Privacy Notice

Effective Date:           1 January 2021

This Privacy Notice explains how Eagle Investments Limited and Eagle Property Investments Limited (“Eagle”, “us”, “we” and “our”) intend to collect, use and disclose your Personal Data, and your rights in relation to the Personal Data.

This Privacy Notice supersedes any previous notice or equivalent which may have been provided by Eagle or issued prior to the effective date stated above.

All capitalised terms shall have the meaning given to them under the DIFC Data Protection Law 2020 (DDPL’20), as amended from time to time, unless defined otherwise in this Privacy Notice.


Purpose of Data Collection

In order to provide our services, we may need to process Personal Data, which may relate to you or be in combination with Personal Data relating to other people. This Privacy Notice shall explain how we will use such Personal Data.

As part of our business activities, Eagle may transfer Personal Data to other people or entities. This notice only deals with Eagle’s use of Personal Data.

Eagle reserves the right to change, alter or modify this Privacy Notice from time to time, which shall be publicly made available at its website http://eagle-investments.com/.

In case you have any questions about this Privacy Notice, please contact us for clarification.


Personal Data Classification

Personal data of data subjects is an important part of Eagle’s business and we therefore ensure controls are in place in order to manage such data.

Where Eagle is a data Controller it shall make all the decisions pertaining to the collection, processing and storage of data.

Where Eagle is a data Processor it shall only process data on behalf of instructing client, i.e. Controller.


Personal Data Collection

We may collect your Personal Data in a number of ways, for example:
-          From the information you provide to us when you meet us;
-          From information about you provided to us by your company or an intermediary;
-          When you communicate with us by telephone, fax, email or other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
-          When you complete (or we complete on your behalf) client on-boarding or application or other forms;
-          From your agents, advisers, intermediaries, and custodians of your assets;
-          From publicly available sources or from third parties, most commonly where we need to conduct background checks about you.


Categories of Personal Data:

We may collect the following categories of Personal Data:
-          Your name and contact information such as your home or business address, email address and telephone number;
-          Biographical information which may confirm your identity including your date of birth, tax identification number and your passport number or national identity card details, country of domicile and/or your nationality;
-          Information relating to your financial situation such as income, expenditure, assets and liabilities, sources of wealth, as well as your bank account details;
-          Information about your knowledge and experience in the investment field;
-          An understanding of your goals and objectives in procuring our services;
-          Information about your employment, education, family or personal circumstances, and interests, where relevant; and
-          Information to assess whether you may represent a politically exposed person or money laundering risk.


Basis for use of Personal Data:

Eagle undertakes that all collection and processing of Personal Data shall at all times be in compliance with the DDPL’20 and for a prescribed legitimate purpose.

The following sheds light on how Eagle shall process or collect data and its underlining legitimate purpose:

(i) Performance of a contract with you

We process your Personal Data because it is necessary for the performance of a contract to which you are a party and in order to take steps at your request prior to entering into a contract.

In this respect, we use your Personal Data for the following:
-          To prepare a fee proposal for you in reference to the services we would be offering to you;
-          To provide you with the services as set out in our terms of engagement with you or as otherwise agreed with you from time to time;
-          To deal with any complaints or feedback you may have in reference to our services;
-          For any other purpose for which you provide us with your Personal Data.

In this respect, we may share your Personal Data with or transfer it to the following:
-          Your agents, advisers, intermediaries, and custodians of your assets who you inform us about;
-          Third parties whom we have engaged to assist in delivering our services to you;
-          Our professional advisers where it is necessary for us to obtain professional advice or assistance, including lawyers, accountants, IT or public relations advisers;
-          Other third parties such as intermediaries who we choses to introduce to you. Where possible, we shall endeavour to tell you who they are before we make the introduction; and
-          Our data storage providers.

(ii) Legitimate Interests

We also process your Personal Data because it is necessary for our legitimate interests, or sometimes where it is necessary for the legitimate interests of another person.

In this respect, we use your Personal Data for the following:
-          For training of our staff and/or monitoring of their performance;
-          For administration and management of our business, including recovering monies owed to us by you, and archiving or statistical analysis; and
-          Seeking advice on our rights and obligations, such as where we require our own legal advice.

In this respect, we may share your Personal Data with or transfer it to the following:
-          Our advisors or agents where it is necessary for us to obtain their advice or assistance.

(iii) Legal Obligations

We also process your Personal Data for our compliance with any legal obligations.

In this respect, we use your Personal Data for the following:
-          To meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws, conduct of business, market and tax transparency requirements;
-          As required by the competent authorities including the financial services regulator, market authorities, financial intelligence units, tax authorities, relevant courts or law enforcement authorities.

In this respect, we may share your Personal Data with or transfer it to the following:
-          Our advisors or agents where it is necessary for us to obtain their advice or assistance;
-          Our auditors where it is necessary for their auditing purposes;
-          With third parties who are assisting us in conducting background checks; and
-          With relevant regulators or law enforcement agencies where we have legal obligation to do so.


Disclosure or Transfer of Data:

Eagle may need to disclose or transfer data to the third parties, albeit where data is transferred outside of the DIFC, it shall be done so in accordance with Articles 26 & 27 of the DDPL’20.

