Privacy Policy

Last updated: April 2, 2026

1. Introduction

PCIS ("Private Client Intelligence Solutions"), operated by MFB Consultancy, provides a SaaS platform for real estate brokers in the UAE and GCC region. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including the PCIS Command Center and related services.

2. Information We Collect

We may collect the following types of information:

Account Information: When you register or use our platform, we collect your name, email address, phone number, and business details necessary to provide our services.

WhatsApp Business Data: When you connect your WhatsApp Business Account through our platform via Meta's Embedded Signup flow, we access and manage data on your behalf, including message templates, conversation metadata, and messaging activity. This data is processed in accordance with Meta's Platform Terms.

Usage Data: We collect information about how you interact with our platform, including pages visited, features used, and performance metrics.

Device and Technical Data: We may collect browser type, IP address, and device information for security and service optimization purposes.

3. How We Use Your Information

We use the information we collect to provide, maintain, and improve our SaaS platform and services; manage WhatsApp Business communications on your behalf; send and receive messages through the WhatsApp Cloud API; manage message templates via the WhatsApp Business Management API; communicate with you about your account, updates, and support; ensure the security and integrity of our platform; and comply with legal obligations.

4. Meta Platform Data

Our application integrates with Meta's WhatsApp Business Platform. When you connect your WhatsApp Business Account, we access data through Meta's Graph API using the whatsapp_business_messaging and whatsapp_business_management permissions. We only access the data necessary to provide our services, and we handle all Meta Platform Data in accordance with Meta's Platform Terms and Developer Policies.

We do not sell, license, or otherwise distribute Meta Platform Data to third parties. We do not use Meta Platform Data for purposes other than providing and improving our services to you. We retain Meta Platform Data only for as long as necessary to provide our services or as required by law.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information with trusted service providers who assist us in operating our platform (such as hosting, authentication, and analytics providers), and only to the extent necessary to provide our services. We may also disclose information when required by law, to protect our rights, or to comply with legal processes.

6. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS/SSL), secure server-side storage of API tokens and credentials, role-based access controls, and regular security assessments. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention and Deletion

We retain your data for as long as your account is active or as needed to provide our services. You may request deletion of your data at any time by contacting us. Upon account termination, we will delete your data within 90 days, except where retention is required by law. For Meta Platform Data, we will delete such data promptly upon your request or when it is no longer needed for the purpose for which it was collected.

8. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data; object to or restrict certain processing; request data portability; and withdraw consent where processing is based on consent. To exercise these rights, please contact us using the information below.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete such information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of our services after any changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: