1. Purpose of this Privacy Policy Statement

Binghatti Holding Ltd. and its affiliates and subsidiaries referred as (the Binghatti Group, we or us) respects the privacy of its customers and is committed to keeping customers’ personal information and other data confidential and secure.

This Privacy Policy Statement aims to give you information on how we collect and process your personal information (Personal Data).

It is important that you read this Privacy Policy Statement together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing Personal Data about you so that you are fully aware of how and why we are using your data.

The Binghatti Group is registered in the Dubai International Financial Centre (DIFC). This Privacy Policy Statement confirms that the Binghatti Group agrees to protect its customers’ Personal Data by complying with the DIFC Data Protection Law and other relevant rules and regulations of the DIFC. Customers are responsible for complying with the relevant laws of the jurisdiction in which they are located when accessing the Binghatti Group’s services.

This Privacy Policy Statement applies to persons anywhere in the world who access or use Binghatti Group’s websites or apps or otherwise submit Personal Data to the Binghatti Group. In addition to this Privacy Policy Statement, our customers must also accept and be bound by any other relevant Binghatti Group policies. Such policies may be released to our customers either by mail and/or any other electronic methods.

The Personal Data the Binghatti Group may receive from customers may include, but is not limited to:

• Identity Data: names, usernames, marital status, title, date of birth, gender; passport, nationality, place of birth, photographs;
• Contact Data: address, email address and telephone numbers;
• Financial Data: bank account and credit and payment card details;
• Transaction Data: details about payments to and from you and other details of products and services you have purchased from us;
• Technical Data: internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our websites;
• Profile Data: your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses;
• Usage Data: information about how you use our website, products and services; and
• Marketing and Communications Data: your preferences in receiving marketing from us and our third parties and your communication preferences.

The Binghatti Group may ask for other information voluntarily from time to time to enable it to improve its service or consider the wider needs of its customers or potential customers. If customers choose not to provide the information the Binghatti Group needs to process customers’ requests for a specific products or services, the Binghatti Group may not be able to provide customers with those requested products or services.

The Binghatti Group websites and apps are not intended for children, and we do not knowingly collect data relating to children.

3. Collection of Personal Data:

This Privacy Policy Statement sets out the basis on which any information, including any Personal Data, we collect from you, or you provide to us, will be processed by the Binghatti Group. Each time you access or use our services, website, apps or otherwise provide us with information, by doing so you are accepting and, where possible, consenting to the practices described in this Privacy Policy Statement.

From time to time, the Binghatti Group may receive customers’ personal information via the various channels through which customers communicate with us, including through:

• use or access of our websites and other web-based products, information or services;
• third-party social media networks;
• telephone, e-mail, text messaging services, chat bots, or any other digital or electronic form or communication;
• online or off-line registration or application forms, surveys, questionnaires, contracts, agreements, identification documents and other documents submitted to us;
• transactions with us (e.g., letter of credit issuance, cheques, account enquiry, bank or money transfer); and
• verification of the validity and accuracy of customers’ personal and/or relevant corporate details by any third party.

We obtain most of information directly from our customers through direct interaction, applications or other forms, and from maintaining records of information provided in the course of ongoing customer service. We may also obtain information from various other sources such as credit information or identity group checks.

Finally, we may collect Personal Data through automated technologies or interactions through your interaction with our websites and apps, using cookies or similar technologies.

A cookie is a small text file that is unique to the web browser on your computer or mobile device, which is used to retain user preferences, and enhance browsing experience. We use cookies to track overall site usage and to enable us to provide a better user experience. We do not use cookies to “see” other data on your computer or determine your email address.

Refer to our Website Terms of Use for more details.

4. Processing, Storage and Transfer of Personal Data

Before using the Binghatti Group’s websites, apps or services, customers must understand and agree that customers’ Personal Data may be disclosed, transferred or shared:

• within the Binghatti Group and to other relevant authorized service providers which are registered and/or incorporated in UAE during back-office processing procedures;
• with vendors, consultants, marketing and advertising partners, and other service providers who need access to such Personal Data to carry out work on our behalf or to perform a contract we enter into with them;
• in response to a request for information by a competent authority or government entities if we determine that such disclosure is in accordance with, or is otherwise required by, any applicable law, regulation, or legal process;
• with law enforcement officials, government entities or authorities or other third parties as required by applicable law;
• with third parties in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company;
• with third parties in an aggregated and/or anonymized form which cannot reasonably be used to identify you; and
• with third parties with whom you choose to let us share your Personal Data, for example other apps or websites that integrate with our API or Website Services, or those with an API or Service with which we integrate.

We will take all steps reasonably necessary to ensure your data is processed fairly and lawfully, in accordance with applicable laws and this Privacy Policy Statement. By submitting your Personal Data, you agree to such transfer, storing or processing in order for us to perform our operational, administrative and regulatory functions.

You agree that we have the right to transfer the Personal Data described in this Privacy Policy Statement to and from, and process and store it in, the United Arab Emirates and (where applicable or required) with Data Processors in other countries, some of which may have less protective privacy laws than those where you reside. Where this is the case, we will take appropriate security measures to protect your Personal Data in accordance with this Privacy Policy Statement.

We retain Personal Data submitted by you for a reasonable length of time unless otherwise prescribed by applicable law, and only for as long as reasonably necessary to fulfil the purposes for which we collected it.

