Updated at 18th May, 2026

Preamble:

This Privacy Notice (the “Notice”) is issued by Alpha Mind Holding Limited, together with its subsidiaries, affiliates, and controlled entities operating under the “AlphaMind Group” brand (collectively, “AlphaMind Group,” “we,” “our,” or “us”).

This Notice explains how we collect, use, disclose, transfer, store, and otherwise process Personal Data in connection with your access to and use of our Services (as defined below).

Our Services include our website, mobile applications (including loyalty applications such as “Mindset by AlphaMind”), physical hospitality venues, reservation systems, APIs, platforms, customer engagement tools, and any other digital or offline services operated or made available by AlphaMind Group (collectively, the “Services”).

By accessing or using our Services, you acknowledge that you have read and understood this Notice and agree to the processing of your Personal Data as described herein and in our Terms of Service.

AlphaMind Group is committed to protecting the privacy and Personal Data of individuals with whom it interacts and processes such data in accordance with applicable data protection laws, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, the UK GDPR, and Regulation (EU) 2016/679 (GDPR), each as amended, replaced, or superseded from time to time, together with any applicable telecommunications, regulatory, or lawful authority requirements (collectively, the “Applicable Law”).

Who We Are

  • AlphaMind Group operates hospitality venues and digital customer engagement Services, including restaurants, venues, websites, mobile applications, and loyalty programmes.
  • AlphaMind Group acts as the data Controller in respect of Personal Data processed under this Notice, unless otherwise stated for specific Services or processing activities.
  • Where we process Personal Data on behalf of Third Parties (for example, integrated partners or service providers), we act as a data Processor in accordance with Applicable Law.

Definitions and Key Terms For the purposes of this Notice:

  • Applicable Law has the meaning as per the preamble.
  • Controller means the entity which determines the purposes and means of processing Personal Data.
  • Cookie means a small text file placed on your device to enable functionality, analytics, and service improvement.
  • Processor means an entity that processes Personal Data on behalf of the controller.
  • Personal Data means any information relating to data subject an identifiable natural person which is one who can be identified, directly or indirectly, by reference to identifiers such as their name, voice, image, identification number, electronic identifier, location data, or by reference to one or more physical, physiological, genetic, mental, economic, cultural, or social characteristics specific to that natural person.
  • Services means all hospitality, digital, and customer engagement services operated by AlphaMind Group, including physical venues, digital platforms, mobile applications (including loyalty applications such as “Mindset by AlphaMind”), reservation systems, and any other online or offline services through which AlphaMind Group conducts its business.
  • Third-Party/(ies) means any entity other than AlphaMind Group, including any independent data controller, with whom AlphaMind Group interacts in connection with the Services, and which determines independently the purposes and means of processing Personal Data.
  • Website means alphamind-group.com and any associated subdomains.
  • You (you) / Data Subject refers to refers to any natural person whose Personal Data is processed under this Notice. In this Notice, “you” and “data subject” are used interchangeably.

Personal Data we collect

  • We collect and process only the Personal Data that is necessary for the operation, management, and provision of our Services.
  • We may collect Personal Data that you voluntarily provide to us when you interact with our Services, including when you make a reservation, register for an account, join our loyalty programme, or contact us for any purpose, which may include, where relevant and necessary for the provision of our Services, such as your name, email address, phone number, date of birth, nationality, residency or travel information, account, membership and loyalty programme details, as well as any communications, enquiries, or correspondence submitted to us.
  • We may also collect Personal Data generated through your use of our Services, including reservation and booking records, venue visit history and engagement activity, transaction data such as spend, frequency, and purchase history, participation in promotions, campaigns, events or surveys, and loyalty programme activity including points, tiers, and rewards.
  • When you access or use our Services, we may automatically collect certain technical and usage-related Personal Data, including IP address and approximate location data, device identifiers and device information, browser type, operating system and settings, usage data relating to your interaction with our Services, Cookies and similar tracking technologies, as well as log files, access times, and interaction data, all of which are collected strictly for operational, security, analytics, and service improvement purposes.
  • We may further receive Personal Data from trusted third-party sources, including reservation and booking platforms, payment and transaction service providers, marketing and CRM partners, social media platforms where permitted, and publicly available sources, provided that such data is processed only where necessary for the provision, management, and improvement of our Services and in accordance with Applicable Law.
  • We do not intentionally collect or process special categories of Personal Data unless strictly required under Applicable Law or voluntarily provided by you. Where such data is processed, it will be subject to enhanced safeguards in accordance with Applicable Law and will not be used for marketing or profiling purposes.

