Privacy policy
This privacy notice applies to MEGGLE Africa and Middle East DMCC and each company in which MEGGLE Africa and Middle East DMCC (i) directly or indirectly, controls fifty percent (50%) or more of the share capital.
In this notice, “us” and “our” refers to MEGGLE Africa and Middle East DMCC .
About this privacy notice
For the purposes of applicable data protection law, MEGGLE Africa and Middle East DMCC is a data controller in respect of your personal data. We are responsible for ensuring that we use your personal data in compliance with data protection law.
This privacy notice is directed to individuals whose personal data we collect and process:
- via our websites (such as contacting us, registering with us and purchasing products or services via our website);
- in the course of carrying on our commercial activities; and
- during visits to our premises.
Personal data that we collect about you
The personal data we collect and process about you depends on the particular activity carried out, but includes:
- Information that you provide to MEGGLE Africa and Middle East DMCC
This includes information that you provide to us in correspondence and through forms and contracts we may enter into with you. This information may include your full name, date of birth, nationality, address, contact details (including telephone number and email address), job title, bank and card details, vehicle and licence information, identification details or other national identifier - Information we collect or generate about you
This may include information: (i) that we produce as a record of our relationship with you, including contact and business history; (ii) that we may collect via monitoring and call recording, including personal data collected in respect of your use of our websites; and (iii) collected when visiting our premises, including CCTV footage, and access and location data. - Information we obtain from other sources
This may include information from (i) publicly available sources, including third party agencies, such as credit reference agencies, fraud prevention agencies, law enforcement agencies, public databases and registers and records; and (ii) information obtained from sanctions checking and background screening providers.
Uses of your personal data
Your personal data may be collected and processed by us in the following ways and for the following purposes:
- to perform our obligations under contracts entered into with, or for the benefit of, you;
- to allow you to use and access our products, services and websites;
- for the management, development and administration of our business, including maintaining our relationships with third party suppliers;
- for shareholder and investor relations and management, such as communications and performance announcements;
- to communicate with you about changes to our products, services and website, and to communicate any new products and services we offer;
- for the ongoing review and improvement of our services, websites and systems;
- to respond to requests for information submitted by, or on behalf of, you;
- to verify your identity;
- to monitor and protect our systems, websites and premises from unauthorised access and use, and to maintain our systems and websites;
- to comply with, and assess our compliance with: (i) our internal policies and procedures; and (ii) any legal and regulatory obligations; and/or
- to exercise or defend our legal rights.
We are entitled to use your personal data in the following ways because:
- we have obtained your consent;
- it is necessary for a contract we have with you, or because you have asked us to take specific steps for entering into, amending or terminating a contract;
- we have legal and regulatory obligations that we have to discharge;
- we may need to in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings;
- the personal data has been made public by you; and/or
- the use of your personal data as described is necessary for our legitimate business interests (or the legitimate interests of MEGGLE Africa and Middle East DMCC), such as:
- for the management, development and administration of our business, including maintaining our relationships with third party suppliers;
- to communicate with you about changes to our products, services and website, and to communicate any new products and services we offer;
- for the ongoing review and improvement of our services, websites and systems;
- to respond to requests for information submitted by, or on behalf of, you;
- maintaining compliance with internal policies and procedures;
- to verify your identity; and/or
- to monitor and protect our systems, websites and premises from unauthorised access and use, and to maintain our systems and websites.
Disclosure of your personal data to third parties
Within the wider group
We may disclose your personal data to other members of our business group for the purposes described above. We will take steps to ensure that the personal data is accessed only by MEGGLE Africa and Middle East DMCC employees that have a need to do so for the purposes described in this notice.
As MEGGLE Africa and Middle East DMCC is also a subsidiary of MEGGLE Functional Products International GmbH, Germany, we may disclose and share your personal data also within the MEGGLE Group for the purposes described above.
Outside of the group
We may also share your personal data with the following categories of third parties outside of the group:
- with third party agents and contractors for the purposes of providing services to us (for example, the providers of cloud services and IT and communications service providers) and professional advisors such as law firms, accountants and auditors;
- with any stock exchange and public bodies responsible for the governance and administration of our companies;
- if we sell any of our business or assets or are acquired by a third party, in which case we may disclose your personal data to the prospective buyer for due diligence purposes; and
- to the extent required by law, regulation or any court order, for example if we are under a duty to disclose your personal data in order to comply with any legal obligation or request from a regulatory authority, and to establish, exercise or defend our legal and contractual rights.
International transfers of personal data
To the extent permitted by applicable data protection law, the personal data that we collect from you may be transferred to, and stored at, a destination outside of the jurisdiction in which it was originally collected (“Relevant Location”). It may also be stored and processed by other companies and/or third parties in other countries, which may include destinations outside of the Relevant Location.
Where your personal data is transferred outside of the Relevant Location, we will ensure that it is protected in a manner that is consistent with how your personal data will be protected by us in the Relevant Location. This can be done in a number of ways, for instance:
- the country that we send the data to might be approved by the data protection authority in the Relevant Location as offering an adequate level of protection for your personal data; or
- the recipient might have signed up to a contract based on “model contractual clauses” approved by the data protection authority in the Relevant Location, obliging them to protect your personal data.
In other circumstances the law may permit us to otherwise transfer your personal data outside the Relevant Location. In all cases, however, we will ensure that any transfer of your personal data is compliant with data protection law.
You can obtain more details about the protection given to your personal data when it is transferred outside the Relevant Location by contacting us in accordance with the “Contacting us” section below.
Retention of personal data
How long we hold your personal data for will vary. The retention period will be determined by various criteria including:
- the purpose for which we are using it – we will need to keep the data for as long as is necessary for that purpose; and
- legal obligations – laws or regulation may set a minimum period for which we have to keep your personal data.
Your rights
You have a number of legal rights in relation to the personal data that we hold about you. These rights may (depending on where you are located) include:
- the right to obtain information regarding the processing of your personal data and access to the personal data which we hold about you;
- the right to withdraw your consent to our processing of your personal data at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so;
- in some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us;
- the right to request that we rectify your personal data if it is inaccurate or incomplete;
- the right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data, but we are legally entitled to retain it;
- the right to object to and stop, and the right to request that we restrict, our processing of your personal data in certain circumstances. Again, there may be circumstances where you object to and stop, or ask us to restrict, our processing of your personal data but we are legally entitled to continue processing your personal data and / or to refuse that request;
- the right to object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you; and/or
- the right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.
You can exercise your rights in line with applicable law in your location by contacting us using the details set out in the “Contacting us” section.
hCaptcha
We use the hcaptcha tool from Intuition Machines, Inc, 350 Alabama St, San Francisco, CA 94110, USA, as part of our legitimate interest in a technically flawless online offering and its economically efficient design and optimisation in accordance with Art. 6 para. 1 lit. f GDPR.
The hcaptcha service checks whether the entries on our website have been made by a human or abusively by automated, machine processing and is therefore used in particular in connection with forms. The hcaptcha service uses the following data to ensure that an action is carried out by a human and not by an automated bot: IP address of the end device used, identification data of the browser and operating system type used, date and duration of the visit and user behaviour, e.g. mouse movements or other queries. The procedure is used exclusively to defend against spam, DDoS attacks and similar automated malicious access.
This may result in your data being transferred to the USA. We have concluded an order processing agreement with Intuition Machines, Inc. according to which Intuition Machines, Inc. will only process your data in accordance with our instructions. This DPA also stipulates that the transfer of data to the USA by Intuition Machines, Inc. only takes place within the framework of the standard contractual clauses.
For more information on the use of your data by hcaptcha, please refer to the Intuition Machines, Inc. privacy policy.
Making a privacy complaint
You can contact us using the contact details at the bottom of this notice if you have any concerns about how we have handled your personal data. If you are not satisfied with the manner in which we have dealt with your complaint, you may contact the relevant data protection authority in your jurisdiction, which includes in the United Arab Emirates, the UAE Data Office, and in the Kingdom of Saudi Arabia, the Saudi Authority for Data and Artificial Intelligence.
Contacting us
If you would like further information on the collection, use, disclosure, transfer or processing of your personal data or the exercise of any of the rights listed above, please use “Contact” section on our website to send us an enquiry or to the following address:
MEGGLE Africa and Middle East DMCC
Jumeirah Lakes Towers
Indigo Icon Building, Office 1804
Dubai, United Arab Emirates (UAE)
T +971 44357-530
info.dubai@meggle.com