Eagle does not sell personal information to any third parties, nor will Eagle transfer Personal Data to any third parties for their own direct marketing use.

For any details on who your Personal Data might be transferred to please feel free to contact us.


Personal Data Retention and Security:

Your Personal Data is stored securely on our servers irrespective of the location. Eagle only uses servers which are located in the DIFC or in a jurisdiction with adequate levels of data protection and in accordance with DDPL’20.

Eagle ensures that all Personal Data is handled correctly and appropriately according to the nature of the information, the risk associated with mishandling the data, including the damage that could be caused to an individual as a result of loss, corruption and/or accidental disclosure of any such data, and in accordance with any applicable legal requirements including DDPL’20.

We keep Personal Data for as long as we have a lawful reason to do so. Once the purpose of Data Processing is completed or has ceased to exist, Eagle undertakes to have such Personal Data put to beyond use in accordance with DDPL’20. In particular, where we have collected your Personal Data as required by anti-money laundering legislation, including for identification, screening and reporting, we will retain such Personal Data for six (6) years after termination of our relationship with you, unless we are obliged to retain the information for a longer period under another law or for the purposes of legal proceedings.

In case of any uncertainty with regards to the Processing of data or the retention of Personal Data, Eagle’s information systems, technology and infrastructure shall be intended to facilitate Eagle’s business and the primary usage of these will be limited to business’ legitimate and/or lawful purposes. All information in whatever form created by using Eagle’s equipment and infrastructure is owned by Eagle and we therefore reserve the right to monitor, access, retrieve and read all information and contents, and to disclose the same to law enforcement officials or other third parties in accordance with DDPL’20.

Employees of Eagle shall consider the sensitivity level of the information which they handle and apply the appropriate protection level based on the classification of the information in accordance with DDPL’20.

Employees of Eagle shall not transmit Personal Data or proprietary information without the authorization of the CEO or COO and shall only do so in a manner compatible with DDPL’20 and its Regulations (DDPR’20).

Use of staff personal emails, social media account from Eagle’s computers entitle Eagle to access staff personal email and social media account if required to do so in accordance with DDPL’20 and DDPR’20.

The transmission of information via the internet is not completely secure. While we will do our best to protect your Personal Data, we cannot guarantee the security of the data transmission to us from you and any transmission to us is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent Personal Data Breach.

If you are based outside the UAE and would like further information about where we hold your data, please contact us.


Data Protection rights of Data Subjects

Under the DDPL’20, Data Subjects are entitled to the following rights:

-          Right to be informed – the right to be informed about what Personal Data the Controller collects and stores about a Data Subject and how it’s used
-          Right of access – the right to ask us for copies of personal information regarding the Data Subjects.
-          Right to rectification – the right to ask us to rectify personal information that is thought to be inaccurate, and the right to ask us to complete information that may be considered incomplete.
-          Right to erasure – the right to ask us to erase personal information in certain circumstances.
-          Right to restriction of processing – the right to ask us to restrict the Processing of certain personal information in certain circumstances.
-          Right to object to processing – the right to object to the Processing of certain personal information in certain circumstances.
-          Right to object to direct marketing: the right to object to Processing where it is carried out for direct marketing purposes, including Profiling in connection with that purpose.
-          Right to data portability – the right to ask for a transfer of the personal information given to us by a Data Subject to another organisation, or to such Data Subject itself, in certain circumstances.

DDPL’20 confers no charge or fee for exercising the above rights. A request received by Eagle shall be responded to within the statutory time limit of one month, unless the request is complex and addressing such request shall require additional time. Eagle reserves the statutory right to extend the timeline or levy of charges in such circumstances, provided the Data Subject making such request is informed with reasons for the extension or levy of charges.

Please contact us through any of the following contact details if you wish to make such a request.

Eagle Investments Limited
Emirates Financial Towers, DIFC
P.O. Box 506725, Dubai UAE
Office S2205, Level 22, South Tower
info@eagle-investments.com
Tel:     +971 4 312 9000
Fax:   +971 4 386 2848

 
Cessation of Processing

You have the right to notify us at any time if you do not want your data to be Processed for a particular purpose or at all.

If the data in question is held by us in our capacity as Processors, we shall notify the Controller of your request to cease Processing.

If the data in question is held by us in our capacity as Controller, we shall cease any further operations and delete such data unless exceptions under DDPL’20 apply to either Processing or retention of such data.


Complaints

If you have any concerns or queries about our use of your Personal Data please contact us through any of the following contact details:

Eagle Investments Limited
Emirates Financial Towers, DIFC
P.O. Box 506725, Dubai UAE
Office S2205, Level 22, South Tower
info@eagle-investments.com
Tel:     +971 4 312 9000
Fax:   +971 4 386 2848
 
If you are not satisfied with how we are handling or processing your Personal Data, you can make a complaint to the DIFC Data Protection Commissioner at commissioner@dp.difc.ae.

 
Changes to this Policy

Our Policy may be reviewed and enhanced from time to time. The up-to-date version of our Privacy Policy is always available online.

Last updated:              1  January 2021