Privacy Policy

This Privacy Policy describes how LOUD Group L.L.C - F.Z (“LOUD”, “we”, “us”, or “our”) collects, uses, discloses, and protects personal information when you visit weareloud.ae, contact us, engage our services, or otherwise interact with us. We are headquartered in Dubai, United Arab Emirates and act as the data controller for the personal information described below.

We are committed to handling your information responsibly and in accordance with the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021), the UAE E-Commerce Law (Federal Decree-Law No. 14 of 2023), and, where applicable to visitors from those regions, the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Who we are

LOUD is a Dubai-based holding group operating across six divisions: artist booking, live experiences, marketing & PR, influencers, concierge, and DENDRIK.AI (agentic AI and bespoke business platforms). For matters relating to this Policy you can reach us at:

2. Information we collect

We collect the following categories of personal information:

2.1 Information you provide directly

• Contact details — your name, email address, phone number, organisation, and country, when you complete an enquiry form, request a quote, or message us.
• Engagement details — information you share about your event, brief, brand, or project so we can respond appropriately.
• Communications — emails, messages, and other correspondence you exchange with us.
• Marketing preferences — your subscription status and any preferences you set if you opt in to our newsletter.

2.2 Information collected automatically

• Device and usage data — IP address, browser type and version, operating system, referring URL, pages visited, time on page, and date/time of access.
• Cookies and similar technologies— small files stored on your device that allow the site to function and help us understand how it's used. See our Cookie Policy for details.
• Server logs — standard web-server logs are retained for security, troubleshooting, and abuse-prevention purposes.

2.3 Information from third parties

Where you reach us through a referral, an introduction from a partner, or a public source (for example, a public business directory or your company's website), we may receive your name, role, organisation, and contact details from that third party.

3. How we use your information

We use personal information for the following purposes:

• To respond to enquiries, prepare proposals, and deliver the services you engage us for.
• To manage business relationships, including invoicing, contracts, and operational coordination.
• To send marketing communications about our services, events, or relevant industry insights, where you have opted in or where otherwise permitted by law.
• To operate, maintain, secure, and improve the website and our services, including diagnosing technical problems and analysing usage.
• To comply with applicable laws, regulatory obligations, and lawful requests from public authorities.
• To detect, investigate, and prevent fraudulent activity, security incidents, or other harmful activity.

4. Legal bases for processing

Where the GDPR or other equivalent law applies to you, we rely on the following legal bases:

• Performance of a contract — to deliver services you have engaged us for, or to take steps before entering a contract at your request.
• Legitimate interests — to operate our business, secure our website, prevent fraud, and reach prospective clients in a proportionate way.
• Consent — where you have explicitly opted in, for example to receive marketing emails or to allow non-essential cookies. You may withdraw consent at any time.
• Legal obligation — to comply with tax, accounting, anti-money-laundering, and other regulatory requirements applicable to us.

5. How we share information

We do not sell your personal information. We share it only with the following categories of recipients, and only to the extent necessary:

• Service providers and technology partners who process information on our behalf — including our hosting and performance-monitoring provider (Vercel), our database and authentication provider (Supabase), our content delivery network (Cloudflare R2), our transactional email provider (Resend), and similar infrastructure services. These providers are bound by contractual confidentiality and data-protection obligations.
• Professional advisors — lawyers, auditors, accountants, and insurers — when necessary to obtain advice or protect our legal rights.
• Counterparties to engagements— for example, a venue, artist's management, supplier, or sub-contractor — where information sharing is necessary to deliver the service you have engaged us for.
• Regulators, courts, and public authorities when we are required by law or where we believe disclosure is reasonably necessary to comply with legal process or protect our legitimate interests.
• Successors in interest — in the event of a merger, acquisition, financing, reorganisation, or sale of assets, your information may be transferred as part of that transaction, subject to standard confidentiality undertakings.

6. International data transfers

We are based in the UAE. Some of our service providers (for example, our hosting and email partners) operate servers and personnel outside the UAE. Where we transfer personal information across borders, we take appropriate steps to ensure that the recipient is subject to safeguards that are equivalent in substance to those required under the UAE PDPL. For transfers from the EEA or UK, where applicable, we rely on adequacy decisions or Standard Contractual Clauses.

7. Data retention

We retain personal information only for as long as necessary for the purposes described in this Policy. Specifically:

• Enquiry data — typically retained for up to 24 months from your last contact, unless we enter a continuing engagement with you.
• Engagement and contractual records — retained for the duration of the engagement and for the period required to comply with our legal, tax, and accounting obligations (typically up to 7 years from the end of the relationship in the UAE).
• Marketing data — retained until you withdraw consent or unsubscribe, after which we keep a minimal record only to honour your opt-out request.
• Server logs and analytics data — typically retained for up to 13 months and then deleted or aggregated.

8. How we protect information

We take appropriate technical and organisational measures to protect personal information against unauthorised access, accidental loss, alteration, disclosure, or destruction. Measures include encryption in transit (HTTPS), access controls on our internal systems, audit logging, and the use of reputable infrastructure providers with recognised security certifications. No method of transmission or storage is perfectly secure, however, and we cannot guarantee absolute security.

9. Your rights

Subject to applicable law, you have the following rights in respect of your personal information:

• Access — to request a copy of the personal information we hold about you.
• Correction — to ask us to correct information that is inaccurate or incomplete.
• Deletion — to ask us to delete your personal information, subject to legal retention obligations.
• Restriction — to ask us to limit how we use your information in certain circumstances.
• Objection — to object to processing based on our legitimate interests, including direct marketing.
• Portability — to receive your information in a structured, commonly used, machine-readable format and to transmit it to another controller.
• Withdrawal of consent — where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
• Complaint — to lodge a complaint with the UAE Data Office or, where applicable, your local data-protection authority.

To exercise any of these rights, please contact us at info@weareloud.ae. We will respond within the timeframes required by applicable law.

10. Children's privacy

Our services are intended for adults (18 years of age and older). We do not knowingly collect personal information from children under 18. If you believe a child has provided us with personal information, please contact us and we will take steps to delete the information.

11. Third-party links

Our website may contain links to third-party websites, including partners, venues, artist management, and social platforms. We are not responsible for the privacy practices of those third parties. We encourage you to read their own privacy policies before providing them with any personal information.

12. Changes to this policy

We may update this Policy from time to time to reflect changes in our practices, technology, legal obligations, or for other operational reasons. When we do, we will revise the “Last updated” date at the top of this page. For material changes, we will provide additional notice (for example, by email or via a prominent notice on the website). We encourage you to review this Policy periodically.

13. Contact us

For any questions about this Privacy Policy or about how we handle personal information, please contact us at: