Skip to Content

Privacy Policy – DHAC UAE 

IntroductionScope & ApplicabilityWhat Personal data we may collectPurpose & Legal Basis for ProcessingCookies & tracking technologyDisclosure & SharingCross-border transfersData Security & RetentionData Subject RightsGoverning Law & juridiction

Introduction


DHAC UAE LTD (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you use our website (www.dhac.ae) or engage with our services.

In the UAE, the Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) governs how personal data must be handled. 

We aim to comply with these requirements and operate with transparency and accountability. 

Scope & Applicability

This policy applies to all individuals (“data subjects”) whose personal data we collect or process, whether they are located in the UAE or abroad, and to all processing activities carried out by DHAC UAE, whether online or offline.

The PDPL also applies to organizations outside the UAE that process the personal data of individuals in the UAE.

However, this policy does not apply to data processed by government authorities, health or banking/credit data regulated by separate laws, or entities in certain free zones (depending on jurisdiction) that are subject to separate privacy regimes.


What Personal data we may collect

We may collect, process, and maintain the following types of personal data from you:

  • Contact information: name, email address, phone number, postal address

  • Company / business information: company name, position, business email, business phone

  • Usage data: IP address, browser type, pages visited, date/time stamps, device information, cookies

  • Communications: messages you send to us, feedback, enquiries

  • Other data: anything you voluntarily provide (attachments, documents, etc.)

We only collect data that is adequate and relevant for the purposes described below, and not excessive. 

Purpose & Legal Basis for Processing

We will process your personal data for the following purposes and on the following legal bases:

PurposeLegal Basis / Justification
To provide and manage our services (accounting, advisory, etc.)Performance of contract
To communicate with you (respond to enquiries, support)Legitimate interest / consent
To send newsletters / updates (if consent given)Your explicit consent
To analyze website usage and improve our servicesLegitimate interest
To comply with legal or regulatory obligations (tax, compliance, audits)Legal obligation
To detect, prevent and respond to security incidentsLegitimate interest / legal obligation

When we rely on consent as a basis for processing, you have the right to withdraw that consent at any time (see section Your Rights).


Cookies & tracking technology

We use cookies and similar tracking technologies to:

  • enable the basic functioning of the website (essential cookies)

  • analyze usage and performance

  • deliver improved content or targeted communications (if consented)

We will present you with a cookie banner or control mechanism so that you can accept, reject or configure non-essential cookies.

You can also control or delete cookies via your browser settings, though doing so may affect your user experience.

Disclosure & Sharing

We may share your personal data with:

  • Third-party service providers (e.g. cloud hosting, email services, analytics, payment providers) — under contractual obligations to maintain confidentiality and data protection

  • Regulators, law enforcement, or courts, where required by applicable law or legal process

  • Affiliated entities or partners, only when necessary for service delivery or improvement

  • Prospective buyers or in context of corporate changes (merger, acquisition) — with proper safeguards and transparency

We do not sell your personal data.

Cross-border transfers

If your data is transferred outside the UAE, we ensure that:

  • The destination country offers adequate levels of data protection, or

  • We implement suitable safeguards (e.g. standard contractual clauses, binding agreements)

  • The transfer is necessary for performance of a contract, or you have given explicit consent, or it falls under an exception allowed by the PDPL.

Data Security & Retention

We implement technical and organizational measures to protect your data from unauthorized access, loss, alteration or destruction — including encryption, access controls, internal policies, backups.

We retain your personal data only as long as necessary to fulfill the purposes stated above, to satisfy legal obligations, or to resolve disputes.

When data is no longer needed, we will securely dispose of or anonymize it.

Data Subject Rights

Under the PDPL, you have the following rights (where applicable and to the extent allowed by law):

  • Right to access your personal data

  • Right to correct / rectify inaccurate or incomplete data

  • Right to erase your personal data (“right to be forgotten”)

  • Right to restrict processing or object to processing

  • Right to data portability (receive your data in a machine-readable format)

  • Right against automated decisions / profiling that significantly affect you

  • Right to withdraw consent where processing is consent-based

To exercise any of these rights, please contact us (see section Contact Us). We will respond without undue delay and in accordance with applicable law.

Governing Law & juridiction

This Privacy Policy is governed by the laws of the United Arab Emirates.

Any dispute arising under or relating to this policy will be subject to the exclusive jurisdiction of the competent courts in the UAE, unless otherwise required by applicable law.