This privacy and cookies policy (the “Policy”) sets out the basis on which any personal data Rasmala Investment Bank Limited (DIFC Commercial License No. CL0108 of Level 1, Gate Village Building, Dubai International Financial center, Dubai, UAE; “Rasmala”, “we”, “us”, “our”) collects from you, that you provide to us, or will be processed by us.
We are committed to safeguarding the privacy of the personal information that we process in the course of our business, including the personal information we receive from you (“you” or “your”). This Privacy Notice describes how and why we collect, store, and use personal information, and provides information about the rights of the individuals to whom such personal information relates.
This notice covers the Dubai International Financial Centre- Data Protection Law DIFC Law No. 5 of 2020 (“DPL”). For of the purpose of the DPL, Rasmala Investment Bank Limited is the data controller.
From time to time, we may update this Notice, and any new version will be posted on our website. We recommend you regularly review it to ensure that you are always aware of our privacy practices.
1. What personal information do we collect?
We may collect personal information from you in the course of our business, when you contact us or request information from us, when you instruct us to provide any services, when you use our website, or as a result of your relationship with any of our personnel or clients. depending on the jurisdiction you are in; we collect the following types (but not limited to) of personal data about you:
- Name, address (current and/or previous) and other contact information (telephone, e-mail address), gender, date of birth, gender, citizenship, occupation, and marital status.
- Identification information to enable us to check and verify your identity for KYC purposes such as passport details, national identity card, source of wealth, the rationale for use of corporate structure, relationships with public officials, criminal records. Financial information such as employment, income, pension, investments, assets, liabilities, outgoings, creditworthiness, bank account details, specimen signature, investment objectives, knowledge of financial products, services, risk appetite, capacity for loss, tax status, domicile etc.
2. How we collect personal information?
The personal information could be collected in the following ways:
Information that users provide by filling in forms on our website, such as when submitting a “Contact us” message (such as name, email, address, salutation, phone number etc.); when you subscribe to an email newsletter, press release or other periodicals through our website; when posting content on social media sites, information users provide in your social media; they respond to a survey or marketing communication, such as their opinions about our services and information about themselves (such as services used, age range, how they know us, their opinion of our services); information captured in our weblogs such as device information (e.g., device brand and model, screen dimensions), unique identification number (e.g., IP address and device ID), browser information (e.g., URL, browser type, pages visited, date/time access); information captured by our cookies (see ‘Cookies, Tags and Similar Technologies section below)
3. How we use website and social media users’ information?
We use the personal information we collect from our website users and individuals accessing Franklin Templeton web pages on social media sites for:
- personalizing their experience of our website.
- monitoring social media content to manage relations with our customers and promote our business and brand.
- if there is an interaction on a social media site with a third-party social media user that we consider that we should react on, passing a link to the content and third party’s profile to the department of interest.
- providing products and services that website users have requested.
- administering the website, investigating any complaints, and providing customer service.
- providing website users and individuals accessing our web pages on social media sites with information and offers on products or services that may be of interest to them (see the section above on Marketing Communications); and
- performing statistical and trend analysis to improve the user experience and performance of Our Website.
Please see below as regards the information we collect through cookies and other tracking technologies.
We justify our processing on the following legal bases:
- if we receive your consent to receiving our marketing communications, where applicable. If an individual wishes to withdraw their consent they will have an option to unsubscribe by writing to us.
- compliance with the law or regulatory requirements; and
- pursuing our legitimate interests. A legitimate interest will apply only where we consider that it is not overridden by a website or social media user’s interests or rights which require protection of their personal information.
We have determined that our legitimate interests include the following:
- Promoting our products, services and Funds through our Website and other communications.
- Monitoring, investigating, and reporting any attempts to breach the security of our Websites.
- Improving the performance and user experience of our Website.
- Performing our obligations under our contracts with our users.
- Managing our business and brand by monitoring our public profile and responding promptly to complaints.
- Improving the security, performance, and user experience of our Website.
- Targeting personalised marketing to website and social media users for the legitimate purposes of promoting our business and our brand.
If a website user or individual accessing our web pages on social media sites requires further information regarding our legitimate interests as applied to their personal information, they may contact the Data Protection Officer at email@example.com.
Survey Information: Occasionally we may ask users to participate in a brief survey to help us make smart choices as we look for ways to improve Our website. Information users provide in response to such surveys will not be identified with them unless they consent.
4. What are the purposes and legal basis for which we use your personal data?
We are not allowed to process personal data if we do not have a valid legal ground. Whether we receive your personal data directly from you or from this party, we will only use your personal information if we obtained your consent or if we have another lawful basis upon which to do so. Accordingly, we, our associated firms and/or other persons acting on our or their behalf will only process and use your personal data:
The purposes for which we process your personal information are as follows:
- Providing our products and services to you.
- Communicating with you in respect of legal developments and the promotion of our business activities.
