PRIVACY AND DATA PROTECTION POLICY

Kalantar Business Law Group Ltd is committed to protecting any Personal Data that it is able to access, retrieve or collect as a result of your visit to, or use of, this website.

Kalantar Business Law Group Ltd, ADGM Commercial License number 000001134, registered address Office 2426, level 24, Al Sila Tower, Abu Dhabi Global Market Square, Al Maryah Island, Abu Dhabi, United Arab Emirates (“KBLG”, “we”, “us”, “our”) is an ADGM registered company.

Our Privacy Policy explains how we collect and process the information that you provide to us, whether through our website https://kalantarlawgroup.com/ (the “Website”) or in the course of providing our legal and professional services to you as a client or prospective client (“Services”). Our collection and use of a client’s information where we are providing Services to that client may also be governed by the terms of any engagement letter that is entered into between KBLG and the client.

By accessing the Website, you are deemed to accept our Privacy Policy and consent to our collection, processing, storage, use and disclosure of your Personal Data as outlined below. For the purpose of this Privacy Policy, KBLG is the Data Controller, unless otherwise specified.

We may, from time to time, without notice and for any reason, amend this Privacy Policy. We will post updated versions of the Privacy Policy to the Website when amendments are made. Such amendments are effective from the time that they are so posted.

1. Data Protection Laws

1.1. This Privacy Policy is subject to all applicable data protection and privacy legislation and regulations in force from time to time that apply to us and our clients, including but not limited to the ADGM data protection framework and applicable laws (the “ADGM Data Protection Regulations”), the EU General Data Protection Regulation 2016/679 (the “GDPR”) and any other legislation that amends the same. Where applicable, we are also bound by the relevant laws of Abu Dhabi and the Federal Laws of the United Arab Emirates.

1.2. References in this Privacy Policy to: ADGM, Data Controller, Data Subject, Personal Data, Personal Data Breach, Processing, Recipient, Staff and Third Party have the meanings ascribed to those terms under the ADGM Data Protection Regulations.

2. Collection, Receipt and Creation of Personal Data

2.1. We collect Personal Data in the course of our business when you (and any other Data Subjects) contact us, request information from us and instruct or engage us to provide our Services.

2.2. We do not collect Personal Data when you merely access the Website.

2.3. While most of your Personal Data comes directly from you, such as information you provide in the course of your instructions to us, when you enquire about or use our Services, or in response to questions we ask you for purposes of undertaking the Services, we sometimes receive information from Third Parties, including our Staff and other personnel, clients and service providers.

2.4. We do not use analytics to collect details about how you use the Website. We do, however, reserve the right to do so in the future, and only where it helps us analyse how visitors use our site (including behaviour patterns and the tracking of visits across multiple devices) so that we can improve the format, functionality and content of the Website. Any such information that we do collect, if at all, will be anonymous and cannot be used to personally identify a natural person. It may include your IP addresses, general location information, domain name, page views, date/time stamp, browser type, device type, device ID, Internet service provider (“ISP”), referring/exit URLs, operating system, language, clickstream data and other information about the links clicked, features used, size of files uploaded, streamed or deleted, and similar device and usage information.

2.5. In anticipation of providing our Services and in accordance with our obligations under applicable law, we may also collect information required to ensure compliance with anti-money laundering, countering the financing of terrorism and the degree to which sanctions have been imposed on prospective clients and other persons involved in the matter on which we have been asked to advise.

2.6. The information we may collect from and process about you and other Data Subjects in connection with the provision of our Services can include, but is not limited to:

1. 2.6.1. Your name, address (including proof of address), other contact details (including your email address and telephone numbers), gender, marital status, date and place of birth, nationality, employer(s), job title/role, employment history, relationship to another Data Subject or other person and other individual information;
2. 2.6.2. Identification number(s) issued by government bodies or agencies, passport number(s), tax identification number(s) (if any) and any other identification details that we can use to verify your identity;
3. 2.6.3. Bank account or payment card details, income or other financial information relevant to your engagement of our Services; and
4. 2.6.4. Any other information that you may choose to share with us at any time and for any reason.

3. Use of Personal Data

3.1. We use Personal Data strictly to provide our Services and respond to inquiries, to manage accounts and maintain business operations, to provide relevant marketing and to fulfil other business and compliance requirements. Your information may in many instances be confidential and subject to attorney-client privilege, in which case we will maintain such confidentiality and protect this privilege in accordance with our professional obligations and the laws and regulations that govern our Services.

4. Sharing of Personal Data

4.1. We may share some of your Personal Data with our affiliates, suppliers and service providers to enable such parties to perform functions on our behalf and under our instructions in furtherance of our Services. Such Recipients are bound by similar confidentiality obligations, and we require them to provide reasonable security for Personal Data and to use and process such Personal Data solely on our behalf.