The Binghatti Group is not responsible for the accuracy of the information you provide, and will modify or update your Personal Data in our databases upon your request, as further outlined below. We will erase or archive from active use your Personal Data upon request unless we are required to retain it in accordance with DIFC or other applicable laws or to perform agreed services. By accessing or using our apps and websites or otherwise providing us with Personal Data, you thereby represent and warrant that you understand that all information submitted by you to us may be used by us in accordance with applicable laws and our policies.

5. Use of Personal Data

We may use the Personal Data which you provide to us, or we collect from you to:

• respond to any queries or expressions of interest made by you;
• register you as a customer and provide you with products or services, including managing payments, fees, charges and collecting monies owed to us;
• manage our relationship with you;
• to enter into or conclude or perform any contract we have entered into with you;
• process your payments to us and protect against fraudulent transactions
• comply with our legal obligations and defend legal claims;
• further our legitimate business interests or those of a third party where your interests and fundamental rights do not override those interests;
• provide, maintain, and improve our services, including, for example, to facilitate payments, send receipts, provide products and services you request (and send related information about them), develop new features, provide customer support to users, authenticate users, and send administrative messages, whether information or required by applicable law;
• perform internal administration and operations, including, for example, to prevent fraud and abuse of our services, to troubleshoot software bugs and operational problems, conduct data analysis, testing, and research and to monitor and analyse usage and activity trends;
• send you communications we think will be of interest to you, including information about products, services, promotions, news, and Binghatti Group events, where permissible under DIFC Laws and according to any other applicable laws; and to process contest, sweepstake, or other promotion entries and fulfil any related awards and enable you to partake in any surveys, contests, sweepstakes, prize draws or competitions;
• notify you about changes to our products and services;
• allow you to participate in any interactive features of our app or websites;
• keep our apps and websites safe and secure; and
• personalize and improve our products and services, including to provide or recommend features, content, social connections, referrals, and advertisements.

6. Protection of Customers’ Personal Data

The Binghatti Group maintains strict security standards and procedures for the purpose of protecting customers’ Personal Data. When accessing the Binghatti Group’s services, customers must go a through verification and authorization process to confirm each customer’s identity through our KYC Process

We make every effort to ensure that your Personal Data is secure on our systems. The Binghatti Group has staff dedicated to maintaining our data protection and security policies, periodically reviewing them and making sure that our employees are aware of our data protection and security practices. Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure. As a result, the Binghatti Group cannot warrant or guarantee the security of any Personal Data you transmit to us, and you do so at your own risk.

If a customer’s browser is appropriately configured it should tell the customer whether the information the customer is sending will be secure (generally by displaying an icon such as a padlock). The combination of a secure browser at the customer’s end and the Binghatti Group’s security measures provide customers with the best security currently available.

Once the Binghatti Group receives a customer’s information, the Binghatti Group will take all reasonable steps to protect that information. If the Binghatti Group no longer needs a customer’s information, the Binghatti Group will destroy or de-identify it, subject to the extant record retention guidelines.

7. Your Rights and Choices

You have the right to access information held about you. Your right of access can be exercised in accordance with DIFC and other applicable laws. Any access request generally comes at no cost to you, but may, where permissible, be subject to a fee to meet any extraordinary administrative costs in providing you with details of the information we hold about you.

When you contact us about a potential Personal Data error, we will endeavor to confirm or verify the information in question, then correct verified inaccuracies and respond to the original inquiry. We will endeavor to send a correction notice to businesses or others whom we know to have received the inaccurate data, where required and / or appropriate. However, some third parties and third party sites may continue to process inaccurate data about you until their databases and display of data are refreshed in accordance with their update schedules, or until you contact them personally to ensure the correction is made in their own files.

You may also request that we restrict, erase or otherwise process your Personal Data in line with your rights as set out in the DIFC Data Protection Law.

8. Liabilities of the Binghatti Group

The Binghatti Group is not liable for any potential loss or damages under the following conditions:

• Natural disaster, war, terrorist attack, interruption of electric power, fire, water, etc. which is beyond the Binghatti Group’s control;
• Disclosure, misuse, lending/delegation to any third party, transfer of the OTP Token/security password and/or user password by the customer;
• Telecommunication problems which are beyond the Binghatti Group’s control;
• Functionality problems with customers’ electronic devices;
• Misuse of the Binghatti Group’s services; and
• Any other circumstances which are beyond the Binghatti Group’s control.

9. Governing Law

This notice is prepared and maintained by the Binghatti Group and is governed by the laws of DIFC, including the Data Protection Law DIFC No. 5 of 2020, and may for certain types of Personal Data processing, be subject to laws from other jurisdictions. From time to time, information and/or services may be amended in accordance with changes of the governing law.

10. Amendments and Changes

Customers agree that the Binghatti Group may amend and/or change this Privacy Policy Statement and other relevant policies from time to time and without notice. We encourage you to periodically review this Policy for the latest information on our privacy practices.

11. Review of this Policy

We keep this Privacy Policy Statement under regular review. It was last updated 18 August 2018.

12. Contact Us

If customers want access to data, correction of data or for information regarding our data protection policy and kinds of data held, they are welcome to address such inquiries to the Data Protection Officer for the Binghatti Group.

If you have any questions, comments and requests related to this Privacy Policy Statement, or if you have any complaints related to how the Binghatti Group processes your Personal Data, please contact the Data Protection Officer at email: dpo@binghatti.com.