PRIVACY POLICY

Application of this privacy policy

This Privacy Policy (the “Policy”) applies to the clients (and prospect clients), business partners and employees of ICGS Investment Management Limited (the Firm).

The Firm is committed to safeguarding the privacy of the personal data that is provided to it or collected by it during the course of its business as well as the personal data it receives from you. This Policy describes how and why we collect, store and use personal data, and provides information about your rights. Please read the following information carefully to understand our views and practices regarding how we handle personal data.

For the purposes of applicable data protection law, the Firm is the “data controller” of your personal data.

Collection of personal data

We may collect personal data from you through your use of the website, when you request information from us, when you engage us for services or other business and professional relationship.

We may request and collect from you personal data, and other information. Depending on the information or services you request, we may ask you to provide your personal data such as name, phone numbers, address, email address, passport details, second ID document, and other personal data. We may also request and collect from you special categories of personal data (or sensitive data) such as bank/financial information and documents.

We may also collect personal data including special categories of personal data (or sensitive personal data) from public sources and screening databases such as Worldcheck or similar.

By providing us with any personal data, you are consenting to the use of your personal data as contemplated in this Policy. If you do not want us to use your personal data for any of these purposes, please do not provide us with your personal data.

In addition to the above, with regard to each of your visits to our website, we may automatically collect the following information:

  • technical information including the Internet protocol (IP) address used to connect your device to the internet, browser type and version, time zone setting, location, browser plug-in types and versions, operating system, as well as the admin system and aggregated data reports. That data is statistical in nature and tells us about the navigational behaviour and actions of our users and does not divulge any information about the identity of any individual;
  • information about your visit, services you viewed or searched for, page response times, download errors, length of visits, page interaction information (such as scrolling, clicks, and mouse-overs); and
  • in addition, we may use third party services such as Google Analytics that collect, monitor and analyze information about demographics and navigational behaviour. Demographics may include information such as gender, country of provenance and age. Navigational behaviour may include information such as pages viewed during a session, time spent on a given page and engagement with the Site's content such as clicks and form submissions.

For that same reason, we can obtain information about your general use of the internet using cookie files, which are small files that are sent to us, and which are stored in your device's hard drive. The cookies help us improve our website as well as provide a better and more personalized service. They allow us to:

  • estimate the size and nature of our audience as well as their behavioural tendencies on our website;
  • store information about our users' preferences, which allows us to personalize our website in conjunction with individual interests;
  • accelerate your search; and to
  • recognize you when you come back on our website.

If you wish to remove cookies, you can deactivate cookies within your browser's parameters. However, if you deactivate your cookies, you might not be able to access some parts of our site. Unless you deactivate cookies, the system on our site will send cookies by default.

Purposes

We will only use your personal data for legitimate business purposes, including:

  • processing and responding to inquiries, and providing our services within the contractual relationship with you or the client linked to you;
  • managing our relationship with you or the client linked to you;
  • marketing our services;
  • compiling anonymous statistics, such as website usage statistics and statistics on the effectiveness of invitations and other emails; 
  • and for complying with the regulations of the FSRA and where otherwise required by law.

Processing your data

Processing means any operation or activity with data. In the course of business, we will process your personal data as below:

  • receive
  • store
  • classify/rename files
  • copy
  • print
  • transfer (see details in the relevant section below)
  • eventually, erase

Sharing your data with another party

We may transfer your personal data (including special categories/sensitive personal data) to a recipient (i) for the purposes of outsourcing one or more of the purposes-related functions described above; (ii) to confirm or update information provided by you in order to comply with anti-money laundering, counter-terrorism and proliferation, targeted financial sanctions legislation; (iii) to inform you of events, information about our services, and other important information, (iv) for data backup; or (v) for other purposes disclosed at or before the time the information is collected.

If you tell us you wish to attend an event, your name and organization may appear on a list which we provide to other delegates at the event. We also take photographs and video of our events, and this may result in your image being captured and used in the course of reporting on the event (e.g. via social media or other means).

In relation to any other third parties, we will only disclose your data where you have given your consent or where we are required to do so by law, or where it is necessary for the purpose of, or in connection with legal proceedings or in order to exercise or defend legal rights.

Cross-border transfer of your data

It may sometimes be necessary for us to share your personal data with our affiliates or to share your data with business partners, outsourced services providers. In such events, this will entail a transfer of personal data from within the Abu Dhabi Global Market (“Home Jurisdiction”) to recipients outside the Home Jurisdiction, and vice versa. We may also need to transfer your data within our organisation but to a location outside Home Jurisdiction for the purposes of data backup and/or cloud storage.

The level of personal data protection in locations outside the Home Jurisdiction may be less than that offered within the Home Jurisdiction or the country in which you reside and may not be recognized as providing an adequate level of protection, but we have procedures in place to ensure the protection of personal data. These procedures include putting steps in place to ensure that all such entities keep your personal data confidential and secure and only use it for the purposes that we have specified and communicated to you. When we transfer your data to other countries, we will use, share and safeguard that data as described in this privacy notice. We only transfer personal data outside of the Home Jurisdiction when it is necessary for the services we provide you, or subject to appropriate safeguards that assure the protection of your personal data, such as standard contractual clauses.

Your rights

You have the following rights:

  • Access and Accuracy: the right to ask us to provide you, or a third party of your choice, with copies of the personal data we hold about you at any time, and to be informed of the contents and origin, verify its accuracy, or else request that such data be supplemented, updated or rectified in accordance with the applicable law;
  • Erasure or Blocking: the right to request erasure, anonymization or blocking of your personal data that is processed in breach of the law;
  • Objecting: the right to object on legitimate grounds to the processing of your personal data. In certain circumstances we may not be able to stop using your personal data, if that is the case, we’ll let you know why;
  • Portability: the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format;
  • Complaints: if you believe that your data protection rights may have been breached, you have the right to lodge a complaint to the applicable supervisory or data protection authority (ADGM Data Protection Commissioner); and
  • Withdraw consent: when personal data is processed on the basis of consent an individual may withdraw consent at any time. In the event that you no longer want to receive any marketing material from us, please contact us on the details set out below.

If you would like to exercise any of the above rights, please contact our Compliance Officer at masha.athukoralalage@iqeq.com.

Confidentiality

The data you provide may be confidential, and we will maintain such confidentiality and protect your data in accordance with this Policy, our professional obligations and applicable law. We do not sell, rent, distribute, or otherwise make personal data commercially available to any third party. We may share data with our service providers for the purposes set out in this Policy.

Information security

We have implemented reasonable administrative, technical and physical measures to protect your personal data against loss, misuse and alteration.

How long we keep your personal data

We will retain your personal data for the length of time needed to fulfil the purposes for which it was collected (as outlined in this Policy) unless a longer retention period is required or permitted by law.

Your personal data that is processed for marketing purposes will be stored until you exercise the right to withdraw consent, and once such right is exercised, your personal data will be kept only during the applicable statute of limitations period for any disputes or liabilities that may arise as a consequence of the processing of that information (which is up to 15 years in the United Arab Emirates). Once potential actions are time-barred we will proceed to delete the personal data. In any other circumstances, we will only retain your personal data for a shorter or longer period as required by any applicable law.

Changes to this privacy policy

This Policy is effective as of 6 June 2024 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page. We reserve the right to update or change this Policy at any time and you should check this Policy periodically.