Member Data Privacy

Home Member Data Privacy
PRIVACY POLICY

This Privacy Policy (“Policy”) is designed to help you understand how we use your Personal Data, in accordance with the DIFC Data Protection Law, DIFC Law No. 5 of 2020, and the Regulations and further guidance thereunder (the “Law”)

We encourage you to read the whole Policy. Alternatively, if you wish to read about specific privacy practices that interest you, please click on the relevant links below.

PART A – PURPOSE & APPLICABILITY

  1.  Identity

  2. Our use of Personal Data

  3. This Privacy Policy

  4. Updating this Privacy Policy

  5. What is Personal Data?

  6. Our responsibility to you

  7. Contact Person for Data Protection


PART B – YOUR PERSONAL DATA

  1. Why are we collecting Personal Data about you?

  2. What Personal Data do we collect about you?

  3. Where do we collect your Personal Data from?


PART C – OUR USE OF YOUR PERSONAL DATA

  1. How do we use your Personal Data?

  2. Consent

  3. Do we share your information with anyone else?

 

PART D – OTHER IMPORTANT THINGS YOU SHOULD KNOW

  1. Keeping your Personal Data safe

  2. Profiling and automated decision making

  3. How long do we keep your Personal Data?


PART E – YOUR RIGHTS

  1. Contacting us and your rights

  2. Your right to complain
     

PART A – PURPOSE & APPLICABILITY

 

1. Identity

 

The Institute of Chartered Accountants of India (Dubai) Chapter NPIO (“Chapter”) registered as a non-profit Incorporated Organisation under the laws of the Dubai International Financial Centre (DIFC).

 

Registered Address: Unit 201, 203 Level 1 Gate Avenue - South Zone Dubai International Financial Centre Dubai, United Arab Emirates

 

We carry on the following activities-

 

  1. to carry on activities for the extension of knowledge in the field of accountancy, auditing, and allied subjects of professional interest

  2. to help in better equipping members of the Chapter and other professionals for discharging their obligations

  3. to spread education in matters relating to accountancy, auditing and allied subjects of professional interest

  4. to carry out directives, policies, guidelines, and initiatives of the Institute of Chartered Accountants of India

  5. to assist the U.A.E. nationals and institutions to develop matters relating to accountancy, auditing, and allied subjects of professional interest and

  6. generally to do all acts and undertake all activities necessary, conducive, incidental or ancillary to attain the above mentioned objects and are in the interest of the members of the Chapter and profession in general including without limitation social meetings of Members and their families, and corporate social responsibilities

  7. In general, to engage in any lawful act or activity for which a Chapter may be organised under the Law.

 

 

2. Our use of Personal Data

In connection with providing our activities as a non-profit organisation and in compliance with the applicable laws and regulations in the DIFC (“Applicable Law”), we collect and Process information, including Personal Data.

 

3. This Privacy Policy

This is our general Privacy Policy that applies to Processing of Personal Data by us. 

 

4. Updating this Privacy Policy

This Policy may be updated from time to time. This version is dated 1st February 2021




 

5. What is Personal Data?

Personal Data is any information referring to an identified or Identifiable Natural Person. This includes information like your Name, E-mail Address, Telephone number, Passport number, Emirates ID but can also include less obvious information such as your attendance at a seminar or analysis of your use of our website(s).

Additional protection is afforded under the Law to Special Categories of Personal Data, i.e. Personal Data revealing or concerning (directly or indirectly) racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, criminal record, trade-union membership and health or sex life and including genetic data and biometric data where it is used for the purpose of uniquely identifying a natural person. As a policy, we do not normally collect any Special Categories of Personal Data, unless such collection is warranted under specific circumstances.

 

 

6. Our responsibility to you

We Process your Personal Data in our capacity as a Controller. This means that we are responsible for ensuring that we comply with the Law when Processing your Personal Data.

 

7. Contact Person for Data Protection

For any queries relating to our Data Processing activities or other matters under this Policy or the Law, you may contact the Secretary by:

 

  • sending an email to: [secretary@icaidubai.org] 

 

  • completing the Data Protection form on our website




 

PART B – YOUR PERSONAL DATA

 

8. Why are we collecting Personal Data about you?

We only collect Personal Data about you in connection with or incidental to our activities as a non-profit organisation. We may hold information about you if:

 

  • you are a member or ex-member of the Chapter

  • you subscribe to our newsletter

  • you attend our seminars/webinars/events/conferences

  • you offer services to us

  • you make an enquiry or complaint

 

9. What Personal Data do we collect about you?

The types of information we Process about you may include personal contact details such as membership number, name, local address, date of birth, telephone number, email address, your organisation details, designation and your India permanent address.

 

10. Where do we collect your Personal Data from?

We may collect your Personal Data from various sources, including:

  • you

  • government agencies and publicly accessible registers or sources of information

  • Information that we gather through cookies or similar tracking tools (e.g. pixels) when you use our websites

  • The sources that apply to you will depend on the purpose for which we are collecting your Personal Data. 