How We Use Your Personal Data

  • We use your Personal Data to operate, manage, and provide our Services, including to process reservations and transactions, manage customer relationships, personalise your experience across our venues and digital channels, communicate with you where you have opted in to receive marketing or service-related updates, improve and develop our Services, operations, and customer experience, and comply with applicable legal and regulatory obligations.
  • Your Personal Data may be combined across AlphaMind Group venues and Services to enable a consistent and unified customer experience, including the operation and administration of loyalty and engagement programmes such as the Mindset programme.
  • Where you participate in our loyalty or customer engagement programmes, we process additional Personal Data necessary for their operation, including points balances, rewards activity, tier status, spend and visit behaviour across AlphaMind venues, reservation and booking data, and engagement data relating to your interaction with our Services.
  • This Personal Data is used to administer your participation, including awarding and redeeming points and benefits, determining eligibility for tiers and rewards, personalising offers and experiences, and analysing usage patterns to improve our Services and the overall programme experience. Rewards and benefits are calculated based on eligible spend and may exclude certain items such as tips or adjustments where applicable.
  • We process We process your Personal Data on the following legal bases, as applicable: (i) performance of a contract where processing is necessary to provide and administer our Services; (ii) compliance with legal and regulatory obligations; (iii) legitimate interests pursued by AlphaMind Group, including service improvement, security, fraud prevention, and customer engagement, provided that such interests are not overridden by your fundamental rights and freedoms; and (iv) consent, where required, including for marketing communications and non-essential Cookies.

Personalisation and Profiling 

  • We may analyse your interactions with our Services to personalise your experience, including tailoring offers, rewards, and content. Such processing is limited to customer experience optimisation and does not produce legal or similarly significant effects on you within the meaning of Applicable Law.

Communications  

  • Where you have provided your consent, we may send you marketing communications, promotional offers, and updates relating to your account, loyalty programme, or our Services. You may withdraw your consent at any time by using the unsubscribe mechanism included in our communications or by contacting us directly. Withdrawal of consent will not affect the lawfulness of processing carried out prior to such withdrawal.

Sharing and Disclosure of Personal Data

  • We do not sell Personal Data.
  • We may share Personal Data with the following categories of recipients, acting either as independent data controllers or data processors, depending on their role in relation to the Services: other entities within the AlphaMind Group on a need-to-know basis and subject to appropriate confidentiality and data protection obligations, service providers and processors such as IT infrastructure providers, cloud hosting services, analytics providers, CRM and customer engagement systems, payment processors, and operational vendors acting strictly under our instructions, reservation platforms, booking systems, and other technology partners involved in the delivery of our Services, professional advisors including legal, financial, audit, and compliance consultants, regulatory authorities, courts, or law enforcement agencies where required by law or legal process, and third parties in connection with any merger, acquisition, restructuring, financing, or sale of assets.
  • All recipients are contractually required to process Personal Data only for specified purposes, implement appropriate technical and organisational security measures, and comply with Applicable Law. We do not permit any third party to use Personal Data for their own independent marketing or commercial exploitation.

International Data Transfers

  • Your Personal Data may be transferred to, stored in, or accessed from jurisdictions outside the United Arab Emirates, the European Economic Area (EEA), and the United Kingdom. These jurisdictions may not ensure the same level of data protection as that provided under the laws of your country of residence.
  • Where such transfers occur, AlphaMind Group ensures that appropriate safeguards are implemented in accordance with Applicable Law, including, where applicable, compliance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (“UAE PDPL”) cross-border transfer requirements, the UK General Data Protection Regulation (“UK GDPR”), and Regulation (EU) 2016/679 (“EU GDPR”).
  • Such safeguards may include the implementation of Standard Contractual Clauses (SCCs) approved by the European Commission and/or the UK Information Commissioner’s Office (ICO), adequacy decisions where applicable, binding contractual data protection obligations imposed on recipients, and such additional technical and organisational measures as are necessary to ensure an adequate level of protection for Personal Data during transfer, storage, and subsequent processing.

Security Measures 

  • We implement appropriate technical, organisational, and administrative security measures designed to protect Personal Data against unauthorised access, loss, alteration, disclosure, or destruction. These measures are applied in accordance with the nature, scope, and sensitivity of the Personal Data processed and reflect industry best practices.
  • Such measures include encryption of data in transit and at rest, access controls based on least-privilege principles, network security protections, monitoring systems, and internal governance procedures. While we apply strict security standards and continuously monitor our systems, no method of transmission or storage is completely secure, and we cannot guarantee absolute security of Personal Data.

