This Privacy Policy explains how Lifeline Limited (“Lifeline”, “we”, “us”, “our”) collects, uses, stores, shares, and protects personal data when you visit or use embrymama.com (the “Website”) and when you submit information through our forms.
Company details Lifeline Limited (Economic License No. MC 13444) Smart Station – First Floor, Incubator Building, Masdar City, Abu Dhabi, United Arab Emirates
This Policy is intended to reflect the requirements of applicable UAE data protection rules (including the UAE Personal Data Protection Law) and common international privacy standards.
Who this Policy applies to
This Policy applies to people who use the Website, including those who submit a form as:
Prospective Intended Parents
Prospective Surrogate Mothers
Prospective Donors
The Website and the services described on it are intended for adults. We do not knowingly collect or solicit personal data from persons under the age of 18. If we become aware that personal data of a child has been provided to us, we will take reasonable steps to delete such information.
What personal data we collect
2.1 General information about personal data
Personal data means any information that identifies you directly or indirectly, such as your name, phone number, email address, or other details linked to you as an individual.
As the operator of this Website, we collect personal data only when it is reasonably necessary
to respond to your request, provide information about our programs, or coordinate further steps related to participation as an intended parent, surrogate mother, or donor.
We follow the principles of data minimization and purpose limitation. This means we collect only the minimum amount of personal data required and use it only for the purposes described
in this Privacy Policy.
2.2 Personal data you provide through Website forms
When you complete a form or contact us through the Website, we collect the following personal data:
full name;
phone number;
email address.
The forms on the Website are used by prospective intended parents, surrogate mothers and donors. The information requested is limited to what is necessary to review your inquiry and communicate with you.
2.3 Sensitive and health-related personal data
The Website contact forms do notrequest or require medical or health-related information. Sensitive or health-related personal data may be provided only at a later stage of communication, for example during consultations or further interactions with Lifeline by phone, email or messaging applications, where such information is necessary to assess eligibility or coordinate participation in the program. Any sensitive personal data is processed only where necessary, with appropriate safeguards, and in accordance with applicable legal requirements, including obtaining explicit consent where required.
2.4 Technical and usage data
When you visit the Website, certain information may be collected automatically for technical, security and analytics purposes, including:
IP address;
browser type and device information;
operating system;
pages visited and actions taken on the Website;
date, time and country of access;
referring website (if applicable).
This data helps us ensure the proper functioning, security, and improvement of the Website and is used mainly for statistical and analytical purposes and is not intended to directly identify individual users.
Why we collect and use personal data (purposes)
We process personal data only for clear and specific purposes related to our services and Website. The table below explains what categories of data we use, where this data comes from, and why it is needed.
Category of personal data
What this data includes
Source of the data
Purpose of use
Identification and contact data
Name, phone number, email address
Website contact and application forms
To identify you, respond to your request and communicate with you; Carrying out marketing activities and providing marketing information to you
Application-related data
Information provided during initial screening and communication
To review your inquiry and assess potential participation as intended parent, surrogate mother or donor
Health-related data (where applicable)
Health or medical information voluntarily shared at later stages
Direct communication with the Lifeline (phone, email, messaging apps)
To assess eligibility, ensure safety, and coordinate the provision of our services (including basic screening and initial eligibility steps)
Communication data
Messages, call records, emails
Communication channels used with the Lifeline
To manage communication, provide consultations, and keep records of interactions
Technical and usage data
IP address, device and browser data, pages visited, date, time and country of access
Automatically collected via the Website
To operate, secure, and improve the Website and user experience
Legal and compliance data
Information required by law or necessary for legal protection
Provided by you or generated during cooperation
To comply with legal obligations and protect our legal rights
Legal basis for processing
We process personal data only when we have a lawful basis, such as:
Your consent (for example, when you submit a form and ask us to contact you; or for non-essential cookies where required).
Contract or pre-contract steps (when you ask us to take steps related to providing services).
Legal obligations (where we must keep records or comply with applicable law).
Protection of vital interests (rare cases involving health or safety).
Other bases permitted under applicable UAE law.
How we share personal data
We do not sell your personal data. We may share personal data only when necessary, including with:
Our employees and authorized staff who need the information to perform their duties (confidentiality applies).
Our partners and service providers, such as: coordinators and local staff (including outside the UAE), medical providers/clinics (where relevant), legal and administrative partners, IT and cloud service providers, email/communication service providers.
Authorities and regulators if required by law or valid legal process.
Professional advisers (lawyers, auditors) where necessary.
Business transfers (if we restructure, merge, or sell part of our business, under appropriate safeguards).
We share only what is necessary for the relevant purpose.
