Last updated: 5th September, 2022

This Data Protection and Privacy Policy (“Privacy Policy”) is provided by GRIP (“GRIP”, “we”, “us”, “our”), for and on behalf of itself.

GRIP (DIFC) Ltd. is a wholly owned subsidiary of GRIP Investments (Cayman), established in the Dubai International Financial Centre (“DIFC”) licensed and regulated by the Dubai Financial Services Authority (“DFSA”) to provide advise on financial products, arrange custody, arrange deals in investments, advice and arrange credit for professional clients (as defined under Rule 2.3 COB Rulebook).

GRIP Horizon Sárl is a wholly owned subsidiary of GRIP Investments (Cayman), established in the Grand Duchy of Luxembourg to provide fund management services to alternative investment funds subscribed by professional investors (as defined under MIFID II)  registered with the CSSF, Luxembourg.

This Data Protection Policy has been prepared with reference to General Data Protection Regulation 2016/679, DIFC Data Protection Law, Law No. 5 of 2020 and the DIFC Data Protection Regulations, 2020 (together “Law”), to provide you with the following information:

  • What is Personal Data and who is a Data Subject?
  • Why are We collecting your Personal Data?
  • Personal Data We collect and the lawful basis for Our Processing.
  • Where do we collect Your Personal Data from?
  • Your Data Subject rights.
  • Our Personal Data sharing/transfer policy
  • Retention of your Personal Data
  • Will we use Your Personal Data for marketing and/or profiling purposes?
  • Are You under an obligation to provide us with Your personal data?
  • Who is legally responsible for the handling of your personal data and who can you contact about this subject?
  • Changes to this Privacy Policy.
  • Links to third party websites.
  • Cookies
  • Exercising your Data Subject Rights.

The definitions to the capitalised terms used in this privacy policy are provided in the Glossary.

Before accessing or using GRIP’s services or its website read the following information carefully:


This Privacy Policy applies to all forms of GRIP Processing activities performed using Personal Data as per the Law.

What is Personal Data and who is a Data Subject?

Personal Data is any information which discloses your personal information, such as, name, identification information, contact details, employment details, family details and so on.

Personal data does not include any personal information which has been shared for non-commercial purposes and Personal Data only includes such personal information which could be used to identify a natural person or a Data Subject (“You”).

Why are we collecting Personal Data about you?

GRIP will only Process Your Personal Data to the extent relevant to prospecting or establishing a business or commercial relationship with Us and/or to communicate with You, invite you to attend our events or provide information through our newsletter, provided you agreed to subscribe to Our newsletter.

Whether we receive Your Personal Data directly from you or from a third party, we will only use Your Personal Data if we have obtained Your consent, or if we have another lawful basis upon which to do so, as provided below:

We may hold information about you if:

  • You are a client, a representative of a client, or the beneficial owner of a client;
  • You are a party or the representative of a party in a matter on which We are advising a client;
  • We are required to Process your Personal Data in accordance with applicable Law, for e.g. to meet applicable anti-money laundering and counter-terrorist financing as well as compliance obligations;
  • We otherwise obtain your information, in connection with the service(s) we are providing a client
  • You provide/are prospecting to provide services to Us (or you represent a company which provides/prospects to provide services to Us)
  • You attend Our seminars, webinars, or events, receive Our newsletter updates, or visit Our offices or websites
  • You are an applicant for a job with us
  • You are or were an employee of the firm
  • You may have met one of our staff members and have exchanged business cards or contact details

Personal Data We collect, the lawful basis and purpose for Our Processing


Depending on the purposes, the types of information we Process about you may include:

Types of Personal Data Details Legal Basis for the processing and purpose
Individual details Name, contact details (e.g. email and telephone numbers), gender, employer and job title.


By providing your individual details at the time of registering on Our website. You are expressly consenting and permitting GRIP to Process and Control your Individual details.

Special Categories of Personal Data Information about your political affiliations or opinions or criminal record. We do not Process Special Categories of Personal Data when you use or access the website.
Identifiers Information which can be traced back to you, such as an IP address, a website tracking code or any other information that may be automatically collected through our Website(s) or any other digital communication or network security applications used by us. Identifiers may be Processed by GRIP purely to analyse Your use and subscription to Our Website as well as ensure network and information security at the time of Personal Data collection.

By using or viewing our website, you are providing your express consent to provide us with the above information or Personal Data as agree you are aware of the lawful basis for Our Processing activities.

Where do we collect your Personal Data from?

We may collect your Personal Data from various sources, including:

  • You
  • third parties (including, without limitation, Our service providers or persons authorised to verify or share Your Personal Data, if applicable)
  • third persons authorised by you to share your Personal Data,
  • by actively obtaining Your Personal Data ourselves, for example using website tracking devices.

The sources that apply to you will depend on the purpose for which We are collecting Your Personal Data. Where We obtain Your information from a third party, in particular your employer or our business contacts, we may ask them to provide you with a copy of this Privacy Policy (or a shortened version of it) to ensure that you know we are Processing your information as well as the purpose for such Processing.

