GDPR for UAE

Home > GDPR

GDPR Compliance in the UAE

Adhering to UAE data protection laws ensures robust personal data privacy and security. Our services help you navigate these regulations, aligning with GDPR principles.

Introduction

Griffin Nagda & Company (“we”, “our”, “us”) is committed to protecting and respecting your privacy. This GDPR Privacy Policy outlines how we handle, store, and process your personal data in compliance with the General Data Protection Regulation (GDPR).

1. Data Controller

Griffin Nagda & Company is the data controller responsible for your personal data.

2. Personal Data We Collect

We may collect and process the following personal data about you:

  • Identity Data: Name, title, date of birth, gender.
  • Contact Data: Address, email address, telephone numbers.
  • Financial Data: Bank account details, payment card details.
  • Transaction Data: Details about payments to and from you.
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • To perform the contract we are about to enter into or have entered into with you.
  • To comply with a legal obligation.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • To send you marketing communications if you have opted in to receive them.

4. Sharing Your Personal Data

We may share your personal data with:

  • Service providers who provide IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors, and insurers.
  • Regulators and other authorities who require reporting of processing activities in certain circumstances.