 

PART C – OUR USE OF YOUR PERSONAL DATA

 

11. How do we use your Personal Data?

The Chapter will only use your Personal Data for serving the objectives of the Chapter as outlined above. We will use your Personal Data where:

 

  • We are required to comply with a legal obligation;

  • It is in Chapter’s legitimate interest to do so;

  • The information is required for us to perform the contract which we have with you or to take steps to enter into a contract with you; or

  • it may be in the public interest to do so.

 

Your Personal Data may be Processed for the following purposes:

 

  • Maintaining our accounts and/or records.

  • Undertaking research.

  • Chapter administration work.

  • For communications with you including without limitation newsletter

  • To help us organise events for serving the objectives of the Chapter as outlined above.

  • To keep you updated with professional news through our partners, sponsors and suppliers.

 

 

12. Consent 

Where we do Process your Personal Data based on your consent, you have the right to withdraw your consent at any time. To withdraw your consent, please contact us using the contact details in paragraph 7 above. 

 

 

13. Do we share your information with anyone else?

We do not sell your information nor make it generally available to Third Parties other than members of the Chapter. However, we may share your information in the following circumstances:

 

  • You request or authorize the disclosure of your Personal Data to a third party.

  • The information is disclosed as permitted by applicable law(s) and/or in order to comply with applicable law(s).

 

In each case where we share your Personal Data with other parties, whether or not in an adequate jurisdiction (as determined by the DIFC Commissioner of Data Protection), we take appropriate data security measures and ensure that the relevant party is contractually required to keep such Personal Data safe, secure and confidential in accordance with the minimum standards under the Law.

 

PART D – OTHER IMPORTANT INFORMATION

 

14.  Keeping your Personal Data safe

We implement appropriate steps to help maintain the security of our information systems and processes and prevent the accidental destruction, loss, or unauthorised disclosure of the Personal Data we Process.

 

15. Profiling and automated decision making

We do not use profiling (where an electronic system uses Personal Data to try and predict something about you) or automated decision making (where an electronic system uses Personal Data to make a decision about you without human intervention).

 

16. How long do we keep your Personal Data?

We will only hold your personal information for as long as is necessary to fulfil the original purpose for which it was collected. This could include the purpose of satisfying legal, reporting or accounting requirements. When establishing appropriate retention periods for personal information, we consider the following:

 

  • The amount of personal information.

  • The nature of the information.

  • The sensitivity of the information.

  • Any potential risks of the information being unlawfully accessed or used.

  • Why we process the information, and whether we could achieve our purpose through any other means.

  • Any legal requirements.

 

On some occasion we may anonymise your personal information, which will mean that you cannot be identified from the information. In such cases, we are not required to notify you further. Records will be retained and securely destroyed in accordance with our retention policy, and laws or regulations.

PART E – YOUR RIGHTS

 

17. Contacting us and your rights

If you have any questions in relation to our use of your Personal Data, please email us using the contact details provided in Section 7 above.

 

Subject to certain exceptions outlined in the Law, you have the right to require us to:

 

  • Right to access

You have the right to request access to the information we hold about you, and to check that it is being processed lawfully. Requesting access to your personal information is known as a ‘data subject access request’.

  • Right to rectification or correction

You have the right to request to have any inaccurate information about you corrected, and any incomplete information completed.

  • Right to erasure (also known as the ‘right to be forgotten’)

You have the right to request that your personal information be deleted, of the information is no longer necessary in relation to the original purpose for which it was collected. In certain circumstances you are also able to withdraw your consent or object to the processing of your information.

  • Right to object

There are certain circumstances where you have the right to object to how your information is being processed, when it is based on legitimate interests. You also have the right to object to your data being processed for the purpose of direct marketing or statistics.

  • Right to restriction of processing

You have the right to request a restriction of the processing of your information, where the accuracy of the information is being contested. This means that your data will still be held, but not further processed.

  • Right to transfer (also known as ‘data portability’)

In certain circumstances, you have the right to have your personal information transferred from one party (data controller) to another. This will only be possible where the information is being processed on the basis of consent or automated means.

Should you wish to review, verify, update or request erasure of your information, or if you would like to object to the processing of your personal information, please contact secretary@icaidubai.org 

 
  • Right to withdraw your consent

If you consented to providing us with your personal information and you would now like to withdraw your consent to your information being processed or held by us, please let us know. It should be as easy to withdraw your consent as it was to provide it in the first place.

If you have any questions relating to this privacy notice or about how we handle your personal information, please contact ICAI on secretary@icaidubai.org 

 

In certain circumstances, we may need to restrict your rights in order to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. responding to regulatory requests), or in accordance with other exceptions and limitations specified in the Law.

 

18. Your right to complain

If you are not satisfied with our use of your Personal Data or our response to any request by you to exercise your rights, or if you think that we have breached any relevant provision of the Law, then you have the right to complain to the authority that supervises our Processing of your Personal Data.

Our data protection supervisory authority is the DIFC Commissioner of Data Protection, whose contact details are as follows:

Address:     Office of the Commissioner of Data Protection,

        Dubai International Financial Centre Authority,

        Level 14, The Gate, DIFC,

        PO Box 74777, Dubai, UAE

 

Telephone:     +971 4 362 2223

Website:     www.difc.ae/business/operating/data-protection/

Email:     commissioner@dp.difc.ae

 

To submit your consent please click here => Submit Data consent

Member registration