Data Retention 

  • We retain Personal Data only for as long as necessary to fulfil the purposes for which it was collected, including the provision of Services, customer relationship management, and operational needs.
  • Where you maintain an active account or participate in our Services, Personal Data is retained for the duration of the relationship.
  • Following termination, Personal Data may be retained for a reasonable period where necessary to comply with legal, regulatory, tax, accounting, or reporting obligations, or to establish, exercise, or defend legal claims.
  • We determine retention periods based on the following criteria: the nature of the Personal Data, the purposes for which it is processed, legal and regulatory requirements, and the necessity to establish, exercise, or defend legal claims.
  • Where Personal Data is no longer required for the purposes set out above, it is securely deleted or irreversibly anonymised in accordance with applicable legal and regulatory requirements.

Your Rights

  • You may exercise your rights at any time, including the right to access your Personal Data, correct inaccurate data, request deletion of your data, object to or restrict certain processing, and withdraw consent for marketing communications, including the right to data portability where applicable under Applicable Law by submitting a request through the designated channels set out in this Notice (as per clause 15), including email or an official contact form.
  • Upon receiving a request, AlphaMind Group will:
    • Verify the identity of the requester in order to protect Personal Data from unauthorized access;
    • Review and assess the request in accordance with Applicable Law;
    • Respond by providing access to, rectifying, restricting, deleting, or transferring Personal Data, as applicable and where legally required;
    • Maintain a record of the request and the actions taken to ensure accountability and compliance with Applicable Law.
  • We will respond to requests within a reasonable timeframe, subject to the complexity of the request, applicable legal or regulatory obligations, and identity verification requirements.
  • Where AlphaMind Group acts as a Data Processor on behalf of a Third-Party Controller, any request relating to Personal Data should be directed to the relevant Controller. In such cases, AlphaMind Group will provide reasonable assistance to the Controller to facilitate compliance with Applicable Law, including in relation to requests for access, correction, deletion, restriction, objection, or data portability.
  • In the event of a Personal Data breach that may affect your rights or freedoms, AlphaMind Group will take appropriate technical and organisational measures to mitigate the impact and, where required under Applicable Law, will cooperate with the relevant supervisory authorities and notify affected individuals without undue delay.

Cookies and Similar Technologies

  • We use cookies, pixel tags, SDKs, and similar tracking technologies (collectively, “Cookies”) to ensure the proper functioning, security, and performance of our Services, analyse usage patterns, enhance user experience, and, where permitted under Applicable Law, support marketing, advertising, and customer engagement activities.
  • Cookies may be classified as essential Cookies (strictly necessary for the operation and security of the Services), functional Cookies (used to remember user preferences and settings), analytical Cookies (used to analyse usage and improve the performance of the Services), and marketing Cookies (used to deliver relevant communications, personalise content, and measure the effectiveness of campaigns).
  • Where required under Applicable Law, we will obtain your consent before placing or using non-essential Cookies on your device. The use of essential Cookies is based on our legitimate interests in ensuring the secure, efficient, and proper functioning of the Services. You may manage, modify, or withdraw your Cookie preferences at any time through your browser settings or any Cookie consent management tool made available through the Services. Withdrawal of consent will not affect the lawfulness of processing carried out prior to such withdrawal.

Automated Processing and Profiling 

  • We may use limited automated processing and profiling techniques to analyse user behaviour, preferences, engagement patterns, and activity across our Services in order to personalise experiences, tailor offers, allocate loyalty rewards, and improve customer engagement and service performance.
  • Such processing is used solely for operational, analytical, and marketing personalisation purposes and does not produce legal effects or similarly significant effects on you within the meaning of Applicable Law.
  • Where required under Applicable Law, you may object to such processing or withdraw consent at any time, subject to the limitations applicable to the provision of the Services.

Children

  • The Services are not directed to, and are not intended for use by, individuals under the age of 16 (or such higher age as may be required under applicable local law).
  • AlphaMind Group does not knowingly collect or solicit Personal Data from children.
  • Where we become aware that Personal Data has been collected from a child under the applicable minimum age without a valid legal basis, we will take reasonable steps to delete or anonymise such Personal Data as soon as practicable, subject to any legal, regulatory, or compliance retention obligations.
  • Where required or permitted under Applicable Law, we may implement appropriate safeguards to ensure compliance with child data protection requirements, including obtaining verifiable parental or guardian consent where necessary.

Contact Us

  • If you have any questions or wish to exercise your rights, you may contact us at:
  • Email: [email protected]
  • Website: alphamind-group.com

Updates to this Notice

  • We may update this Notice from time to time to reflect changes in our Services, legal or regulatory requirements, or our data processing practices.
  • Any updates will be published through our Services, including our Website, mobile applications, and any other digital interfaces through which AlphaMind Group makes the Services available. The revised version will take effect from the date of publication, unless otherwise required by Applicable Law.
  • Where required under Applicable Law, material changes will be notified to you in advance through appropriate communication channels.