International (cross-border) transfers
Because provision of our services involves people and partners in different countries, your personal data may be transferred to and processed in countries outside the UAE. When we transfer data internationally, we apply safeguards consistent with applicable UAE requirements and common international standards, such as:
limiting transfers to what is necessary,
contractual protections with recipients,
security measures (access control, confidentiality, encryption where appropriate),
obtaining your consent where required.
Social media pages
We may maintain official pages on social media platforms. If you choose to contact us or interact with our content through social media, we will process the personal data you choose to share with us only for the purpose of responding to your inquiry or managing our communication with you.
Please note that social media platforms operate independently from us and have their own privacy policies and terms. We encourage you to review the privacy practices of the relevant platform before sharing personal data through social media.
Cloud storage and data hosting
We store and process personal data using secure cloud-based services. These services may be operated by third-party providers and may involve processing or storage outside the UAE.
We take steps to ensure cloud providers apply appropriate security measures and process personal data only under our instructions (where applicable).
Cookies and analytics
When you visit the Website, certain information may be collected automatically through cookies and similar technologies, including third-party analytics tools. A cookie is a small text file stored on your device that allows the Website to recognize your browser and collect limited technical information. This information may include browser type, operating system, IP address, pages visited, and referring website (if any). We use this information to understand how visitors interact with the Website, to ensure its proper functioning and security, to improve user experience and to make the content and services more relevant and useful.
We use Google Analytics and other similar analytics tools to measure Website performance and usage. These tools may collect technical and usage information, such as pages visited, session duration, device and browser information, and general interaction data. The information collected is used to understand how visitors interact with the Website and to improve its functionality and content. These tools may use cookies or similar technologies.
You can control cookies through your browser settings. Where required by applicable law, we provide a cookie notice and collect consent for non-essential cookies.
Data retention
We keep personal data only for as long as necessary for the purposes described in this Policy, including:
while we are communicating with you and handling your request,
during program evaluation and coordination,
as required by law (record-keeping),
for the time needed to resolve disputes or enforce agreements.
When data is no longer needed, we delete it or anonymize it where appropriate.
Data security
We use appropriate technical and organizational measures to protect personal data, including (as appropriate) access controls and “need-to-know” rules, staff confidentiality obligations, secure cloud services, encryption in transit (HTTPS), security monitoring and incident handling procedures.
Your rights
Depending on applicable law, you may have the following rights in relation to your personal data. The table below explains what each right means in practice.
Your right
What this means in practice
Right to access
You may ask us to confirm whether we process your personal data and request a copy of the personal data we hold about you
Right to rectification
You may ask us to correct or update inaccurate or incomplete personal data, for example, if your contact details change
Right to erasure
You may request deletion of your personal data where there is no longer a legal or operational reason for us to keep it. Please note that some data may need to be retained for legal, medical, or contractual reasons
Right to restriction of processing
You may ask us to limit how we use your personal data in certain situations, for example, while a request for correction is being reviewed
Right to object
You may object to the processing of your personal data where processing is not strictly required to provide services or comply with legal obligations
Right to withdraw consent
Where we process personal data based on your consent, you may withdraw that consent at any time. This will not affect processing carried out before the withdrawal
Right to data portability (where applicable)
You may request to receive certain personal data you have provided to us in a structured and commonly used format, where technically feasible
Right to lodge a complaint
You may lodge a complaint with the relevant data protection authority if you believe your personal data has been processed unlawfully
To exercise any of the rights described above, please contact us using the details provided in Section 14.
Requests may be submitted by you or by a person legally authorized to act on your behalf. For security and confidentiality reasons, we may take reasonable steps to verify your identity or authority before responding to a request. This may include assessing whether the request is submitted using the same contact details (such as an email address or phone number) previously provided to us and, where necessary, requesting additional information. Any information provided for verification purposes will be used only to process your request. If we are unable to verify identity or authority, we may not be able to respond.
In certain circumstances, and as permitted by applicable law, we may refuse to act on a request, for example if it is manifestly unfounded, excessive, or repetitive. Each request is assessed on a case-by-case basis, taking into account the nature of the request, the sensitivity of the personal data involved, and applicable legal requirements
Links to third-party websites
The Website may contain links to third-party websites or resources for informational purposes. Such links are provided for convenience only. We do not control and are not responsible for the privacy practices, content, or policies of third-party websites. This Privacy Policy does not apply to any third-party websites you may access through links on the Website. We encourage you to review the privacy policies of any third-party websites before providing them with your personal data.
Contact us
If you have questions or requests about privacy, contact:
Lifeline Limited Smart Station – First Floor, Incubator Building, Masdar City, Abu Dhabi, UAE Email: info@embrymama.com
We aim to respond to privacy-related requests within a reasonable timeframe and in accordance with applicable law.
Updates to this Policy
We may update this Policy from time to time. Please refer back to this Privacy Policy on a regular basis. We will post the updated version on the Website and change the “Last updated” date.
