ADCB Asset Management Limited (“AAML”, “We”, “Us” or “Our”) is committed to protecting your privacy and your Personal Data.
This Privacy Notice (“Notice”) aims to help you understand what Personal Data we collect, store or process about you, the legal bases on which we do so, the purpose for which we do so, if and whom we share your Personal Data with. This Notice also describes how long we retain your Personal Data.
Further, this Notice describes your rights and the choices you can make in relation to our collection, use and disclosure of your Personal Data.
This Notice explains the various measures we have in place to protect the security of your Personal Data and minimize the potential for its unauthorized use, disclosure and destruction.
The terms of this Notice will apply to you when you use our products or services, visit our online services at https://www.adcbam.com and any of its ancillary pages and websites (the “Sites”), or provide us with your Personal Data.
Please review this Notice periodically as we may update it from time to time without informing you to reflect changes in our data practices. Should you wish to contact us to discuss any questions, concerns and comments you may have regarding your Personal Data that we process, please reach us through our contact details provided in Section 1.3 Our Contact Information of this Notice.
Personal Data and Processing have very specific meanings under data protection laws. It is important that you understand these terms.
The following clauses describe the categories of personal data we process and the reasons for which we process them (you need to provide some of the following types of personal data to us by law).
Please note that you can choose not to share your Personal Data with us. In such a case, we are likely to be limited in terms of what services we can offer you. Additionally, you may be unable to access our website or receive our offers.
Where we need to collect your Personal Data due to the requirements of applicable law or professional standards, or for the performance of a contract between you and AAML, and you fail to provide that data when requested, we may have to decline your request for our products and/or services, or, if we are already supplying products and/or services, we may have to suspend or cease your access to them. We will notify you if this is the case at the time.
We can only process your Personal Data if we have a legal reason to do so, that is, if we have a “lawful basis”. We will use different lawful bases to process different categories of Personal Data. They are as follows:
Special Categories of Personal Data include Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic data, Biometric Data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation, and Personal Data relating to criminal convictions and offences or related security measures.
It is our policy not to collect and process any Special Categories of Personal Data. However, should there be a need to process Special Categories of Personal Data that belong to you, it will be conditional upon at least one of the following criteria being met:
We may collect your Personal data from two primary sources
If you are applying to us through a Third Party, then they should have provided you with their own privacy notice in order to tell you (whether online or in person) how they may process your Personal Data.
The security of your Personal Data is important to us. We have designed and implemented appropriate measures to prevent your Personal Data from being disclosed, modified or destroyed without sufficient authorization. These measures address several dimensions of data security including and not limited to the following:
AAML is not responsible for any information posted on AAML website or other social media sites other than the information posted by AAML employees on its behalf. AAML is only responsible of its own use of the Personal Data received through such sites.
Whilst we take measures to secure your Personal Data, risks to data security do exist, and there always is a possibility of unauthorized use, disclosure, modification and/or destruction of your Personal Data. In the event of such a Personal Data Breach, within the limits of Applicable Law, we will take reasonable measures to notify you about it and its likely consequences, measures taken by us to mitigate the increased risk and avenues available to you to mitigate the risk as a result of the Personal Data Breach. For further information on how we respond to and handle Personal Data Breaches, please contact us at [email protected].
Your rights in relation to our processing of your data are as follows. If you want to exercise any of your rights, please contact our Data Protection Officer (“DPO”) in writing at [email protected].
AAML will maintain the following obligations in relation to your rights concerning our Processing of your Personal Data:
Throughout the course of your relationship with AAML and even after its conclusion, your Personal Data may need to be shared with Data Processors who are both internal and external to AAML. Under certain circumstances, within the permits of Applicable Law, this will involve us transferring your data across the boundaries of the Abu Dhabi Global Market (ADGM). If we need to transfer your Personal Data outside the ADGM, we will do so on the basis of the following grounds:
We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
"In some circumstances you can ask us to delete your data. For further information, please see Section 11: Your rights in relation to our processing of your Personal Data.”
You will only receive direct marketing communication from us where we have obtained your consent as described in this Privacy Notice, or where we have legitimate interests as described in this Privacy Notice, that must be fulfilled through the marketing communication.