We also Process personal data from a range of other sources, which may include, other companies and financial institutions, publicly available sources (e.g. the press, registers of companies or assets, internet websites, including social media platforms like Linked-In) and from providers of business-risk screening services, such as credit reference agencies, anti-fraud databases, sanctions lists and databases of news articles where it is found necessary (under law or otherwise, for due diligence purposes) to verify Your information.

Your Data Subject rights.

As a Data Subject, you have the right to:

  • object to Processing of Your Personal Data where it is documented to be necessary to perform tasks carried out in public interest or exercise of official authority vested in a controller or necessary for the purposes of legitimate interests of a controller or third party as well as be informed before Personal Data is disclosed for the first time to third parties or used on their behalf for the purposes of direct marketing subject to compelling grounds favouring Processing;
  • restrict Processing where the accuracy of Personal Data is contested. You are informed the GRIP only collects information submitted or updated by You on its website, therefore, ensuring the accuracy of Your Personal Data is Your responsibility;
  • object to any decision producing legal consequences to be based solely on automated Processing, such as profiling, and to require such decisions to be reviewed manually;
  • submit a complaint with the DIFC commissioner of data protection by email at [email protected] or at DIFC’s main office address, the Gate, Level 14, DIFC, PO Box No. 74777, Dubai, UAE with the telephone number +971 4 362 2222 in the event of any breach and failure to remedy such breach.

To exercise any of the above rights or report a Personal Data Breach with respect to GRIP, You may write to us on our contact page or Our office 614, Liberty House, DIFC, Dubai, UAE or call us at our telephone number +971 4 564 22 44 or write to us on email at [email protected].

Personal Data sharing/transfer policy

Your registration information will not be shared or be viewed by any other users of the website or third parties subject to receipt of Your instructions or based upon interest expressed by You, a need to share information about You with a range of recipients including (but not limited to) the following: third party service providers, background screening providers, financial institutions, funds, payment recipients, payment and settlement infrastructure providers, exchanges, regulators, courts, public authorities (including tax authorities), professional advisors, auditors, insurers and potential purchasers of elements of our business. These recipients could be located outside the UAE.

Depending on the scope of our professional services, we may require the assistance of various external professional service providers, based in or out of the DIFC.

We may share your Personal Data with other third parties, such as relevant regulators or other authorities, where we are required to do so to comply with legal or regulatory requirements.

The use of these external service providers may involve some transfers of Personal Data to countries or jurisdictions with data protection or privacy laws that are not adequate in comparison with the Law.

In each case where we share your Personal Data with third parties, whether or not located in an adequate jurisdiction (as defined by the DIFC Commissioner of Data Protection), We would take appropriate measures to ensure that the relevant party is contractually required to keep such Personal Data safe, secure and confidential.



In general terms, we retain your Personal Data only for the period necessary to the purposes of Processing provided above.

Will we use Your Personal data for marketing and/or profiling purposes?

GRIP may use Your Personal Data to give You information about products and services offered by Us or Our affiliates whose services We believe You may be interested in receiving. Where We consider it appropriate, and so far as it is compliant with applicable legal obligations, we may contact you in this regard by email or telephone.

“Profiling” in the context of this Privacy Policy is the use of an automated process to analyse Personal Data in order to assess or predict aspects of a person’s behaviour. GRIP will not be Profiling Your Personal Data .

GRIP’s mailing list program (which is used to inform clients and other contacts about Our products, services, and events) may contain tracking technologies to track subscriber activity relating to engagement, demographics and other data, and to build subscriber profiles. GRIP may use this as a means by which to undertake direct marketing.

If you wish to not receive marketing materials, kindly contact us at

Are You under an obligation to provide us with Your personal data?

You are not under any legal obligation to provide us with your Personal Data when viewing or using Our website. However, if You refuse to provide the information sought in the contact form, You will not be able to contact the Us.

Who is legally responsible for the handling of your personal data and who can you contact about this subject?

In data protection law terminology, such role lies with the “controller”, namely:

IT and Data Team

614, 6th Floor, Liberty House,

Dubai International Financial Centre (DIFC)

Dubai, United Arab Emirates

P.O. Box 9552

Tel: +971 4 564 2244

We are required to handle or process your personal data securely and otherwise in accordance with applicable data protection laws.

Should You have queries or complaints about the way in which we process your personal data, you may raise these with your usual GRIP contact or else with us via the contact details above or the following email address

Changes to this Privacy Policy

We may update this Privacy Policy from time to time in order to clarify it or address changes in applicable Law or our business operations, therefore, you should review this policy periodically on the website. We will notify you if we make any substantial updates and you can always access the current version at the following Website address:

Links to third party websites

GRIP’s website may contain links to third party sites. Please note that these Websites have their own privacy policies and that GRIP does not accept any responsibility or liability for such policies or your use of third party websites. Please check individual policies before you submit any information to those websites.


What is a cookie?

Cookies are small text files that are stored on your computer or mobile device. They are widely used in order to make websites work, or work in a better, more efficient way. They can do this because websites can read and write these files, enabling them to recognise you and remember important information that will make your use of a website more convenient (e.g. by remembering your user preferences).

For more detailed information on cookies, visit

Our website ( uses the following cookies: