Legal
Privacy Policy.
Last updated: 17 June 2026
This Privacy Policy describes how R and L AI Technologies L.L.C-FZ collects, uses, stores, transfers, protects, and processes personal information when users access or use the mAmI APP and related services.
1. Data Controller
R and L AI Technologies L.L.C-FZ, Meydan Free Zone, Dubai, UAE.
2. Scope
Applies to the mAmI APP:
- AI services.
- Cowork Mode.
- Messaging and Wellness features.
- Family profiles.
- Reminders, integrations, and related technologies.
The Service is currently intended primarily for consumer users (B2C), specifically mothers and families, although future business or enterprise offerings may be introduced.
3. Categories of Data
Depending on how users interact with the Service, the mAmI APP may collect and process the following categories of information:
(a) Account Information
Including email address, authentication credentials, Apple Sign-In information, Google Sign-In information, language preferences, subscription status, and account settings.
(b) Optional Profile Information
The mAmI APP may request limited profile information including name, gender, and age. Providing such information is entirely optional and non-mandatory. The Service may continue functioning without this information, although certain personalization features, recommendations, reminders, or contextual assistance may be limited.
(c) AI Conversations and Interactions
Chat messages, prompts, reminders, scheduling requests, emotional reflections, journaling inputs, wellness-related interactions, and organizational requests. Conversational memory and contextual information may be retained to improve continuity, personalization, reminders, contextual assistance, and user experience across sessions. Such information may include prior interactions, preferences, reminders, wellness-related inputs, organizational context, and personalization settings.
Where functionality is available, users may delete individual conversations, reset conversational memory, or delete account-related conversational data.
(d) Family and Child Information
Users may voluntarily add family member information, including child name, age, gender, milestones, reminders, developmental information, vaccination schedules, and related family organizational information. Where enabled, users may voluntarily record vaccination-related information, including completed, delayed, missed, or declined vaccinations for reminder and family organization purposes.
Users remain solely responsible for ensuring they possess legal authority and necessary consents before submitting information relating to minors or third parties. Users are solely responsible for the accuracy, completeness, and maintenance of family and vaccination-related information. The mAmI APP does not independently verify family relationships, guardianship, medical accuracy, vaccination status, or legal authority.
(e) Wellness and Emotional Reflections
Users may voluntarily provide emotional wellbeing reflections, stress-related concerns, mental load observations, gratitude entries, journaling inputs, and wellbeing information.
(f) Voice and Speech Data
Voice recordings, audio inputs, speech-to-text transcriptions, and voice-generated requests where voice functionality is enabled.
(g) Photos and Uploaded Content
Images and photographs may be voluntarily uploaded for grocery recognition, contextual AI assistance, community features, or related functionality. Community-related photos, posts, and user-shared content may be stored to support community functionality, continuity, and user-requested features. Photos uploaded for grocery recognition or contextual assistance may be processed temporarily for analysis and may be automatically deleted after processing unless users choose to save such content. Certain image-processing functionality may involve artificial intelligence providers for contextual analysis and assistance.
Users must not upload photographs, biometric images, facial recognition data, or other images of minors through the Service unless expressly enabled by functionality made available within the Service. The Service is not designed to collect, analyze, identify, verify, authenticate, or process facial recognition data relating to children. Any unauthorized upload of images relating to minors, including photographs submitted without appropriate authority, permission, or consent, remains solely the responsibility of the user.
(h) Location Information
Location (GPS) data while the Service is actively used, including for doctor/hospital search, grocery support, country-based emergency support, and personalized recommendations. The mAmI APP does not conduct continuous background location tracking.
(i) Contacts and Calendar Data
Where authorized by users, contacts, calendars, scheduling information, reminders, and authorized email integrations.
(j) Technical and Usage Information
Device identifiers, operating system information, app activity, crash reports, usage diagnostics, performance metrics, and technical logs.
3.1 Sensitive Personal Data
Certain features of the Service may involve the voluntary submission of health-related information, emotional wellbeing information, child-related information, developmental information, vaccination-related information, or other information that may be considered sensitive personal data under applicable law.
Such information is processed solely to provide functionality requested by the user, including reminders, organization, contextual assistance, personalization, and family-related support. The mAmI APP does not use sensitive personal information for advertising, sale of personal information, behavioral advertising, independent medical assessment, or unrelated commercial purposes. Where required by applicable law, the Company will seek appropriate consent prior to processing sensitive personal data.
The Company does not independently verify, validate, audit, review, monitor, or guarantee the medical accuracy, completeness, timeliness, reliability, or suitability of health-related, vaccination-related, developmental, wellness-related, or family-related information submitted, stored, generated, or maintained through the Service. Users remain solely responsible for reviewing, validating, and independently verifying such information and for obtaining appropriate professional medical advice where necessary.
4. GDPR Legal Bases
Consent, contract performance, legal obligations, legitimate interests, and vital interests where applicable.
4.1 UAE Legal Basis for Processing
In accordance with UAE Federal Decree-Law No. 45 of 2021 concerning the Protection of Personal Data (PDPL), personal data may be processed based on user consent, contractual necessity, legal obligations, legitimate interests, protection of vital interests, or any other lawful basis recognized under applicable law.
5. Minors and Family Data
The mAmI APP is intended for adult users. Minors may not independently create accounts. Users may voluntarily enter limited information relating to family members or minors for organizational, reminder, scheduling, and family-management purposes.
Users represent and warrant that:
- they possess full legal authority and required permissions to provide such information;
- they are the parent, guardian, or otherwise legally authorized person where required;
- submitted information is accurate to the best of their knowledge.
The mAmI APP does not independently verify family relationships, guardianship, or legal authority. The Company shall not be liable for claims arising from unauthorized, inaccurate, incomplete, or unlawful submission of family or minor-related data by users.
5.1 Parent-Provided Information
Any information relating to children, minors, family members, dependents, caregivers, or other third parties is provided solely at the direction of the user. The Company does not independently collect personal information directly from children and does not actively seek to verify the identity, age, parental status, guardianship status, custody rights, or legal authority of any individual submitting such information.
By providing information relating to a child or third party, the user represents and warrants that they possess all necessary rights, permissions, authorizations, and legal authority required under applicable law to provide such information and to authorize its processing through the Service. The Company may rely upon such representations without independent verification and shall not be responsible for determining the existence, validity, or scope of parental rights, guardianship rights, custody arrangements, family relationships, or legal authority associated with information submitted by users.
6. AI Processing
The mAmI APP uses artificial intelligence systems to provide reminders, emotional support, organizational assistance, scheduling support, recommendations, wellness reflections, and contextual conversations. Users expressly acknowledge and agree that:
- interactions occur with artificial intelligence systems and not human representatives;
- no human therapist, psychologist, doctor, advisor, or employee is providing direct responses;
- any perceived empathy, emotional understanding, personalization, or conversational tone is generated by artificial intelligence systems and automated processes.
The Service is intended solely for informational, organizational, and supportive purposes. The Service does not provide medical advice, psychiatric advice, psychological treatment, therapeutic services, legal advice, financial advice, or emergency assistance.
AI outputs may be inaccurate, incomplete, biased, delayed, unsuitable, or inappropriate for particular circumstances. Users remain solely responsible for decisions, actions, and outcomes arising from reliance on AI-generated outputs. The mAmI APP does not make legally significant decisions on behalf of users. Where technically and commercially available through provider APIs and privacy controls, the mAmI APP seeks to disable third-party AI model training using identifiable user conversations and personal information processed through OpenAI and Anthropic services.
6.1 Human Oversight
Users remain responsible for reviewing, validating, and independently assessing AI-generated outputs before relying upon them. Decisions relating to healthcare, family matters, scheduling, child-related matters, financial matters, legal matters, communications, or other important matters should be independently reviewed by users prior to action being taken.
6.2 AI-Generated Content
Artificial intelligence-generated content may be inaccurate, incomplete, outdated, biased, delayed, unsuitable, or similar to content generated for other users. The Company does not guarantee the originality, accuracy, completeness, reliability, legality, safety, or suitability of AI-generated content for any particular purpose.
