Privacy Policy

1. Data Controller and Contact Information

Incorporate UAE acts as the data controller for personal information collected through our website and in connection with our business consultancy services. As the data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring that such processing complies with applicable data protection laws.

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your data protection rights, please contact our Data Protection Officer using the contact information provided at the end of this policy. We are committed to addressing your inquiries promptly and thoroughly.

2. Information We Collect

We collect various types of information to provide and improve our services. The information we collect depends on how you interact with us and what services you request.

2.1 Personal Information You Provide

When you engage with our services, submit inquiries, or create an account, you may provide us with the following personal information:

• Identity Information: Full legal name, title, date of birth, nationality, passport number and details, Emirates ID number, photographs, and signatures as required for official documentation.
• Contact Information: Email address, phone number (mobile and landline), physical address, and preferred communication methods.
• Professional Information: Current and previous employment details, educational qualifications, professional certifications, and business ownership history.
• Financial Information: Bank account details, credit card information for payments, source of funds documentation, and financial statements as required for bank account opening or visa applications.
• Company Information: Business names, trade license details, shareholder information, company structures, memoranda of association, and corporate documentation.
• Identity Verification Documents: Copies of passports, Emirates IDs, utility bills, bank statements, and other documents required for Know Your Customer (KYC) compliance.
• Communication Records: Records of your correspondence with us, including emails, chat transcripts, phone call notes, and feedback submissions.

2.2 Information Collected Automatically

When you access our website, we automatically collect certain technical information:

• Device Information: IP address, browser type and version, operating system, device type, screen resolution, and unique device identifiers.
• Usage Information: Pages visited, time spent on pages, click patterns, navigation paths, referring URLs, and exit pages.
• Location Information: General geographic location derived from your IP address, and precise location if you enable location services.
• Cookie and Tracking Data: Information collected through cookies, pixels, web beacons, and similar tracking technologies as described in our Cookie Policy section.

2.3 Information from Third Parties

We may receive information about you from third-party sources, including government authorities providing application status updates, banking institutions regarding account applications, business verification services, and professional references you have provided. We may also receive information from marketing partners and analytics providers to improve our services and understanding of our audience.

3. How We Use Your Information

We use the information we collect for various purposes, all of which are designed to serve your interests and provide you with excellent service:

• Service Delivery: To process your applications, submit documentation to relevant authorities, coordinate with government departments and free zone authorities, and provide the business consultancy services you have requested.
• Account Management: To create and manage your client account, maintain records of your engagements, track project progress, and provide access to our client portal.
• Communication: To respond to your inquiries, provide updates on your applications, send important notices about our services, and deliver requested information.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes, including anti-money laundering (AML) requirements, Know Your Customer (KYC) obligations, and regulatory reporting.
• Service Improvement: To analyze usage patterns, gather feedback, improve our website functionality, develop new services, and enhance the overall client experience.
• Security and Fraud Prevention: To protect our systems, detect and prevent fraudulent activities, verify identity, and maintain the security of your information and our platform.
• Marketing Communications: With your consent, to send you newsletters, promotional materials, and information about our services, events, and industry updates that may be of interest to you.
• AI and Automation: To power our AI-assisted tools, including the Jurisdiction Wizard and chatbot, to provide personalized recommendations and improve the efficiency of our services.

4. Legal Basis for Processing

We process your personal data only when we have a valid legal basis to do so. The legal bases we rely upon include:

4.1 Contractual Necessity

Processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract. This includes processing required to provide our business consultancy services, submit applications on your behalf, and manage your client relationship.

4.2 Legal Obligations

Processing is necessary for compliance with legal obligations to which we are subject. This includes:

• Anti-money laundering and counter-terrorism financing requirements under UAE law.
• Regulatory reporting obligations to government authorities and free zone administrations.
• Record-keeping requirements under commercial and corporate laws.

4.3 Legitimate Interests

Processing is necessary for our legitimate interests or those of a third party, provided that such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include improving our services, protecting our business from fraud, marketing our services to existing clients, and ensuring network and information security.

5. Information Sharing and Disclosure

We understand the importance of keeping your information confidential. We share your personal data only in the following circumstances:

• Government Authorities: We share information with relevant government departments, ministries, free zone authorities, immigration departments, and regulatory bodies as necessary to process your applications and provide our services. This includes the Ministry of Economy, Department of Economic Development, immigration authorities, and free zone administrations.
• Banking Institutions: We share information with banks and financial institutions in connection with corporate bank account opening services, as required by their due diligence and KYC processes.
• Service Providers: We engage trusted third-party service providers who assist us in operating our business, including IT infrastructure providers, cloud hosting services, payment processors, document management systems, and communication platforms. These providers are contractually bound to protect your information and use it only for the purposes we specify.
• Professional Advisors: We may share information with our legal counsel, auditors, and other professional advisors who are bound by confidentiality obligations.
• Legal Requirements: We may disclose your information when required by law, court order, subpoena, or other legal process, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Any sharing of your data is done with appropriate safeguards and in accordance with applicable data protection laws.

