This is a general information notice provided to all visitors to the website www.crif.ae (“Website”) in accordance with the UAE Data Protection Law no. 45 of 2021 and its regulations.
Following access to and consultation of the Website, data relating to identified or identifiable persons may be processed.
The Controller for the processing of the collected personal data is CRIF Gulf, with registered office in 15th floor, '48 Burj Gate', Downtown Burj Khalifa, Dubai, UAE.
Users can contact the Controller at the above mailing address or via the following e-mail addresses: firstname.lastname@example.org
Data processing location
The processing of data collected with reference to those who access the Website is mainly carried out at the CRIF Gulf office, in accordance with the provisions of the UAE Data Protection Law no. 45 of 2021 and its regulations.
In any case, personal data is processed only by specially trained employees or contractors with appropriate technical skills, and who are appointed and authorized to perform the processing.
Data processing methods
The data will be processed lawfully and fairly, guaranteeing its security and confidentiality, according to the provisions of the UAE Data Protection Law no. 45 of 2021 and its regulations. Personal data will be processed using electronic and in any case automated equipment
Categories of personal data processed
With reference to browsing data, the computer systems and software procedures used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit to the use of Internet communication protocols. This information is not collected in association with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This data category includes the IP addresses or domain names of computers used by users who connect to the Website, Uniform Resource Identifier (URI) addresses of the requested resources, the time of the request, the method used to submit the server request, and other parameters related to the user’s operating system and computing environment.
The optional and voluntary sending of e-mails to the addresses indicated on the Website or by filling out the appropriate contact form involves the acquisition of the user’s personal data, as indicated therein (e.g., first name, last name, e-mail address, telephone number, company, VAT no., address, zip code, city), which is necessary to respond to user requests.
Use of the Website and purposes of processing
User data may be processed for:
- the performance of the operations strictly necessary to provide the services or to respond to and/or manage any requests made by the user through the appropriate contact form on the home page of the Website as well as making an appointment for the sales force if necessary;
- statistical processing of aggregated data in relation to the Website services.;
- direct marketing activities and marketing communications for products and services of CRIF Gulf and other CRIF Group companies. If, following specific selection of the relevant check box, the user consents to receiving information, marketing communications, direct sales, and market research on the products or services provided through the Website, the user’s information will be processed for this purpose. Such communications may be sent through the use of traditional tools (telephone/mail) or automated tools (e-mail, fax, SMS, etc.), always on the basis of the preferences previously expressed by the user. After the initial telephone/e-mail contact, if the user decides not to subscribe to any service or to purchase any product or states that he/she does not want to be contacted again, the Controller will cancel the user’s details. Likewise, users can decide not to receive any marketing communications at any time by using the opt-out link at the bottom of each message and in any case exercising the relative right to withdraw consent.
Legal grounds for data processing
The user's personal data will be processed on the basis of one or more of the following legitimacy conditions. In particular, processing carried out for the purposes referred to in:
letters (a) and (b) above, which have as their legal basis the need to fulfill the requests for the provision of a service or to respond to a user request. Such processing is therefore strictly necessary and connected to a pre-contractual phase at the request of the data subject and/or contractual or in order to provide feedback to a specific user request. In this regard, the personal information collected from time to time through the Website is necessary. If the user decides not to provide the information, it will not be possible to provide the service or proceed with the requests.
letter (d) above, which requires the prior and specific consent of the user for use of the user’s details by the Controller. This consent is optional and does not affect the provision of any additional services requested.
The user has the right to withdraw consent for the marketing purposes referred to in letter (d) at any time without prejudice to the lawfulness of the processing based on the consent given before withdrawal and has the right to oppose the processing for marketing purposes referred to in letter (d), including in part, or with reference to the marketing information and offers, and the advertising and promotional material on services through automated methods.
Categories of recipients of personal data
Hosting and back-end infrastructure. This type of service has the function of hosting data and files that enable the Website to function and perform data processing in order to enable the Website to be browsed by users.
Shipping and logistics;
Site Administration (administration, sales, marketing and legal personnel, and system administrators)
Cookie Management. This type of service allows use of user data for marketing communication purposes in a variety of forms as specified above.
The user can ask the Controller for an up-to-date list of Processors at any time.
User’s data could be sent to several recipients in compliance with the characteristic of the service supplied by CRIF to the client.
Users are free to decide whether to provide the personal data necessary for CRIF Gulf to supply the requested services. Failure to provide this data may make it impossible CRIF Gulf to supply the requested information or services.
Data subject’s rights
We hereby inform you that, users can exercise the following rights: the right to access their personal data, ask for the amendment or deletion of the data, or restriction of the processing. User also have the right to oppose the processing, as well as the right to portability. In addition, the user can withdraw his or her consent at any time, it being understood that the withdrawal of consent does not affect the lawfulness of the processing carried out up to the point of withdrawal.
In these cases, requests should be sent to CRIF Gulf, 15th floor, '48 Burj Gate', Downtown Burj Khalifa, Dubai, UAE.
Data Protection Officer
For any questions regarding the processing of your personal data, please contact our Data Protection Officer, using the following contact details: e-mail: email@example.com
The data controller has the right to make changes to this Policy at any time by informing users on this page as well as through the banner and, if possible on the Site. Please therefore consult this page and/or the banner regularly, referring to on the date of the last modification indicated at the bottom.
Last modification date: 16/02/2022