4.2. For Data Subjects who are individuals, we may process/disclose your Personal Data in order to:

1. Comply with legal and regulatory requirements;
2. Carry out credit checks, take up credit references, trace debtors and detect, investigate and prevent fraud or anti-money laundering;
3. Undertake client identification procedures;
4. Perform conflict of interest checks;
5. Undertake and deliver work product that we or our Staff, affiliates, suppliers and service providers create in connection with the provision of our Services (including where appropriate the transfer of such Personal Data outside of the United Arab Emirates); and
6. Conduct internal analysis and research.

4.3. KBLG will never, without your consent, sell, trade, rent or otherwise share for marketing purposes, your Personal Data with third parties.

5. Cross-Border Transfers of Personal Data

5.1. As a firm that provides cross-jurisdictional Services to our clients, we may transfer your Personal Data across national boundaries. This may include cross-border transfers to countries that do not legally require us to protect your Personal Data in accordance with the provisions of this Privacy Policy. On such occasions, we will take reasonable measures to protect your Personal Data by ensuring that those transfers are made in compliance with relevant data protection laws to which KBLG, or the transfer of the Personal Data, are subject. Where we transfer your Personal Data to a Third Party that is located in a country that does not provide adequate privacy protection, we will take reasonable measures to ensure that your Personal Data is protected in accordance with international standards.

6. Retention of Personal Data

6.1. We retain your Personal Data in accordance with the ADGM Data Protection Regulations and use it only for the purposes for which it is collected and only for so long as it is required for our Services, considering legal and regulatory requirements to retain the information for certain minimum periods, limitation periods for taking legal action and best practices so far as information retention is concerned. KBLG has document retention and safeguarding policies in effect and we abide by these policies so far as maintenance, security and disposal of information, including Personal Data, is concerned.

6.2. KBLG stores Personal Data on servers and filing systems in the United Arab Emirates, the USA and other territories.

7. Personal Data Security

7.1. We take reasonable and appropriate technical and organisational measures to protect against unauthorised or unlawful data Processing and therefore against any Personal Data Breaches.

8. Automated Processing

8.1. We do not, for any reason or in any way, use or benefit from any information, including profiling, based on Data Processing carried out solely by automated means and without any human involvement (“Automated processing”.)

9. Cookies

9.1. We do not presently use or benefit from cookies on the Website.

10. Links to Other Websites

10.1. Our Website may, from time to time, contain links to and from Third Party websites. If you follow a link to any of these websites, please note that these websites have their own terms and conditions, privacy notices and cookie notices and we do not accept any responsibility or liability for those notices or your use of those websites.

11. Your Rights

11.1. Under the ADGM Data Protection Regulations, you have certain rights in relation to your Personal Data. To summarise, you and all other Data Subjects have the right to (your “Rights”):

1. Be informed: Where your data is being processed, you have the right to be informed of such processing.
2. Access to your Personal Data: Having been informed by this Privacy Policy that your data is being Processed, you have the right to request confirmation from the Data Controller that your Personal Data is being so Processed. You may also request a copy of the Personal Data that is held about the Data Controller.
3. Rectification of your Personal Data: If you request access to your Personal Data, and the information held by the Data Controller is not a true and accurate reflection of your Personal Information — either because it is inaccurate or incomplete — you may request that the Data Controller takes reasonable steps to rectify your Personal Data. For such changes to be made, you must provide supporting evidence of the inaccuracy or discrepancy.
4. Erasure, or Restriction on the Processing, of your Personal Data: In certain scenarios specified under the ADGM Data Protection Regulations, you can either require that the Data Controller erases your Personal Data or you can restrict the Data Controller’s Processing of it.
5. Data portability: Since Personal Data is yours, you have the right to obtain and re-use your Personal Data yourself and for other services. This means you can either request that the Data Controller sends you your Personal Data, or, in certain circumstances, that the Data Controller sends your Personal Data to another Data Controller of your choosing (if the Data Controller is reasonably able to do so).
6. Object: In certain scenarios specified under the current ADGM Data Protection Regulations, you may object to the processing of your Personal Data.

11.2. The Data Controller must respond to any request you make in relation to any points under clause 11.1(a)-(f) of this Privacy Policy. That response should be sent by the Data Controller to you without undue delay, meaning no later than sixty (60) calendar days after the Data Controller receives your request.

12. Data Controller and Data Protection Officer Contact Details

12.1. Kalantar Business Law Group Ltd is the Data Controller:

Kalantar Business Law Group
Office 2426
Level 24, Al Sila Tower
Abu Dhabi Global Market Square
PO Box 128666
Al Maryah Island, Abu Dhabi, United Arab Emirates
+971 2 694 8520
+971 50 288 2846
[email protected]
www.kalantarlawgroup.com

12.2. For any questions about our Privacy Policy, or to pursue your Rights, please contact our Data Protection Officer:

Phoebe Wilson
Data Protection Officer
c/o Kalantar Business Law Group
Suite 905
Level 9, The Bay Gate
Business Bay, Dubai, United Arab Emirates
+971 56 482 7139
[email protected]