PRIVACY POLICY- RTP GLOBAL MENA ADVISORS LIMITED, DIFC
RTP Global Mena Advisors Limited, DIFC (hereinafter referred to as “RTP”, “Company”, “we”, “us”, “our”) values your security and privacy. RTP is required to comply with DIFC Authority’s Data Protection Law, DIFC Law No. 5 of 2020 (the “DP Law”), and may for certain types of personal data processing, be subject to laws from other jurisdictions.
This data privacy policy (the “Privacy Policy“) sets out the basis on which any information, including any personal data, we collect from you, or you provide to us, will be processed by the Company. Each time you access or use the website or provide us with personal information or personal data, by doing so you acknowledge the practices described in this Privacy Policy. Your rights described herein apply in these instances as well.
1. SCOPE AND APPLICATION
This Privacy Policy applies to persons anywhere in the world who access, use, and/or interact on our website and use our services (“Users”). The Company is the data controller of all personal information that we process about you. The Company is an entity within the wider RTP Global corporate group, which has offices internationally, including in New York (USA), the United Kingdom, European Union (EU) and India.
2. WHAT DATA DO WE COLLECT
The personal data you give us by providing information or filling in forms on the Company website, or by corresponding with us (for example, by telephone, e-mail or any other digital or electronic form). It includes for example information you provide when you contact us or visit our website or avail our services or transact with us.
If you contact us, we will keep at least an electronic record of such correspondence, including personal information shared at that time, in order to reply or process it as per your request. The personal information we collect may include your name, residential address, e-mail address, phone number, work address, photograph, copy of passport or emirates ID, source of wealth, directorship/shareholding information, job title, name of the company or organisation and other information you choose to provide (“Personal Data”).
The Company collects and processes Personal Data in accordance with the DP Law and applicable laws, including for specific lawful purposes explained herein or at the time of collection, or for the performance of tasks carried out as per your instructions or the legitimate interests of the Company. Such legitimate interest may include processing for the purpose of providing management consulting services, marketing, prevention of fraud, cyber security, maintaining internal records for administration purposes etc.
Information we collect about you and your device
Each time you use our website, we may and often will automatically collect the following information:
- your IP address;
- location information if the website uses GPS technology to determine your current location. If you wish to use the particular feature, you may be asked to opt-in to your data being used for this purpose;
- technical information, including the type of mobile device you use, a unique device identifier (for example, mobile network information, your mobile operating system, the type of mobile browser you use, device token, device type, time zone setting (“Device Information”);
- details of your use of our website including, but not limited to traffic data, weblogs and other communication data, and the resources that you access (“Log Information”);
- how long you spend on different parts of our website;
- your cookie preferences;
- any information you submit to us via email;
- any other personal information that you send to us; and
- information that we require for compliance with anti-money laundering, financial and other regulations (ex. Know Your Customer documents).
If you do not wish to share certain data with us or do not want us to use / share it for certain purposes (to the extent possible, in accordance with applicable laws and information in this Privacy Policy), you can alter your preferences at any time by writing to us at the email id mentioned hereinbelow.
3. HOW DO WE COLLECT YOUR PERSONAL DATA
We collect information:
- when you visit our website, browse its pages, or avail our services or transact with us or when you return;
- using due diligence tools (e.g. Bridger provided by Lexis Nexis) etc. for mandatory compliance processes and as part of our ongoing compliance checks and/or
- when you submit a message to us via email.
Some of the information is collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies which are active on our website. These cookies help us to provide you with a good experience when you are browsing, and also help us to improve our website. For more information on cookies and what you can do to disable certain cookies on our website, please read our Cookie Policy.
4. HOW DO WE USE YOUR DATA
We will only process the data we collect about you if there is a reason for doing so, and if that reason is permitted under DP Law. We will have a lawful basis for processing your information if:
- it is necessary to perform or enter into our contract with you;
- we have a legitimate interest for processing your data;
- send you communications we think will be of interest to you based on your previous interactions with us, including information about products, services, promotions, news, and the Company events, where permissible under DIFC Laws and regulations, and according to any other applicable laws.
- notify you about changes to this Privacy Policy (if required);
- you have provided your consent; or
- we are under a legal obligation to do so.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours, unless we have other grounds to do so (such as your consent or where we are under a legal obligation).
5. PROCESSING, STORAGE AND TRANSFER OF PERSONAL DATA
We will take all steps reasonably necessary to ensure your Personal Data is processed fairly and lawfully, in accordance with the DP Law, other applicable laws and this Privacy Policy. By submitting your Personal Data (including Log, Device and / or demographic information), we expect you to understand that such transfer, storing or processing in order for the Company to perform its general administrative functions is necessary and will be done in a proportionate, lawful manner, including but not limited to responding to enquiries you raise via the website and maintaining contacts for future informational or promotional activities. Unless otherwise notified, the Company does not ordinarily rely solely on automated decision making when processing your Personal Data.
In order to conduct our operations or fulfil regulatory obligations, we must transfer the Personal Data described in this Privacy Policy to and from, and process and store it in DIFC, United Arab Emirates and (where applicable or required) with processors in other countries, some of which may have less protective privacy laws than those where you reside. Accordingly, your personal data may be transferred to our group entities located in the USA, India, Mauritius, Guernsey, the United Kingdom and the EU. In all such cases, and generally for any processing operations, we take appropriate security measures to protect your Personal Data in accordance with this Privacy Policy.
To preserve the integrity of our databases, to carry out on-going services, for research, analytics and statistics purposes and to ensure compliance with applicable laws and regulations, we retain Personal Data submitted by Users for a reasonable length of time unless otherwise prescribed by applicable law.
