Workforce data, handled responsibly
UAE PDPL alignment, encryption, configurable biometric retention, and AI that always defers to a human on consequential decisions.
UAE PDPL alignment
Aiya is designed around the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021): explicit consent capture on first use, data-subject rights (access, correction, erasure) through the staff app, and clear handling of biometric and location data.
Encryption
Workforce data is encrypted at rest and in transit with industry-standard encryption. Access is role-based, so each manager sees only the staff and sites they are responsible for.
UAE-aligned data residency
Data is hosted in a UAE-aligned regional data centre. Biometric face data is never sent to third-party AI providers — face matching runs inside our own infrastructure.
Configurable biometric retention
Biometric records auto-delete after a retention window you configure. The audit trail — who checked in, when, where, with what confidence — is retained separately, without the biometric image, preserving the record without holding personal data indefinitely.
UAE Labour Law records
Attendance, working-hour, and leave records are inspection-ready and retained for the legally required period under UAE Labour Law (Federal Decree-Law No. 33 of 2021). WPS-ready exports feed your payroll cleanly.
Human-in-the-loop AI
AI verifies identity, drafts rosters, and flags anomalies — but every consequential decision requires a human to confirm. No black-box automation acts on a staff record on its own.
This page describes Aiya’s approach to data protection and is not legal advice. For a Data Processing Addendum or specific compliance questions, please contact us.