6.3 Human Access to Conversations
The Company does not routinely monitor, review, read, or analyze private user conversations, prompts, emotional reflections, wellness entries, family-related information, or AI interactions. Access to user content by authorized personnel may occur only where reasonably necessary for:
- technical support requested by the user;
- investigation of security incidents;
- fraud prevention;
- abuse prevention;
- enforcement of applicable agreements;
- compliance with legal obligations;
- protection of rights, safety, security, or integrity.
Any such access shall be limited to authorized personnel with a legitimate business need and restricted to the minimum information reasonably necessary. Nothing in this Policy shall be interpreted as creating an obligation for the Company to continuously monitor, review, moderate, or supervise user interactions.
6.4 No Emergency Monitoring
The Service is not monitored in real time and is not intended to detect, assess, respond to, escalate, or intervene in emergencies, crises, dangerous situations, medical events, mental health emergencies, self-harm risks, threats of violence, or other urgent circumstances. The Company does not guarantee that any message, prompt, conversation, alert, emotional reflection, wellness entry, or communication submitted through the Service will be reviewed by a human being.
7. AI Providers and Sub-processors
The mAmI APP may rely on third-party service providers, sub-processors, and infrastructure partners necessary to operate the Service. Such providers may include:
- OpenAI;
- Anthropic;
- Firebase;
- Google;
- Microsoft;
- Twilio;
- cloud hosting providers;
- authentication providers;
- communication providers;
- calendar providers;
- email integration providers;
- technical infrastructure providers.
Where technically and commercially available through provider APIs and privacy controls, the mAmI APP seeks to disable third-party AI model training using identifiable user conversations and personal information. Identifiable user conversations, prompts, and personal information are not intended to be used to train internal artificial intelligence models. However, anonymized, aggregated, pseudonymized, or de-identified interaction data may be used internally to improve safety, personalization, Service quality, performance, and user experience.
Because certain providers may operate internationally, limited information may be processed in jurisdictions outside the European Union subject to contractual protections, Standard Contractual Clauses (SCCs), provider safeguards, and commercially reasonable data protection measures.
7.1 AI Providers Transparency
To provide requested functionality, user prompts, conversations, uploaded content, contextual information, and related inputs may be transmitted to authorized third-party artificial intelligence providers solely for the purpose of generating responses, contextual assistance, and operating the Service. Such providers process information in accordance with their contractual obligations, technical safeguards, provider privacy commitments, and applicable law.
8. How We Use Information
The mAmI APP may use information to:
- provide and operate the Service;
- personalize AI interactions and recommendations;
- improve contextual continuity and user experience;
- support Cowork Mode functionality;
- provide scheduling assistance and reminders;
- facilitate family coordination and organization;
- improve wellness and emotional support features;
- support grocery and healthcare-related assistance;
- maintain platform security and fraud prevention;
- troubleshoot technical issues;
- comply with legal obligations;
- improve Service quality and safety.
9. Automated Decision-Making
AI outputs are assistive only and are not intended to make legally significant decisions without human review.
10. Sharing and Disclosure
Information may be shared with service providers, authorities where required by law, and successors in connection with mergers, acquisitions, restructuring, financing, or business transfers. Information may also be shared with authorized third-party providers necessary to operate the Service, including:
- calendar providers;
- email integration providers;
- cloud hosting providers;
- communication providers;
- healthcare-related integrations;
- grocery-related services;
- AI service providers.
Cowork Mode may review limited relevant email and calendar content necessary to support reminders, appointments, scheduling, logistics, healthcare coordination, grocery coordination, or organizational functionality. At launch, Cowork Mode is not intended to access or process email attachments unless explicitly enabled in future versions of the Service. Cowork Mode does not independently send emails, confirm bookings, create commitments, make purchases, contact third parties, modify calendars, or take external actions without user confirmation. Users may revoke permissions and integrations at any time. Email access is limited to functionality expressly authorized by the user. The Service does not continuously monitor user email accounts and processes only the information reasonably necessary to support organizational, scheduling, reminder, healthcare coordination, grocery coordination, or productivity-related functionality requested by the user.
10.1 Email and Productivity Integrations
Where users choose to connect email, calendar, productivity, or communication services, the Service may access, process, analyze, summarize, organize, and utilize limited information reasonably necessary to provide requested functionality. The Service processes only information reasonably necessary to provide requested functionality and does not continuously monitor user accounts.
AI-generated email drafts, recommendations, suggested responses, calendar entries, or productivity actions remain subject to user review and approval. Users remain solely responsible for reviewing the content, accuracy, legality, recipients, attachments, timing, instructions, and consequences of any AI-generated email draft, suggested communication, recommendation, or proposed message prior to authorizing transmission. The Company assumes no responsibility for actions, decisions, omissions, misunderstandings, or consequences arising from reliance upon AI-generated communications. The Service does not independently send emails, submit forms, make purchases, enter contracts, confirm appointments, create legal commitments, communicate with third parties, or perform external actions without user authorization and confirmation. Users may revoke integration permissions at any time through available account settings or applicable third-party provider settings.
10.2 Community Features and User Content
Users remain solely responsible for any content, information, communications, photographs, comments, posts, recommendations, opinions, or other materials they publish, upload, share, transmit, or otherwise make available through community features. The Company does not endorse, verify, validate, guarantee, monitor, or assume responsibility for the accuracy, completeness, legality, reliability, safety, or suitability of user-generated content.
The Company reserves the right, but assumes no obligation, to remove, restrict, review, moderate, or investigate content where reasonably necessary to protect users; enforce applicable agreements; comply with legal obligations; investigate abuse, fraud, or misuse; or maintain platform integrity, safety, or security.
11. Payment and Subscriptions
The mAmI APP currently processes subscriptions exclusively through:
- Apple App Store subscriptions;
- Google Play Store subscriptions.
The mAmI APP does not directly process or store payment card information. Payment information is handled directly by Apple and Google in accordance with their respective payment, subscription, and privacy policies. No direct Stripe payment processing is currently implemented inside the Service.
12. International Transfers
Transfers may rely on SCCs, UK IDTA, contractual safeguards, and supplementary protections where applicable.
13. Data Storage and Hosting
The mAmI APP uses secure cloud-based infrastructure and third-party technology providers to operate the Service. User information may be stored using secure database infrastructure, including PostgreSQL / Neon database services hosted within the European Union (EU Central Region).
Because the mAmI APP operates globally and relies on international service providers, limited information may be processed in jurisdictions outside the European Union, including by AI providers, cloud infrastructure providers, calendar integrations, email providers, communications providers, or technical service providers. Where legally required, the mAmI APP seeks to implement commercially reasonable safeguards, including contractual protections, Standard Contractual Clauses (SCCs), provider commitments, and recognized international transfer mechanisms.
14. Security and Incident Response
The mAmI APP implements commercially reasonable technical, organizational, and administrative safeguards designed to protect personal information. Security measures may include:
- encryption in transit (TLS/HTTPS);
- encryption at rest where commercially reasonable;
- restricted database access controls;
- authentication protections;
- monitoring and logging;
- incident response procedures;
- administrative access restrictions;
- multi-factor authentication for administrative accounts where implemented.
No method of transmission, storage, or electronic security can be guaranteed to be completely secure.
15. Cookies, SDKs and Analytics
The Service may use limited cookies, SDKs, authentication tools, crash reporting systems, security technologies, and technical performance tools necessary for application functionality, authentication, reliability, and platform security. The mAmI APP does not currently use Google Analytics, Mixpanel, PostHog, or similar third-party analytics tools at launch. Analytics tools may be introduced in future versions of the Service, in which case this Privacy Policy will be updated accordingly. The mAmI APP does not currently use advertising tracking technologies or behavioral advertising systems.
