Logo
Close
Careers
Locations
Contact Us
Login
Logo
  • Practices
  • Products
  • Client Stories
  • Insights
  • About Us
Audit & Assurance
Business Advisory
DIFC & ADGM Services
Tax Advisory
Transaction Advisory
Risk Advisory
Technology

Privacy Policy

Data Protection and Privacy Policy

1 ABOUT THIS POLICY

Data Protection and Privacy is KPI’s highest priority. We adhere to strict policies related to Data Privacy, Intellectual Property, Data Classification, Publication and Sharing, Data Use and Re-use and Technical Standards. This Data Protection & Privacy Policy explains how KPI handles the personal information and data of our contacts including clients, suppliers and associates.

Our contacts provide us with various information in the course of business. Such data maybe collected in form of documents, emails, via meetings or other communication mediums and stored appropriately within KPI’s data storage structure.

Our Data Protection & Privacy Policy helps us ensure that Personal Information is handled properly, and it also governs the Personal Information collected by KPI for its own purposes as well as information provided to us as a data processor for our clients. It protects information collected online as well as offline.

2 HOW DO WE COLLECT PERSONAL DATA?

2.1 Directly

We obtain personal data directly from individuals in a multiple way, including acquiring personal data from individuals who provide us their business cards, complete our online forms, subscribe to our newsletters and preference centre, register for seminars, attend meetings or events we host, or visit our offices. We may also obtain personal data directly when, we are establishing a business relationship, performing professional services through a contract.

2.2 Indirectly

We acquire personal data indirectly about individuals from a variety of sources. We may attach personal data to our customer relationship management records to better understand and serve our business clients, individuals and subscribers, fulfill a legal obligation, or pursue our legitimate interests.

2.3 Public Resources

Public sources -- Personal data may be obtained from public registers, news articles, sanctions list, and internet searches.

2.4 Social and professional networking sites

If you register with or access our websites using social media (e.g. LinkedIn, Facebook or Twitter) to connect your social media login information with us, we will collect information or content needed for the registration or login that you permitted your social media provider to share with us. That information may include your name and email address and depending on your privacy settings, additional details about you, so please review the privacy controls on the applicable service to set how much information you want shared with us.

2.5 Business Clients

Our business clients may engage with us to perform various professional services (such as Audit, Incorporation Services, NetSuite Implementation and Other Services) which involves sharing personal data they control as part of that engagement. Our Audit and NetSuite services may also include processing personal data under our clients’ control on our hosted software applications, which may be governed by different privacy terms and policies.

3 WHAT INFORMATION DO WE COLLECT?

We may acquire the mentioned categories of personal data about individuals through direct interactions with us, or from information provided through client engagements, and through other situations mentioned in the document.

Below is a list of data we commonly collect to conduct our business activities:

  • 1.Personal Identification Information (e.g. Name, Company Name, Job Title, Mobile and Work Telephone Numbers, Work and Personal Email and Postal Address)
  • 2.Professional Details (e.g. job and career history, educational background and professional memberships).
  • 3.Financial Information (e.g. taxes, payroll, investment interests, pensions, assets, bank details).
  • 4. CCTV at our sites may collect images of visitors. Our policy is to automatically overwrite CCTV footage within 30 days.
  • 5.Sensitive Personal Data We typically do not collect sensitive or special categories of personal data about individuals. When we do need to process sensitive personal data, it is with the consent of the individual unless it is obtained indirectly for legitimate purposes.

4 HOW DO WE USE THE INFORMATION WE COLLECT?

KPI may access and use the data we collect as necessary,

  • 1. to deliver the professional services our clients have engaged us to provide and to fulfill our contractual obligations;
  • 2. to send marketing communication materials, invitations to attend our events/seminars, product/services updates to existing and prospective business clients;
  • 3. to process online requests, including responding to communications from individuals or requests for proposals and quotations; and
  • 4. to comply with legal and regulatory obligations relating to countering money laundering, terrorist financing, fraud and other forms of financial crime.

5 DO WE SHARE PERSONAL DATA WITH THIRD PARTIES?

We may occasionally share personal data with trusted third parties to help us deliver efficient and quality services. These recipients are contractually bound to safeguard the data we entrust to them. We may engage with several or all the following categories of recipients:

  • 1. Parties that support us as we provide our services (e.g., providers of telecommunication systems, IT system support, external compliance team, archiving services, free zone authorities and cloud-based software services (Oracle NetSuite)).
  • 2. Our professional advisers, including lawyers, auditors and / or insurers.
  • 3. A potential buyer, transferee, merger partner or seller and their advisers in connection with an actual or potential transfer or merger/acquisition of part or all our business or assets, or any associated rights or interests.
  • 4. Payment services providers.
  • 5. Marketing services providers.

6 HOW DO WE PROTECT THE INFORMATION WE COLLECT?

We have implemented appropriate technical and organizational security policies and procedures to protect personal data from loss, misuse, or unauthorized alteration or destruction. We aim to ensure that the personal data is accessible only to those who need to access it. However, please note that transmission of data via the internet is not completely secure. Whilst we do our best to try to protect the security of your personal data, we cannot ensure or guarantee that the security of your data transmitted to us via the internet; any transmission is at your own risk.

7 HOW LONG DO WE RETAIN THE INFORMATION WE COLLECT?

We maintain personal data that is required to provide our services, stay in contact with you and to comply with applicable laws, regulations and professional obligations that we are subject to. We maintain personal data for as long as we have a legitimate business purpose to do so and where a specific legal, regulatory or contractual requirement applies. We will dispose of personal data in a secure manner when we no longer need it.

8 WHAT ARE YOUR DATA PROTECTION RIGHTS?

Your data protection rights are as mentioned below.

  • 1. To be provided with information about how your personal data is processed;
  • 2. To have your personal data corrected if you believe they contain incorrect or incomplete information about you;
  • 3. To have your personal data erased in certain circumstances;
  • 4. You can ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise, or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction. to have your personal data transferred to yourself or to another business in certain circumstances.
  • 5. You can object to our use of your personal data for direct marketing purposes, including profiling. We may need to keep some minimal information to comply with your request to cease marketing to you.
  • 6. You can withdraw your consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent. It may mean we are not able to provide certain products or services to you and we will advise you if this is the case.

To submit a data request please email us at [email protected].

9 DO WE CHANGE THE PRIVACY POLICY?

We reserve the right to amend this Data Privacy Policy from time to time without prior notice. If we determine the changes are material, we will send by email an updated Data Privacy Policy highlighting the changes made.

10 WHO CAN YOU CONTACT FOR PRIVACY RELATED QUESTIONS OR CONCERNS?

If you have any comments or questions about our Data Privacy Policy or on how we handle the personal data, please direct your correspondence to [email protected].

Logo

With over 30 years of hard work and commitment to making a real difference, KPI has grown to serve customers from a variety of business sectors and industries across Middle East.

Quick Links

Office 310, Dubai Supreme Court Complex, Umm Hurair 2, PO Box 121395, Dubai, UAE

+971 4 455 10 10

[email protected]

Copyright 2024 KPI.co. All Rights Reserved. Disclaimer & Privacy Policy