1. Introduction

FTH Company FZCO is a company incorporated under the laws of the United Arab Emirates (hereinafter referred as ‘FTH’). This Privacy Policy wishes to inform all FTH clients and related parties regarding the policies adopted to ensure data protection based on the recent EU Regulation on the General Data Protection Regulation (‘GDPR’) 2016/679 which was voted on the 27^th April 2016, fully enforced on 25^th May 2018.

This publication has been carefully prepared to indicate the purpose of this Privacy Policy and enable FTH to ensure its clients and all related parties that FTH shall handle the enforcement of the Personal Data Protection Regulation with full responsibility and commitment, ensuring safe protection of personal information and protection of all personal fundamental rights. This publication acts solely as guidance and is not to be considered binding or assume any responsibility though to cover all and/or specific situations requesting specific treatment. In such occasions, we highly recommend contacting FTH directly for more targeted guidance.

2. Collected data and information

FTH is a service provider also under obligation to applying and implementing numerous other Directives, Regulations, national and international legislation. A significant role in our business is the implementation of Anti-Money Laundering Directive, according to which FTH is required to collect and keep the Know-Your-Client, Due diligence documentation and any other personal data required for transaction monitoring and identification purposes.

3. Information we collect
Any information about an individual, constitutes personal information and data collected for identification purposes. For this reason, prior concluding any engagement agreement or proceed with execution of any documentation, we may request to collect identification and contact data of an individual i.e. passport copy and proof of address.

4. Other parties
Any other personal data and documentation that needs to be collected and kept for other parties other than the above, will be communicated specifically to the Client and the storage period will be separately circulated.

It is also important to note that the expired documents i.e. expired passports, utilities more than 6 months old, will be destroyed as soon as the updated documents are obtained.

5. Data Collection
Collection of data is a significant aspect of our scope of services rendered to our Clients.

6. Personal data: sharing and processing
Statutory requirements found under UAE Banking laws, national tax laws and in addition to the obligations provided by the national supervisory authorities they all add up to the obligations and requirements to be met on behalf of the service providers. It is important to note that personal information and data collection are not to be shared with any unrelated third parties besides in those circumstances whereby there is a lawful obligation to do so and/or to enable us to fulfil our servicing obligations outsourced. External agents, partners and associates of FTH as well as other interrelated third parties for the completion of the service to be provided are entering into an NDA agreement with FTH and the personal data collected are also subject under their GDPR policy. All our third-party agents and associates are restricted from using the personal information and data collected for their personal purpose but are under the obligation to act upon the provision of our instructions, unless there is a legislative breach permitting otherwise.

7. Security process
All data and information held under FTH’s responsibility, is ensured that they shall not be given, granted, disclosed, dispatched, copied, mailed or electronically send to any parties, individuals, organisations, institutions for any other purpose besides the scope of services provided and obligations carried under AML, or national legislation which prevail over GPDR, without your approval or additional written consent.

Should we consider necessary, contact and/or communication shall be done via phone or email for further briefing on this matter.

8. Information security
We, at FTH wish to ensure that all data and information collected receive strict protection. For this reason, we have reinforced our technological security via the use of additional electronic tools and platforms available well as operational security to safeguard sensitive information with restricted access to the non-interested or non-related parties within our company.

9. Emergency policy
In the case of a potential breach in safeguarding the data and information collected due to external factors i.e. hacker attach or data leakage, FTH shall take immediate actions to inform all its clients. The Clients need to be contacted and informed within 24 hours from the time the breach was identified and report such breach to the relevant Supervisory Authority in the UAE in the next 72 hours.

10. Amendments to privacy notice
FTH reserves all rights for further amendments to be made occasionally regarding the present Privacy Policy based on the legal framework implemented therefore, any adjustable changes shall be further communicated.

Respective notices shall be posted and updated on our website accordingly with immediate effect or as it may be stated therein. It would be highly recommended to check on a regular basis whether any changes have been made for your greater convenience.