The Company is not responsible for the accuracy of the information you provide and will modify or update your Personal Data in our databases when you provide updated information or ad hoc upon your request, as further outlined below. We will erase or put beyond active use your Personal Data upon request, unless we are required to retain it in accordance with DIFC or other applicable laws or to perform agreed services, in which case we align with applicable principles such as purpose specification and data minimization.
6. SHARING OF PERSONAL DATA
The Personal Data we are holding about you may on the legal grounds set out in this Privacy Policy be shared with and processed by:
- our service providers, such as our marketing automation and analytics providers, technology (including cloud) service providers, payment providers, banks and other support providers;
- our professional advisors (such as our lawyers, accountants and auditors);
- another organisation to whom we may transfer any agreement we have with you, or if we enter into a joint venture with, purchase or are sold to or merged with another business entity or
- RTP Capital Limited and any other affiliates or companies within the RTP Global corporate group, to the extent permissible by law.
Other Types of Data Sharing
We may share your Personal Data
- With vendors, consultants, marketing and advertising partners, and other service providers who need access to such Personal Data to carry out work on our behalf or to perform a contract we enter into with them;
- If we otherwise notify you and you provide your affirmative opt-in to share your data, where needed;
- With third parties in an aggregated and/or anonymized or pseudonymized form that cannot reasonably be used to identify you.
Government Data Sharing
In some circumstances, we are legally obliged to share information with public authorities or law enforcement. For example, we may be required to provide information related to a court order or where we must cooperate with supervisory/government authorities in handling complaints or investigations, if we determine that such disclosure is in accordance with, or is otherwise required by any applicable law, regulation, or legal process. In any scenario, we will attempt to satisfy ourselves that we have a lawful basis on which to share the information, document our decision making, and satisfy ourselves we have a legal basis on which to share the information.
7. MARKETING AND PREFERENCES
Where we have a legitimate interest for doing so (and are permitted to do so by law), we will use your information to let you know about our other activities and opportunities such as events and webinars that may be of interest to you and we may contact you to do so by email or phone.
The Company supports Users’ legal rights to opt-in or subsequently opt-out of receiving communications from us. You have the right to withdraw your consent or opt out of receiving our marketing communications at any time. You may change your preferences at any time by writing to us at the email provided hereinbelow.
Please note that we may continue to send you transactional or service-related e-mails despite your desire to not receive promotional or marketing email messages.
Finally, while we may remove your individual contact information from our professional contacts database, please be aware that if such information is in a third party’s marketing directory through your request or election, you will need to request removal with such third party directly.
8. WHAT ARE YOUR DATA PROTECTION RIGHTS
The Company would like to make sure you are fully aware of all of your data protection rights. Every User is entitled to the following rights:
- The right to withdraw consent: When personal information is processed on the basis of consent, you may withdraw consent at any time, although such withdrawal will not affect the lawfulness of processing occurring prior to such withdrawal.
- The right to access – You have the right to request us for copies of your personal data.
- The right to rectification – You have the right to request us to correct any information you believe is inaccurate. You also have the right to request to complete any information you believe is incomplete.
- The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
- The right to object to processing – You have the right to object to processing of your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you would like to exercise any of these rights, or please make a request by contacting us on the email id provided hereinbelow.
9. SECURITY PRECAUTIONS
The Company makes every effort to ensure that your Personal Data is secure on its system. The Company has staff dedicated to maintaining our data protection and security policies, periodically reviewing them and making sure that the employees of the Company are aware of our data protection and security practices. Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure. As a result, the Company cannot warrant or guarantee the security of any Personal Data you transmit to us, and you do so at your own risk.
The Company has established policies and procedures for securely managing information and protecting Personal Data against unauthorized access. We continually assess our data privacy, information management and security practices. We do this in the following ways:
- Establishing policies and procedures for securely managing information;
- Limiting employee access to viewing only necessary information in order to perform his or her duties;
- Protecting against unauthorized access to Personal Data by using data encryption, authentication and virus detection technology, as required;
- Requiring service providers with whom we do business to comply with relevant data privacy legal and regulatory requirements;
- Monitoring our website through recognized online privacy and security organizations; and
- Conducting background checks on employees and providing training to our employees.
If you have any further questions about our security and processing activities, please contact the Company on the details provided below. To the extent permitted by applicable law, the Company expressly disclaims any liability that may arise should any other third parties obtain the Personal Data you submit through fraud or otherwise where it is no fault of the Company.
9. CHANGES TO THIS POLICY
The Company may change this Privacy Policy from time to time and without notice. We encourage you to periodically review this Privacy Policy for the latest information on our privacy practices. Your continued use of the website or our services constitutes your understanding of the changes. If we make any changes to the Privacy Policy, they will be posted on our official website along with the “Last Updated” date below.
10. CONTACT US
If you have any questions, comments and requests related to this Privacy Policy, or if you have any complaints related to how the Company processes your personal data, please get in touch with us by contacting our data protection team at [email protected].
If you would prefer to write to us, you can do so at: Attn: Ms. Smita Goel, Unit 206, Level 2, Park Towers, Dubai International Financial Centre, Dubai, United Arab Emirates.
You have the right to contact or lodge a complaint with the DIFC Data Protection Commissioner in relation to this Privacy Policy and in that regard may contact the DIFC Commissioner of Data Protection’s Office at:
Dubai International Financial Centre Authority
Level 14, The Gate Building
Note: This Privacy Policy adheres to DIFC data protection laws and regulations and, as a result, may differ from the general version adopted by the RTP group. In the event of inconsistencies between the two versions, this Privacy Policy will take precedence for clients of RTP Global Mena Advisors Limited, DIFC.
Last updated: January 2024