1. Who this policy is from
This Privacy Policy is issued by Fundtec, a corporate services and consulting firm operating in the United Arab Emirates with its office at DSO-IFZA, IFZA Properties, Dubai Silicon Oasis, Dubai, UAE. References to "Fundtec," "we," "our," or "us" in this policy refer to that entity.
This policy explains what personal data Fundtec collects from visitors to this website and from clients during engagements, how Fundtec uses that data, the lawful bases for processing, how long the data is retained, and the rights available to data subjects under applicable UAE data protection law.
Fundtec processes personal data in accordance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (the "PDPL") and any supplementary regulations issued under it. Where Fundtec processes data of individuals located outside the UAE, applicable foreign data protection law may also apply.
2. Personal data Fundtec collects
Fundtec collects personal data in the following situations:
2.1 Visitors to this website
When a visitor uses fundtec.ae, the website automatically logs certain technical information for security, performance monitoring, and aggregate analytics. This includes IP address, browser type and version, device type, operating system, the pages visited, the date and time of the visit, and the referring URL.
If the visitor submits a contact form or sends an email to a published Fundtec address, Fundtec collects the personal data the visitor provides; typically name, email address, telephone number, the company or fund they represent, and the content of the message.
3.2 Cookies and similar technologies
This website uses a small number of cookies and similar technologies for essential functionality and aggregate analytics. Essential cookies are required for the site to function correctly. Analytics cookies, where deployed, collect aggregate usage information that does not identify individual visitors. Where required by applicable law, cookies that are not strictly necessary will be set only after the visitor's consent.
Browsers can be configured to refuse cookies or to alert the visitor when cookies are being set. Refusing cookies may affect parts of the website's functionality.
2.3 Clients and prospective clients
During discovery calls and client engagements, Fundtec collects personal and corporate information necessary to scope, deliver, and document the work. This typically includes contact details for principals and authorised representatives, identification documents required for anti-money-laundering (AML) and counter-financing-of-terrorism (CFT) compliance, beneficial ownership information for corporate clients, financial information relevant to the engagement, and engagement records and correspondence.
3. Lawful bases and purposes for processing
Fundtec processes personal data on the following lawful bases:
- Contract performance: to provide the consulting and corporate services that a client has engaged the firm to deliver.
- Legal obligation: to comply with UAE laws and regulations applicable to Fundtec, including AML/CFT obligations under Federal Decree-Law No. 20 of 2018 and applicable UAE corporate, tax, and free zone regulations.
- Legitimate interests: to operate, secure, and improve the website; to respond to enquiries; to manage the firm's commercial relationships; and to protect Fundtec and its clients from fraud and misuse.
- Consent: where Fundtec relies on consent for any specific use of personal data, the data subject can withdraw that consent at any time.
4. Sharing of personal data
Fundtec does not sell personal data. Fundtec shares personal data only where necessary to deliver the engaged services or to comply with legal obligations. Categories of recipients include:
- UAE government authorities, free zone authorities, and regulators where engagement deliverables require submission to them, or where Fundtec is required to disclose information by law.
- Counterparties identified within the engagement, such as fund administrators, auditors, banks, lawyers, and other service providers, where the client authorises Fundtec to act with them on the client's behalf.
- Trusted technology service providers used by Fundtec to host the website, manage email, secure file transfer, and support engagement operations. These providers are bound by contract to process personal data only on Fundtec's instructions and to maintain appropriate safeguards.
5. International transfers
Some of the technology service providers Fundtec uses are located outside the UAE. Where personal data is transferred outside the UAE, Fundtec takes reasonable steps to ensure that the recipient applies an equivalent standard of data protection, in line with the requirements of the PDPL and any supplementary regulations.
6. Retention
Fundtec retains personal data for as long as needed to deliver the engaged services, to comply with the firm's legal and regulatory record-keeping obligations, and to address any subsequent disputes or queries. AML/CFT records are retained for the period required under UAE law, which is typically a minimum of five years from the end of the client relationship or the date of the relevant transaction, whichever is later. Other records are retained for the period appropriate to their nature and purpose.
When personal data is no longer needed, it is securely deleted or anonymised.
7. Security
Fundtec applies reasonable technical and organisational measures designed to protect personal data from unauthorised access, disclosure, alteration, and destruction. These measures include access controls, encryption of data in transit, secure file-sharing channels for client documentation, and staff training on data protection and confidentiality. No system is wholly secure; Fundtec cannot and does not guarantee absolute security of any data transmission or storage.
8. Rights of data subjects
Subject to the conditions and exceptions set out in applicable law, individuals whose personal data Fundtec processes may have the following rights:
- The right to be informed about how their personal data is processed.
- The right to access their personal data and to receive a copy of it.
- The right to request correction of inaccurate or incomplete personal data.
- The right to request deletion of personal data, where the data is no longer required for the purposes for which it was collected and there is no overriding legal basis to retain it.
- The right to object to certain types of processing or to withdraw consent where processing is based on consent.
- The right to lodge a complaint with the relevant UAE data protection authority.
Requests in respect of these rights can be sent to contact@fundtec.ae. Fundtec will acknowledge requests promptly and respond within the period required under applicable law. Fundtec may request additional information to verify the identity of the requester before fulfilling the request.
9. Third-party links
This website may contain links to third-party websites. Fundtec is not responsible for the privacy practices of those websites. Visitors should review the privacy policies of any third-party site they visit through a link from fundtec.ae.
10. Changes to this policy
Fundtec may update this Privacy Policy from time to time to reflect changes in law, the firm's practices, or the services it offers. The "last updated" date at the top of this policy reflects when the most recent update was made. Material changes will be highlighted on the website where appropriate.
11. Contact
Questions about this Privacy Policy or about how Fundtec handles personal data can be sent to:
Fundtec
DSO-IFZA, IFZA Properties
Dubai Silicon Oasis, Dubai
United Arab Emirates
Email: contact@fundtec.ae
Telephone: +971 58 960 7025