16. Data Retention
Personal information is retained only for as long as reasonably necessary to:
- provide the Service;
- maintain account functionality;
- support continuity of user experience;
- fulfill legal obligations;
- resolve disputes;
- enforce agreements;
- maintain platform security.
Unless longer retention periods are required by law:
- account information may be retained while an account remains active;
- conversational history may be retained until deleted by the user or account deletion;
- technical and security logs may be retained for up to twelve (12) months;
- support-related records may be retained for up to twenty-four (24) months;
- backup copies may remain in secure backup systems for up to ninety (90) days following deletion.
Conversational history, personalization settings, family organizational information, vaccination-related information, and related contextual data may be retained to support continuity of Service functionality until deleted by the user or account deletion. Temporary image-processing content, including grocery-recognition photos, may be automatically deleted following processing unless intentionally retained by the user. Actual retention periods may vary depending on legal, regulatory, operational, fraud prevention, security, or technical requirements.
16.1 Account Deletion
Users may request deletion of their account at any time through available account settings or by contacting the Company. Following account deletion, the Company will take commercially reasonable steps to delete or anonymize personal information associated with the account, subject to legal obligations, regulatory requirements, fraud prevention purposes, security requirements, dispute resolution needs, enforcement of contractual rights, and backup retention processes. Certain information may remain temporarily stored in encrypted backup systems, disaster recovery systems, security logs, or archived records for a limited period before permanent deletion occurs. The Company reserves the right to retain anonymized, aggregated, de-identified, or statistical information that no longer reasonably identifies an individual user.
17. De-Identified and Aggregated Data
Anonymized, aggregated, pseudonymized, or de-identified information may be used internally for:
- platform safety;
- fraud prevention;
- Service improvement;
- performance optimization;
- personalization;
- product reliability;
- security.
Such information does not reasonably identify individual users.
18. User Rights
Access, correction, deletion, portability, restriction, objection, and withdrawal rights may apply depending on jurisdiction. Structured account or personal data export functionality is not currently available at launch but may be introduced in future versions of the Service.
18.1 Right to Withdraw Consent
Where processing is based on consent, users may withdraw consent at any time. Withdrawal of consent shall not affect the lawfulness of processing carried out prior to such withdrawal.
18.2 Child Data Rights
Parents or legal guardians may request correction, updating, restriction, or deletion of child-related information submitted through the Service, subject to reasonable identity verification requirements and applicable legal obligations.
19. Data Subject Requests
Requests may be submitted to privacy@mami.ae. Identity verification may be required.
20. UAE PDPL Rights
Users may exercise rights available under UAE Federal Decree-Law No. 45 of 2021.
21. EU/UK Rights
Users may exercise GDPR and UK GDPR rights. An EU/UK representative may be designated where required by law.
22. California Privacy Rights
The Company does not sell personal information and honors applicable CCPA/CPRA rights.
23. Advertising and Sale of Data
The mAmI APP currently operates as an ad-free Service. The mAmI APP does not display third-party advertising. The mAmI APP does not sell personal information or identifiable user data. The mAmI APP does not engage in behavioral advertising based on conversations, emotional wellbeing reflections, or family-related information.
24. Data Breach Notification
Affected users and regulators will be notified where required by law.
25. Third-Party Services
Third-party services operate under their own privacy policies and terms.
25.1 AI Governance
The Company may implement additional governance, transparency, accountability, safety, risk-management, auditing, compliance, and security measures as artificial intelligence laws, regulations, standards, and industry practices evolve within the United Arab Emirates and other jurisdictions.
26. Changes to this Policy
The mAmI APP may update this Privacy Policy periodically to reflect legal, technical, operational, or business changes. Material changes may be communicated through in-app notices, email communications, website updates, or other reasonable means. Continued use of the Service after updates become effective constitutes acknowledgment of the revised Privacy Policy.
27. Contact Information
Meydan Free Zone, Dubai, United Arab Emirates
Privacy contact: privacy@mami.ae
Legal contact: legal@mami.ae
The mAmI APP has not designated a formal Data Protection Officer (DPO) at this time. Privacy-related requests may be directed to privacy@mami.ae.