This Privacy Notice is provided by FHS Law Firm, for and on behalf of itself and the various entities operating as part of the FHS Law Firm across the Middle East, as further specified here. This Data Protection Notice has been prepared with reference to DIFC Data Protection Law considerations, and will be augmented by jurisdictional specific addendums from time to time.
We are committed to safeguarding the privacy of the personal information that we process in the course of our business, including the personal information we receive from you. This Privacy Notice describes how and why we collect, store and use personal information, and provides information about the rights of the individuals to whom such personal information relates.
For the purposes of applicable data protection law, FHS Law Firm is typically the “data controller” of any personal information provided to us. Specifically, your data will be controlled by the FHS Law Firm that you have instructed, or that is providing services to or communicating with you. Very occasionally, we will act on specific retainers as a “processor” (meaning that we process personal data only in accordance with the directions of a data controller, or as otherwise permitted by law).
Please read the following information carefully to understand our views and practices regarding how we handle personal information. If you have any queries about our approach to data protection that are not already addressed in this Privacy Notice, please contact our Director of Compliance & Quality, as per the contact details set out at the end of this Privacy Notice.
We may collect personal information from you in the course of our business, when you contact us or request information from us, when you instruct us to provide legal services, when you use our website or mobile app (or other platforms), or as a result of your relationship with any of our personnel or clients.
The personal information that we process includes:
We collect most of this information directly from you, or through your use of our website. However, we may also collect data about you from a third party source, such as our clients, your employer, other parties to matters in which we are involved, platform operators for technology used in our business (e.g. webinar platforms), other organisations that you have dealings with, regulators or other government authorities, credit reporting agencies, information service providers, or from publicly available records.
The information you provide may be confidential, and we will maintain such confidentiality and protect your information in accordance with our professional obligations and applicable law. We have arrangements in place with personnel and service providers who may process your personal information, to ensure that confidentiality is maintained.
Whether we receive your personal data directly from you or from a third party, we will only use your personal information if we have obtained your consent, or if we have another lawful basis upon which to do so (e.g. for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into such contract; for compliance with a legal obligation on us; to protect your vital interests or those of another natural person; or for our own legitimate interests, or those of a third party, except where such interests are overridden by your own rights or interests).
The purposes for which we process your personal information are as follows:
We operate a Client Relationship Management email mailing list program, which we use to inform clients and other contacts about our services, including our publications and events. Such marketing messages may contain tracking technologies in order to track subscriber activity relating to engagement, demographics and other data, and to build subscriber profiles. We use this as a means by which to undertake direct marketing.
If you would like to cease receiving marketing materials from us at any time, please let our CRM management team know directly. You can also change your preferences for receiving our marketing emails and legal updates from us at any time, and you can unsubscribe by following the instructions specified in our marketing emails or via the websites. Please update your details by contacting our CRM management team by email at firstname.lastname@example.org.
Specifically, we use Google Analytics, and other similar products to track unique visitors to our website and app (storing a unique visitor ID, the date and time of first visit, the time their current visit started and the total number of visits they have made); to register session details (so as to attribute visit information, including conversions and transactions to a traffic source); and to register that a website visit has ended and the browser closed. Most internet browsers have a mechanism notifying you when you receive a new cookie, and telling you how to reject new cookies or disable cookies altogether (if you wish to do so).
We may disclose your personal information to a recipient (i) for the purposes of outsourcing one or more of the purposes-related functions described above; (ii) to confirm or update information provided by you; (iii) to inform you of events, information about our services, and other important information, or (iv) for other purposes disclosed at or before the time the information is collected. If we re-organise our business, we may need to transfer your personal information to other group entities or to third parties.
If you tell us you wish to attend an event, your name and organisation may appear on a list which we provide to other delegates at the event. We also take photographs and video of our events, and this may result in your image being captured and used in the course of reporting on the event (e.g. via social media or other means); we will draw this to your attention in materials relating to the specific events. Additionally, we may process contact details and attendance data in the interests of public health efforts to help tackle COVID-19.
In relation to any other disclosures to third parties, we will only do so where you have given your consent, where we are required to do so by law, or where it is necessary for the purpose of or in connection with legal proceedings or in order to exercise or defend legal rights. We do not sell, rent, distribute, or otherwise make, personal information commercially available to any third party.
Sometimes, it may be necessary for us to share your personal information with associated professional services firms around the world, who provide services to us or on our behalf (including data storage facilities or online storage located within or outside the United Arab Emirates, which may be operated by independent service contractors). This will entail a transfer of personal information from within the Dubai International Financial Centre to recipients outside the DIFC, and vice versa.
The level of personal information protection in the various jurisdictions in which we operate varies, and in some instances may not provide an adequate level of protection from an international perspective. To address this, we have procedures and safeguards in place to ensure the protection of personal information. These procedures include contractual obligations to ensure that all such entities safeguard your personal information and use it only for the purposes that we have specified and communicated to you. (For further information, please contact our Director of Compliance & Quality at email@example.com.) When we transfer your information to other countries, we will use, share and safeguard that information as described in this Privacy Notice.
We will retain your personal information for the length of time needed to fulfil the purposes for which it was collected, unless we specifically agree a longer retention period with you, or a longer retention period is required or permitted by law.
Various rights may be available to you, depending on the circumstances and the applicable law. We summarise key rights likely to be available to most data subjects:
If you would like to exercise any of the above rights, or any other rights available to you pursuant to applicable law, please contact our Director of Compliance & Quality using the contact details set out below
We have implemented reasonable administrative, technical and physical measures to protect your personal information against loss, misuse and alteration.
We may from time to time make changes to this Privacy Notice. Where these are likely to be material, we will communicate these in advance. Otherwise, these will become effective once the amended Privacy Notice is posted on our website. Please check back regularly to keep informed of updates to this Privacy Notice.