Privacy

DATA PROTECTION AND PRIVACY POLICY

Last updated: 5th September, 2021

This Data Protection and Privacy Policy (“Privacy Policy”) is provided by GRIP (“GRIP”, “we”, “us”, “our”), for and on behalf of itself.

GRIP (DIFC) Ltd. is a wholly owned subsidiary of GRIP Investments (Cayman), established in the Dubai International Financial Centre (“DIFC”) licensed and regulated by the Dubai Financial Services Authority (“DFSA”) to provide advise on financial products, arrange custody, arrange deals in investments, advice and arrange credit for professional clients (as defined under Rule 2.3 COB Rulebook).

GRIP Horizon Sárl is a wholly owned subsidiary of GRIP Investments (Cayman), established in the Grand Duchy of Luxembourg to provide fund management services to alternative investment funds subscribed by professional investors (as defined under MIFID II) to be registered with the CSSF, Luxembourg.

This Data Protection Policy has been prepared with reference to General Data Protection Regulation 2016/679, DIFC Data Protection Law, Law No. 5 of 2020 and the DIFC Data Protection Regulations, 2020 (together “Law”), to provide you with the following information:

  • What is Personal Data and who is a Data Subject?
  • Why are We collecting your Personal Data?
  • Personal Data We collect and the lawful basis for Our Processing.
  • Where do we collect Your Personal Data from?
  • Your Data Subject rights.
  • Our Personal Data sharing/transfer policy
  • Retention of your Personal Data
  • Will we use Your Personal Data for marketing and/or profiling purposes?
  • Are You under an obligation to provide us with Your personal data?
  • Who is legally responsible for the handling of your personal data and who can you contact about this subject?
  • Changes to this Privacy Policy.
  • Links to third party websites.
  • Cookies
  • Exercising your Data Subject Rights.

The definitions to the capitalised terms used in this privacy policy are provided in the Glossary.

Before accessing or using GRIP’s services or its website grip.investments.com read the following information carefully:

 

Application

 

This Privacy Policy applies to all forms of GRIP Processing activities performed using Personal Data as per the Law.

 

What is Personal Data and who is a Data Subject?

 

Personal Data is any information which discloses your personal information, such as, name, identification information, contact details, employment details, family details and so on.

 

Personal data does not include any personal information which has been shared for non-commercial purposes and Personal Data only includes such personal information which could be used to identify a natural person or a Data Subject (“You”).

 

Why are we collecting Personal Data about you?

 

GRIP will only Process Your Personal Data to the extent relevant to prospecting or establishing a business or commercial relationship with Us and/or to communicate with You, invite you to attend our events or provide information through our newsletter, provided you agreed to subscribe to Our newsletter at the time of registering on Our website to access GRIP Marketplace.

 

Whether we receive Your Personal Data directly from you or from a third party, we will only use Your Personal Data if we have obtained Your consent, or if we have another lawful basis upon which to do so, as provided below:

 

We may hold information about you if:

 

  • You have registered on the website to be provided with access to GRIP Marketplace;
  • You are a client, a representative of a client, or the beneficial owner of a client;
  • You are a party or the representative of a party in a matter on which We are advising a client;
  • We are required to Process your Personal Data in accordance with applicable Law, for e.g. to meet applicable anti-money laundering and counter-terrorist financing as well as compliance obligations;
  • We otherwise obtain your information, in connection with the service(s) we are providing a client
  • You provide/are prospecting to provide services to Us (or you represent a company which provides/prospects to provide services to Us)
  • You attend Our seminars, webinars, or events, receive Our newsletter updates, or visit Our offices or websites
  • You are an applicant for a job with us
  • You are or were an employee of the firm
  • You may have met one of our staff members and have exchanged business cards or contact details

 

Personal Data We collect, the lawful basis and purpose for Our Processing

 

Depending on the purposes, the types of information we Process about you may include:

Types of Personal Data

Details

Legal Basis for the processing and purpose

Individual details

Name, contact details (e.g. email and telephone numbers), gender, employer and job title.

Consent.

By providing your individual details at the time of registering on Our website to access the GRIP Marketplace, You are expressly consenting and permitting GRIP to Process and Control your Individual details.

Special Categories of Personal Data

Information about your political affiliations or opinions or criminal record.

We do not Process Special Categories of Personal Data when you use or access the website or the GRIP Marketplace. 

