if we are relying on legitimate interests as the legal basis for processing. You may also object to the processing of your data for direct marketing purposes. This right is relevant to residents of the UK, EU, and California.

    10.7 How to Exercise Your Rights To exercise any of the rights mentioned above, please contact us at: Email: privacy@emiratedomains.com When making a request, we may need to ask for specific information to verify your identity and confirm your right to access the data or exercise any other rights. This is to ensure that your personal data is protected and not disclosed to unauthorized parties. Please note that these rights are specific to residents of the UK, EU, and California and may be subject to exceptions, particularly where legal reasons apply. We will respond to your request in accordance with applicable data protection laws and regulations. If you have any questions or need further assistance regarding your rights, please do not hesitate to contact us.

    11. Complaints

    11.1 Internal Complaints Procedure If you have any concerns or complaints about how we handle your personal data, please contact us directly at: Email: privacy@emiratedomains.com

    We take all complaints seriously and aim to address them promptly. Upon receiving your complaint, we will investigate the matter and respond to you within a reasonable timeframe. If necessary, we will take appropriate actions to resolve any issues identified.

    11.2 Regulatory Complaints In addition to our internal complaints procedure, you have the right to lodge a complaint with the relevant regulatory authority if you believe that your data protection rights have been violated.

    11.2.1 For individuals in the UK, this is: Information Commissioner’s Office (ICO)

    Website: www.ico.org.uk

    The ICO is the UK’s supervisory authority for data protection matters. You can contact the ICO directly to seek guidance, raise concerns, or file a formal complaint regarding our data processing practices. We encourage you to contact us first to resolve any issues before reaching out to the ICO, but you are free to approach them at any time if you believe it is necessary.

    11.2.2 For individuals in the EU, you can contact: European Data Protection Supervisor (EDPS)

    Website: www.edps.europa.eu

    The EDPS is responsible for monitoring and ensuring the protection of personal data within EU institutions and bodies. If you are an EU resident, you may contact the EDPS to address any concerns about our data processing practices.

    11.2.3 For individuals in California, you can contact: STATE OF CALIFORNIA DEPARTMENT OF JUSTICE OFFICE OF THE ATTORNEY GENERAL (CDOJ OAG)

    Website: oag.ca.gov

    The California OAG oversees compliance with data protection laws in California. If you are a California resident, you may reach out to the OAG to file a complaint or seek guidance regarding our data processing practices.

    12. Policy Updates

    12.1 Policy Updates We regularly review and update our Privacy Policy to reflect changes in our practices, legal requirements, or other relevant factors. Any modifications to this policy will be published on this page, ensuring that you are always informed about how we collect, use, and protect your personal data. Significant changes that may affect your rights or how your data is handled will be communicated to you directly via email or through a prominent notice on our website.

    We encourage you to periodically review this policy to stay informed about our data protection practices and your rights

    13. Contact Information

    13.1 Contact Information For any inquiries or concerns regarding this Privacy Policy or our data protection practices, please reach out to us using the following contact details: Culia Limited

    Trading as Emirate Domains

    71-75 Shelton Street

    London, England, WC2H 9JQ

    Email: Privacy@emiratedomains.com

    We are committed to addressing your questions and resolving any issues related to your personal data.