6. International Data Transfers

As a business operating in the UAE with international clients and partners, your information may be transferred to, stored, and processed in countries outside of your country of residence. These countries may have data protection laws that are different from the laws of your country.

When we transfer your personal data internationally, we implement appropriate safeguards to ensure your information remains protected:

• We transfer data only to countries that provide an adequate level of data protection as recognized by relevant authorities.
• We use standard contractual clauses approved by data protection authorities for transfers to countries without adequacy decisions.
• We implement supplementary measures such as encryption and access controls to enhance protection.
• We ensure that our service providers and partners maintain equivalent levels of protection for your data.

7. Data Security

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

7.1 Technical Measures

Our security infrastructure includes: industry-standard SSL/TLS encryption for all data transmissions; encrypted storage for sensitive documents and personal data; secure, access-controlled server environments with regular security updates; firewalls, intrusion detection systems, and continuous monitoring; regular security assessments and penetration testing; and automated backup systems with secure off-site storage.

7.2 Organizational Measures

We maintain strict internal policies and procedures, including: role-based access controls limiting data access to authorized personnel only; comprehensive staff training on data protection and security; confidentiality agreements with all employees and contractors; incident response procedures for potential data breaches; and regular audits of data processing activities and security practices.

7.3 Your Role in Security

While we take extensive measures to protect your information, security is a shared responsibility. We encourage you to: use strong, unique passwords for your client portal account; keep your login credentials confidential; notify us immediately if you suspect unauthorized access to your account; and ensure documents sent to us are transmitted through secure channels.

8. Your Data Protection Rights

Under applicable data protection laws, you have certain rights regarding your personal information. We are committed to respecting and facilitating the exercise of these rights:

• Right of Access: You have the right to request a copy of the personal information we hold about you and to receive information about how we process it.
• Right to Rectification: You have the right to request correction of any inaccurate or incomplete personal information we hold about you.
• Right to Erasure: In certain circumstances, you have the right to request deletion of your personal information where there is no compelling reason for its continued processing.
• Right to Restrict Processing: You have the right to request that we limit the processing of your personal information in certain circumstances.
• Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, machine-readable format and to transmit it to another controller.
• Right to Object: You have the right to object to processing of your personal information based on legitimate interests, and to object to direct marketing at any time.

To exercise any of these rights, please contact our Data Protection Officer using the contact information provided below. We will respond to your request within 30 days. Please note that certain rights may be limited where we have a legal obligation to retain data or where exemptions apply.

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, regulatory, accounting, or reporting requirements. The retention period varies depending on the nature of the information and the purposes for which it was collected.

For client engagement records, we typically retain information for a minimum of seven years following the completion of services, as required by commercial law and regulatory requirements. Documents submitted for government applications are retained in accordance with the requirements of the relevant authorities. When retention periods expire, we securely delete or anonymize your personal information unless longer retention is required by law or for legitimate business purposes.

10. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand how visitors interact with our site. Cookies are small text files stored on your device when you visit our website.

We use essential cookies required for website functionality, performance cookies to analyze how you use our website, functional cookies to remember your preferences, and marketing cookies to deliver relevant advertisements. You can control cookie settings through your browser preferences. However, disabling certain cookies may limit your ability to use some features of our website. For detailed information about the cookies we use, please refer to our Cookie Banner which appears when you first visit our website.

11. Third-Party Links and Services

Our website may contain links to third-party websites, services, and applications that are not operated by us. We provide these links for your convenience and information, but we have no control over and are not responsible for the privacy practices or content of these third-party sites.

• Government Portals: Links to UAE government portals, free zone authority websites, and regulatory body websites.
• Banking Partners: Links to banking institution websites for account opening and financial services.
• Payment Processors: Integration with secure payment gateways for processing transactions.
• Social Media: Links to our social media profiles and sharing features.

12. Children's Privacy

Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. Our business consultancy services are designed for adult entrepreneurs, investors, and business professionals.

If we become aware that we have inadvertently collected personal information from a child under 18, we will take immediate steps to delete such information from our systems. If you believe we may have collected information from a child, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on our website with a new "Last Updated" date. For significant changes that materially affect your rights or our use of your personal data, we will provide prominent notice, which may include email notification to active clients. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of the United Arab Emirates. Any disputes arising from or relating to this Privacy Policy or our data practices shall be subject to the exclusive jurisdiction of the courts of Dubai, UAE, unless otherwise required by applicable data protection laws.

We are committed to cooperating with data protection authorities and will participate in dispute resolution mechanisms as required by law. If you have concerns about our data practices that we have not adequately addressed, you may have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.