You have the right to object at any time to the Processing, including Profiling, of your Personal Data for such direct marketing purposes. You may place your request to stop receiving marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting the ADCB Customer Care Team on the following numbers:
Where you opt-out of receiving our marketing messages, this will not apply to Personal Data provided to us for other purposes.
We may have to share your Personal Data with the parties set out below for the purposes set out in the table above:
We require all Third Parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.
Term | Definition |
---|---|
AAML | means ADCB Asset Management Ltd. |
ADCB | means Abu Dhabi Commercial Bank PJSC. |
ADGM | means the Abu Dhabi Global Market. |
ADGM Commissioner of Data Protection | means the ADGM Commissioner of Data Protection appointed by the ADGM board who heads the Office of Data Protection at ADGM. |
ADGM Data Protection Regulations | means ADGM Data Protection Regulations 2021 enacted by the board of directors of the Abu Dhabi Global Market, in exercise of its powers under Article 6(1) of the Law No.4 of 2013 concerning the Abu Dhabi Global Market. |
ADGM Know Your Customer (KYC) | means mandatory requirements to ensure updated information about AAML’s Customers, to perform identity verification and prevention of illegal transactions through the business relationship with AAML such as money-laundering, identity theft. |
Applicable Law | means any enactment or subordinate legislation applicable in (i) ADGM; or (ii) under Abu Dhabi or Federal Law having application in ADGM, as it applies to Data Controllers and Data Processors that are within the scope of these Regulations; |
Automated Processing | means Processing that is conducted using an electronic application or system that operates automatically, either independently without any human intervention or under the supervision and limited intervention of a human. |
Binding Corporate Rules | means Binding Corporate Rules or BCRs are internal rules which define the policy across entities regarding intra-organizational Personal Data transfers outside the ADGM. |
Biometric Data | means Personal Data that results from the use of specific technology related to the physical, physiological or behavioral characteristics of the Data Subject that allow or confirm the unique identification of the Data Subject. This includes facial imaging or fingerprints. |
Consent | means the approval in which the Data Subject authorizes a Third Party to process his / her Personal Data, provided that this Consent is specific, clear, and unambiguous through a statement or a clear positive action stating that the Data Subject accepts the Processing of his or her Personal Data. |
Data Controller | means the entity or the natural person that has Personal Data and, by virtue of their activity, determines the method, approach, criteria, and purpose of Processing this Personal Data, whether alone or jointly with other persons or entities. |
Customer | means consumers of products and services from AAML. |
Data Protection Officer | means the entity who is tasked with overseeing AAML’s data protection programme and ensuring in an independent manner that all Personal Data processing at AAML is in compliance with Applicable Laws including the ADGM Data Protection Regulations. |
Data Subject | means an identified or identifiable natural person that Personal Data pertains or applies to. |
Employee | means full time staff of AAML. |
Explicit Consent | means an indication that the Data Subject has given an active, clear and unambiguous agreement for their Personal Data to be used in a specific way, including, for example by signing a document, sending an email. |
Personal Data | means any data related to a specific natural person or a natural person that can be identified directly or indirectly by linking identification elements, such as the person’s name, voice, photo, identification number, electronic identification, geographical location, or one or more of the person’s physical, physiological, economical, cultural or social attributes. |
Personal Data Breach | means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed. |
Processing | means any operation or set of operations performed on Personal Data through electronic means, including collecting, storing, recording, organizing, adapting, modifying, circulating, transferring, retrieving, exchanging, sharing, using, describing, and disclosing Personal Data by broadcasting, transfer, distributing, making available, coordinating, merging, restricting, obfuscating, deleting, destroying, or modeling the data. |
Data Processor | means the entity or natural person that processes Personal Data on behalf of the Data Controller under the Data Controller’s direction and instructions. |
Profiling | means the use of Personal Data to evaluate certain aspects related to the Data Subject. |
Recipient | means the entity to whom Personal Data is transferred. |
Special Categories of Personal Data | means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic data, Biometric Data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation; and Personal Data relating to criminal convictions and offences or related security measures. |
Third Parties | means an entity who processes Personal Data on behalf of AAML or any of the joint Controllers of AAML. |
UAE | means the United Arab Emirates. |