Identifiers

Information which can be traced back to you, such as an IP address, a website tracking code or any other information that may be automatically collected through our Website(s) or any other digital communication or network security applications used by us.

Identifiers may be Processed by GRIP purely to analyse Your use and subscription to Our Website as well as ensure network and information security at the time of Personal Data collection.

 

 

By using or viewing our website, you are providing your express consent to provide us with the above information or Personal Data as agree you are aware of the lawful basis for Our Processing activities.

 

Where do we collect your Personal Data from?

 

We may collect your Personal Data from various sources, including:

  • You
  • third parties (including, without limitation, Our service providers or persons authorised to verify or share Your Personal Data, if applicable)
  • third persons authorised by you to share your Personal Data,
  • by actively obtaining Your Personal Data ourselves, for example using website tracking devices.

 

The sources that apply to you will depend on the purpose for which We are collecting Your Personal Data. Where We obtain Your information from a third party, in particular your employer or our business contacts, we may ask them to provide you with a copy of this Privacy Policy (or a shortened version of it) to ensure that you know we are Processing your information as well as the purpose for such Processing.

 

We also Process personal data from a range of other sources, which may include, other companies and financial institutions, publicly available sources (e.g. the press, registers of companies or assets, internet websites, including social media platforms like Linked-In) and from providers of business-risk screening services, such as credit reference agencies, anti-fraud databases, sanctions lists and databases of news articles where it is found necessary (under law or otherwise, for due diligence purposes) to verify Your information.

 

Your Data Subject rights.

 

As a Data Subject, you have the right to:

 

 

 

 

 

  • object to Processing of Your Personal Data where it is documented to be necessary to perform tasks carried out in public interest or exercise of official authority vested in a controller or necessary for the purposes of legitimate interests of a controller or third party as well as be informed before Personal Data is disclosed for the first time to third parties or used on their behalf for the purposes of direct marketing subject to compelling grounds favouring Processing;

 

  • restrict Processing where the accuracy of Personal Data is contested. You are informed the GRIP only collects information submitted or updated by You on its website, therefore, ensuring the accuracy of Your Personal Data is Your responsibility;

 

  • object to any decision producing legal consequences to be based solely on automated Processing, such as profiling, and to require such decisions to be reviewed manually;

 

  • submit a complaint with the DIFC commissioner of data protection by email at [email protected] or at DIFC’s main office address, the Gate, Level 14, DIFC, PO Box No. 74777, Dubai, UAE with the telephone number +971 4 362 2222 in the event of any breach and failure to remedy such breach.

 

To exercise any of the above rights or report a Personal Data Breach with respect to GRIP, You may write to us on our contact page https://gripinvestments.com/contact/ or Our office 614, Liberty House, DIFC, Dubai, UAE or call us at our telephone number +971 4 564 22 44 or write to us on email at [email protected].

 

Personal Data sharing/transfer policy

 

Your registration information on the GRIP Marketplace will not be shared or be viewed by any other users of the website or third parties subject to receipt of Your instructions or based upon interest expressed by You, a need to share information about You with a range of recipients including (but not limited to) the following: third party service providers, background screening providers, financial institutions, funds, payment recipients, payment and settlement infrastructure providers, exchanges, regulators, courts, public authorities (including tax authorities), professional advisors, auditors, insurers and potential purchasers of elements of our business. These recipients could be located outside the UAE.

 

Depending on the scope of our professional services, we may require the assistance of various external professional service providers, based in or out of the DIFC.

 

We may share your Personal Data with other third parties, such as relevant regulators or other authorities, where we are required to do so to comply with legal or regulatory requirements.

 

The use of these external service providers may involve some transfers of Personal Data to countries or jurisdictions with data protection or privacy laws that are not adequate in comparison with the Law.

 

In each case where we share your Personal Data with third parties, whether or not located in an adequate jurisdiction (as defined by the DIFC Commissioner of Data Protection), We would take appropriate measures to ensure that the relevant party is contractually required to keep such Personal Data safe, secure and confidential.

 

 

Retention

 

In general terms, we retain your Personal Data only for the period necessary to the purposes of Processing provided above.

 

Will we use Your Personal data for marketing and/or profiling purposes?

 

GRIP may use Your Personal Data to give You information about products and services offered by Us or Our affiliates whose services We believe You may be interested in receiving. Where We consider it appropriate, and so far as it is compliant with applicable legal obligations, we may contact you in this regard by email or telephone.

 

“Profiling” in the context of this Privacy Policy is the use of an automated process to analyse Personal Data in order to assess or predict aspects of a person’s behaviour. GRIP will not be Profiling Your Personal Data received from Your registration to access GRIP Marketplace.

 

GRIP’s mailing list program (which is used to inform clients and other contacts about Our products, services, and events) may contain tracking technologies to track subscriber activity relating to engagement, demographics and other data, and to build subscriber profiles. GRIP may use this as a means by which to undertake direct marketing.

 

If you wish to not receive marketing materials, kindly contact us at https://gripinvestments.com/contact/.

 

Are You under an obligation to provide us with Your personal data?

 

You are not under any legal obligation to provide us with your Personal Data when viewing or using Our website. However, if You refuse to provide the information sought in the registration form to access the GRIP Marketplace, You will not be able to access Marketplace site.

 

Who is legally responsible for the handling of your personal data and who can you contact about this subject?

 

In data protection law terminology, such role lies with the “controller”, namely:

 

GRIP (DIFC) Ltd.

614, 6th Floor, Liberty House,

Dubai International Financial Centre (DIFC)

Dubai, United Arab Emirates

P.O. Box 9552

Tel: +971 4 564 2244

 

We are required to handle or process your personal data securely and otherwise in accordance with applicable data protection laws.

 

Should You have queries or complaints about the way in which we process your personal data, you may raise these with your usual GRIP contact or else with us via the contact details above or the following email address [email protected].

 

Changes to this Privacy Policy

 

We may update this Privacy Policy from time to time in order to clarify it or address changes in applicable Law or our business operations, therefore, you should review this policy periodically on the website. We will notify you if we make any substantial updates and you can always access the current version at the following Website address:

https://gripinvestments.com/privacy-policy

 

Links to third party websites

 

GRIP’s website gripinvestments.com/ may contain links to third party sites. Please note that these Websites have their own privacy policies and that GRIP does not accept any responsibility or liability for such policies or your use of third party websites. Please check individual policies before you submit any information to those websites.

 

Cookies

 

What is a cookie?

 

Cookies are small text files that are stored on your computer or mobile device. They are widely used in order to make websites work, or work in a better, more efficient way. They can do this because websites can read and write these files, enabling them to recognise you and remember important information that will make your use of a website more convenient (e.g. by remembering your user preferences).

 

For more detailed information on cookies, visit www.allaboutcookies.org.

 

Our website (https://gripinvestments.com) uses two types of cookies:

 

  • Strictly necessary cookie

moove_gdpr_popup – This cookie is used within the cookie banner to store the cookie consent information decisions taken by the user, and retains the consent for up to 365 days.

 

  • Embedded content from other websites (3rd party cookies)

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

 

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

 

Please find below a list of the third party cookies you may incur while navigating https://gripinvestments.com.

 

Cookie

Description

Duration

Type

VISITOR_INFO1_LIVE

This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

5 months

Advertisement

GPS

This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location.

30 mins

Analytics

YSC

This cookie is set by Youtube and is used to track the views of embedded videos.

 1 visit

Performance

IDE

Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile, and is used due to the embedded Youtube content.

1 year

Advertisement

li_sugr

Browser Identifier, LinkedIn Insight Tag, when IP address is not in a Designated Country.

2 mths

Other

lang

used to store the language preferences of a user to serve up content in that stored language the next time user visits the website.

 2mths

Functional

lidc

This cookie is set by LinkedIn and used for routing.

1 day

Functional

UserMatchHistory

Linkedin – Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor’s preferences.

1 mth

Other

bcookie

This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.

2 years

Functional

bscookie

This cookie is a browser ID cookie set by Linked share Buttons and ad tags.

2 years

Advertisement

lissc

This cookie is provided by LinkedIn. This cookie is used for tracking embedded service.

1 year

Analytics

 

 

 

GLOSSARY

 

Data Subject

Refers to an identified or identifiable natural person.

 

Personal Data Breach

Refers to a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to Personal Data stored or transmitted.

 

Process, Processed. Processes, Processing

Refers to operations performed upon Personal data, whether or not by automated means, such as collection, recording, organisation, storage and archiving.

 

Technical or organisational measures/TMOs

Refers to technical or organisational measures taken to reasonable ensure and prevent Personal Data Breach as well as implement Data Subject Rights.