We are committed to complying with applicable Data Protection Laws
Last updated: 1 March 2021
Nexdigm Consulting Limited (DIFC) (collectively “Nexdigm”, “we” or “us”) values your security and privacy. NEXDIGM, as a DIFC registered entity, must comply with Data Protection Law, DIFC Law No. 5 of 2020 (the “DP Law”), and may for certain types of personal data processing, be subject to laws from other jurisdictions.
This Policy applies to persons anywhere in the world who access or use NEXDIGM’s Website Services or the App (“Users”).
Information you give us
This is information you give us about you by providing information or filling in forms on the App or any NEXDIGM-owned Website Services, or by corresponding with us (for example, by telephone, e-mail or any other digital or electronic form). It includes for example information you provide when you register using the NEXDIGM-provided online client portal, or download and register to use the App, search for the App in app stores (including but not limited to Apple App Store and Google Play Store), share data via the App's social media functions, and when you report a problem with the App, or any of our Website Services. If you contact us, NEXDIGM will keep at least an electronic record of such correspondence, including personal information shared at that time. The personal information you give us may include your name, address, e-mail address and phone number, certain device information, username, password, residential building, work address, photograph and other registration information you choose to provide (“Personal Information” or “Personal Data”).
The Website Services or App collect and process Personal Data for specific, lawful purposes only, or for the performance of tasks carried out in the interests of NEXDIGM.
The Website Services or App are not targeted, intended or expected to be of use to children. Apart from providing information for specific services or purposes, as directed by NEXDIGM processes, User-provided contributions of content or contact information regarding or about children are expressly prohibited.
Information we collect about you and your device
Each time you use our Website Services or App we will automatically collect the following information:
Other Information We May Collect Through Your Use of the Website Services or the App
When you use any Website Services or the App, we may collect Personal Information as well as demographic information, for example information that you submit, or that we collect, which may include, but is not limited to, post code, hometown, gender, username, mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting, device location, IP address, SMS data, transaction information, age/birth date, browsing history information, searching history information, and registration history information (“Demographic Information”).
We may use Personal Data which you provide to us or we collect from you to:
We will take all steps reasonably necessary to ensure your data is processed fairly and lawfully, in accordance with the DP Law, other applicable laws and this Policy. By submitting your Personal Data (including Log, Device and / or Demographic Information), you agree to such transfer, storing or processing in order for NEXDIGM to perform its general administrative and regulatory functions, including but not limited to responding to enquiries you raise via the App or Website Services or maintaining contacts for future informational or promotional activities. Unless otherwise notified, NEXDIGM does not ordinarily engage in automated decision making when processing your Personal Data.
You agree that we have the right to transfer the Personal Data described in this Policy to and from, and process and store it in, the United Arab Emirates and (where applicable or required) with processors in other countries, some of which may have less protective privacy laws than those where you reside. Where this is the case, we will take appropriate security measures to protect your Personal Data in accordance with this Policy. All information security policies are strictly enforced. Please see section 7 below for further details.
To preserve the integrity of our databases, to carry out on-going Website Services on behalf of all Users, for research, analytics and statistics purposes and to ensure compliance with applicable laws and regulations, we retain Personal Data submitted by Users for a reasonable length of time unless otherwise prescribed by applicable law. NEXDIGM is not responsible for the accuracy of the information you provide, and will modify or update your Personal Data in our databases upon your request, as further outlined below. We will erase or archive from active use your Personal Data upon request, unless we are required to retain it in accordance with NEXDIGM or other applicable laws or to perform agreed services. By accessing or using the App or Website Services, you do hereby represent and warrant that you understand that all information submitted by you through the App or Website Services or otherwise to NEXDIGM may be used by NEXDIGM in accordance with applicable laws and its policies.
We may share Personal Data which we collect about you as described in this Policy or as described at the time of collection or sharing, including as follows:
This Policy applies to persons anywhere in the world who access or use NEXDIGM’s Website Services or the App (“Users”).
Through Our Website Services or the App
We may share your Personal Data:
Other Types of Data Sharing
We may share your Personal Data:
All sharing of Personal Data aligns to the extent possible with the NEXDIGM Government Data Sharing Policy, which is an internal NEXDIGM policy that governs fair and lawful sharing of Personal Data requested by government entities within the UAE and elsewhere.
Marketing and Opting Out
NEXDIGM supports Users’ legal rights to opt-out of receiving communications from us and our partners. You have the option to ask us not to process your Personal Data for marketing purposes and to remove it from our database, to not receive future communications or to no longer receive our App or Website Services.
You may change your preferences at any time.
Please note that we may continue to send you transactional or service-related e-mails despite your desire to not receive promotional or marketing e-mail messages. Additionally, please note that if you elect to opt-out of receiving promotional e-mails from one of our Website Services or the App, you may continue to receive promotional emails from our other websites, providers or other, non-affiliated marketers whose services you may have accessed via NEXDIGM Website Services or App.
Finally, while we may remove your individual contact information from our professional contacts database, please be aware that if such information is in a different third party's marketing directory through your request or election, you will need to request removal with such third party directly.
Access to and Correction of Your Personal Information
You have the right to access information held about you. Your right of access can be exercised in accordance with DIFC and other applicable laws. Any access request generally comes at no cost to you, but may, where permissible, be subject to a fee to meet any extraordinary administrative costs in providing you with details of the information we hold about you.
When you contact us about a potential Personal Data error, we will endeavor to confirm or verify the information in question, then correct verified inaccuracies and respond to the original inquiry. We will endeavor to send a correction notice to businesses or others whom we know to have received the inaccurate data, where required and / or appropriate. However, some third parties and third party sites may continue to process inaccurate data about you until their databases and display of data are refreshed in accordance with their update schedules, or until you contact them personally to ensure the correction is made in their own files.
You may also request that we restrict, erase or otherwise process your Personal Data in line with the relevant articles providing for such rights set out in the DP Law.
Changes to this Policy
We may change this Policy from time to time and without notice. If we make significant changes in the way we treat your Personal Data, or to the Policy, we will endeavor to provide you notice through the App or Website Services or by some other means, such as email. Your continued use of the App or Website Services after such notice constitutes your acceptance of the changes. We encourage you to periodically review this Policy for the latest information on our privacy practices. We provide links to it through:
NEXDIGM makes every effort to ensure that your Personal Data is secure on its system. NEXDIGM has staff dedicated to maintaining our data protection and security policies, periodically reviewing them and making sure that NEXDIGM employees are aware of our data protection and security practices. Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure. As a result, NEXDIGM cannot warrant or guarantee the security of any Personal Data you transmit to us, and you do so at your own risk.
NEXDIGM has established policies and procedures for securely managing information and protecting Personal Data against unauthorized access. We continually assess our data privacy, information management and security practices. We do this in the following ways:
Types of cookies we drop and the information collected using them include:
Most browsers accept and maintain Cookies by default. Check the ‘Help’ or ‘Settings’ menu of your browser to learn how to change your Cookie preferences. You can choose to alter Cookies settings related to the use of our Website Services, but this may limit your ability to access certain areas of the Website.
The Website and the App may contain links to other websites on the Internet that are owned and operated by third parties (the "External Sites"). These links are provided solely as a convenience to you and not as an endorsement by NEXDIGM of the contents of or reliability on such External Sites. You acknowledge that NEXDIGM is not responsible for the availability of, or the information and content of any External Site. You should contact the site administrator or webmaster for those External Sites if you have any concerns regarding such links or the content located on such external Sites. If you decide to access linked third party websites, you do so at your own risk. NEXDIGM does not accept liability, and shall not be liable to you for any loss or damage arising from or as a result of your acting upon the content of another website to which you may link from the Website Services or the App.
Building security records containing sign in and sign out information collected at the time of visiting and departing a NEXDIGM-owned building will be maintained in accordance with this Policy.
If you have any questions, comments and requests related to this Policy, or if you have any complaints related to how NEXDIGM processes your personal data, please contact DPO at firstname.lastname@example.org
Alternatively you can contact us through our website.
Company Name: Nexdigm Consulting Ltd
Company Address: DIFC, Emirates Financial Towers, 503-C South Tower, DIFC, PO Box 507260, Dubai, UAE
This policy applies to employees, partners, contractors, associates, consultants, vendors, retainers, clients of Nexdigm Pvt. Ltd. and visitors to our website.
We are committed to the protection and responsible use of your personal data and promotion of individual privacy rights. Through the use of appropriate administrative, physical, and technical safeguards, we strive to protect personally identifiable information that we maintain or disseminate to ensure that it is not obtained by unauthorized individuals or used in unauthorized ways.
We may collect, store, process, use, transfer and disclose such information about individuals (“Data Subjects”) which may constitute Personal Information including Sensitive Personal Data or Information under the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 or Personal Data under the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016) (“GDPR”) or any other applicable law. This policy explains the practices we follow with respect to collection, use, disclosure, transfer, security and protection of Personal Information, rights of Data Subjects, breach management and other related aspects.
"Personal Data" means any data relating to a Data Subject which is capable of identifying such Data Subject directly or indirectly such as name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that Data Subject. Personal Data will include Sensitive Personal Information and Special Categories of Personal Information unless otherwise stated. We will strive to ensure that Personal Data collected by us is adequate, relevant and limited to what is necessary in relation to the intended purpose.
We or any person or entity duly authorized on our behalf may collect a variety of Personal Data as required by us to fulfill our responsibilities and obligations as an employer, associate, client or service provider. Such Personal Data may be collected or received by us when you interact with us on our website, e-mail, mobile apps or other web-based applications or by way of personal, telephonic or audio-visual meetings or when you provide to us any documents containing your Personal Information. The Personal Data collected by us could include one or more of the following:
Where processing of Personal Data requires consent, we will obtain your written consent to collect, use and process your Personal Data. With respect to Personal Data disclosed to us by a data controller, we will contractually obligate the data controller to ensure compliance with all legal requirements relating to obtaining of consent. We will maintain and protect the appropriate security, integrity and confidentiality of such Personal Information. In case you refuse to provide the required Personal Data or withdraw your consent at any point of time, we shall have the discretion to discontinue, refuse or withdraw our services for which the information was sought. In case of our employees, associates, partners, consultants, contractors and retainers, we may terminate the employment or service contract or modify the terms of employment or service contract.
The Personal Data collected or received by us may be used or processed by us or any person or entity duly authorized by us for purposes including:
Processing for the purposes of this policy refers to online and offline processing and includes activities such as copying, filing, and feeding information into a database. We maintain Personal Data in an organised and easily accessible manner. We will use the Personal Data only for the purpose for which it has been collected.
We may at times disclose and/or transfer Personal Data to third parties in cases where it is necessary for discharging our contractual obligations and/or providing services to you and/or if you have consented for the same. We may, on a need basis, disclose and/or transfer Personal Data to:
If we outsource the processing of your Personal Data to third parties or provide your Personal Data to third party service providers, we will oblige those third parties to protect your Personal Data with appropriate security measures and prohibit them from using your Personal Data for their own purposes or from disclosing your Personal Data to others. We will adhere to consent and intimation requirements where your Personal Data is being shared with third parties.
We will take all reasonable steps to ensure that Personal Data is stored in a secure environment and protected from unauthorized access, modification or disclosure. We strive to keep the Personal Data secure through implementation of the security practices and controls.
Personal Data is stored using systems which have restricted access and which are housed in facilities with physical security measures. We have a comprehensive information security programmed documented in the form of our Information Security Policy (ISMS/Nexdigm SKP/CSP_0501) which contains managerial, technical, operational and physical security control measures. Our offices are ISO 27001, ISO 29100 and BS10012 certified to manage the security of Personal Data.
We have a designated Chief Information Security Officer responsible for operation and maintenance of our security programmed and controls to enforce the security policy and for providing advice and guidance on its implementation and maintenance.
We strive to keep our records updated with latest and updated Personal Information. To enable this, you can ask us to update or change any Personal Data collected by us to enable us to meet the objectives stated above.
We will retain Personal Data only for such period as may be required to observe, perform and comply with our obligations or as otherwise required under applicable law or practice.
Under GDPR (if applicable to you), you as a Data Subject have a number of rights with regard to your Personal Data that we want to summarily make you aware of:
You may exercise your rights by writing to us at email@example.com. Exercise of the above rights shall be in accordance with GDPR and other applicable regulations.
Our Chief Information Security Officer (CISO) is also our Data Protection Officer and may be contacted at firstname.lastname@example.org.
We have an established Security and Privacy Incident Policy to outline various threats and vulnerabilities that may lead to breach of security and privacy of Personal Data and processes to guide and implement response to such incidents. In case of any privacy related concerns, feedback or grievance, you may contact us at email@example.com.