- Managing our business relationship with you (or your organisation), whether in connection with the provision of our investment management services, the procurement of your goods and services, or as your employer (or potential or former employer), including processing payments, accounting, auditing, billing and collection and related support services.
- Complying with our legal obligations, including legal and regulatory considerations (e.g., anti-money laundering and sanctions checks, audits, enquiries by regulatory authorities).
- Managing and securing access to our premises and information technology systems and monitoring the technology side of our operations.
- Keeping your contact details accurate and current using information provided by you, or information publicly available.
- For any purpose related and/or ancillary to any of the above or any other purposes for which your personal data was provided to us
5. What rights do you have?
To the extent provided by applicable law and subject to exemptions thereunder, you have the following rights:
- Withdraw any consent you have given regarding the processing of your personal data
- Request access to your personal data: You will receive a copy of the personal data we hold about you.
- Request rectification of the personal data that we hold about you: You will have incomplete/ inaccurate data that we hold corrected.
- Request erasure of your personal data: This enables you to ask us to delete your personal data where there is not a good reason for us continuing to process it.
- Object to processing of your personal data at any time on reasonable grounds relating to your situation. The right to object only applies where our lawful basis for processing your data is that it is necessary in the public interest or for our (or another party’s) legitimate interests.
- Request not to be subject to automated decision making you can ask us not to make a decision about you that affects your legal position (or has some other significant effect on you) based purely on automated processing of your data. (We do not as a rule make decisions of this nature-based only on automated processing and without any human assessment whatsoever.)
- Request the restriction or blocking of processing of your personal data. You have the right to block or limit the processing or use of your personal data in certain circumstances.
- Non-discrimination where you exercise any of your rights under the data protection law and
- Right to portability of your personal data: You have the right to receive personal data that you have provided us in a structure, commonly used and machine-readable form.
- Complaint: You are also entitled to submit any compliant you many have to the data protection regulator, the DIFC commissioner of Data Protection, via email to firstname.lastname@example.org or via regular mail sent to the DIFC office: Office of the Commissioner of Data Protection, The Gate, Level 14, DIFC, PO Box: 74777, Dubai, UAE, Tel: +971 (0) 4362 2223.
To exercise any of these rights, please write to your contact at Rasmala in the DIFC or alternatively write to:
The Data Protection Officer
Rasmala Investment Bank Limited
Level 1, The Gate Village Building 10,
Dubai International Financial Center,
Dubai, United Arab Emirates
PO Box: 31145
Tel: +971 (0) 4424 2700
6. Marketing Communications
For Individuals, business contacts, subscribers or potential clients covered by this Notice, we will keep you up to date with details of our products and services by email using the information that you have supplied. When required by regulation and/or law, we will obtain the proper consent to use your contact details, including your email addresses. In any case, you can change your preferences concerning marketing communications by contacting us.
Additionally, we will ensure that any third party assisting us in marketing our products and services, or with whom we have joint marketing agreements, are under contractual obligations to protect the confidentiality of your personal information and will use it only to provide services we have instructed them to perform.
7. Sharing your personal information:
We might share your data with a range of recipients including (but not limited to) the following: background screening providers, financial institutions, funds, payment recipients, payment and settlement infrastructure providers, exchanges, regulators, courts, public authorities (including tax authorities), professional advisors, auditors, insurers and potential purchasers of elements or our business. These recipients could be located outside the DIFC. We will transfer your data outside the DIFC however such transfers will only be made where permitted by the DIFC law. For examples, when using a service provider in a location that does not have laws recognized as providing an adequate level of protection for personal data, Rasmala requires them to apply the same level of protection to your data as would be necessary in the DIFC.
8. How do we protect your personal data we collect about you?
In general, Rasmala will retain your personal data as long as necessary for the purpose for which we obtained it. We will take into account the following:
- The termination date of the relevant contract or business relationship,
- Any retention period required by law, regulations, or internal policy,
- Any need to preserve records beyond the above periods to be able to deal with actual/potential audits, tax/legal matters.
Kindly note that in some cases it may not be technically feasible to rectify or delete some of your personal data in accordance following request or objection from you. These cases include where the data is retained in an automated back-up or compliance archive together with other data that has to be retained and from which it cannot be separated. However, your personal data would be erased as soon as practicable and, in the meantime, would be protected by appropriate security and confidentiality measure.
9. Cookies, tags, and similar technologies
A cookie is a small text file that includes a unique identifier that is sent by a web server to the browser on your computer, mobile phone or any other internet-enabled device when you visit an on-line site. Cookies and similar technologies are widely used to make websites work efficiently and to collect information about your online preferences.
For simplicity, we refer to all these technologies as “cookies”.
Some of our website pages may contain electronic images known as web beacons (also known as clear gifs, tags, or pixels) that allow us to count users who have visited our pages. Web beacons collect only limited information, e.g., a cookie number, time and date of a page view, and a description of the page on which the web beacon resides. We may also carry web beacons placed by third-party advertisers. These beacons do not carry any information that could directly identify you.