Privacy Policy

We collect information you provide directly to us, such as when you create an account, fill out a form, or contact us for support. This may include:

• Name, email address, and contact information
• Company information and job title
• Project requirements and consultation requests
• Communication preferences
• Location data for compliance with local regulations in UAE, KSA, and GCC countries
• Technical data including IP addresses and device information for security purposes

Under DIFC Data Protection Law and UAE Federal Data Protection Law, we process your personal data based on:

• Your explicit consent for marketing communications and non-essential services
• Contractual necessity for providing our consulting services
• Legitimate business interests for improving our services and security
• Legal obligations under UAE, KSA, and GCC regulatory requirements

We use the information we collect to:

• Provide, maintain, and improve our services
• Process and respond to your inquiries
• Send you technical notices and support messages
• Communicate with you about our services and updates
• Comply with legal obligations under UAE, KSA, and GCC laws
• Ensure compliance with anti-money laundering and counter-terrorism financing regulations
• Meet regulatory reporting requirements in jurisdictions where we operate

Your personal data is primarily stored and processed within the UAE and GCC region. When data transfers outside the GCC are necessary for service provision, we ensure:

• Adequate protection measures are in place as required by DIFC and UAE laws
• Data processing agreements with third parties meet GCC standards
• Cross-border transfers comply with applicable data localization requirements
• Regular audits of data processing activities and security measures

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy. We may share your information with:

• Service providers who assist in our operations and meet GCC data protection standards
• Professional advisors and consultants bound by confidentiality obligations
• Regulatory authorities in UAE, KSA, and other GCC countries when required by law
• DIFC authorities and UAE Central Bank for regulatory compliance purposes
• Law enforcement agencies in accordance with UAE Federal Law and GCC mutual legal assistance treaties

We implement comprehensive security measures that meet or exceed DIFC and UAE cybersecurity standards:

• End-to-end encryption for data in transit and at rest
• Multi-factor authentication and access controls
• Regular security audits and penetration testing
• Compliance with UAE National Cybersecurity Strategy requirements
• Incident response procedures aligned with DIFC and UAE breach notification requirements
• Staff training on data protection and cybersecurity best practices

Under DIFC Data Protection Law, UAE Federal Data Protection Law, and applicable GCC regulations, you have the following rights:

• Right to access your personal information and obtain copies
• Right to correct inaccurate or incomplete information
• Right to request deletion of your personal information (subject to legal obligations)
• Right to restrict or object to processing in certain circumstances
• Right to data portability where technically feasible
• Right to withdraw consent for processing based on consent
• Right to lodge complaints with DIFC Commissioner of Data Protection
• Right to seek compensation for damages resulting from data protection violations

To exercise these rights, please contact us using the information provided below. We will respond within the timeframes required by applicable law (typically 30 days under DIFC law).

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:

For complaints regarding data protection matters, you may also contact the DIFC Commissioner of Data Protection or the relevant data protection authority in your jurisdiction.