Crest

Management Consultancy

Privacy Policy

1. Introduction

At Crest Management Consultancy FZ LLC, we are committed to protecting your privacy and ensuring that your personal data is handled securely and in compliance with the UAE Personal Data Protection Law and international best practices.

This Privacy Policy outlines how we collect, use, store, and disclose your personal data when you interact with us through our website, email, phone, or during the course of providing our project management consultancy services.

2. Scope of Policy

This policy applies to:

  • Clients and prospective clients

  • Business partners and suppliers

  • Visitors to our website

  • Any individual whose personal data we collect in the course of our business operations

3. Data We Collect

We may collect and process the following types of personal data:

  • Contact Information: Name, company name, email address, phone number, job title

  • Business Information: Project details, company documents, financial information necessary for project evaluation

  • Technical Information: IP address, browser type, operating system, and website usage data via cookies

  • Communication Records: Emails, messages, call logs, and meeting notes

4. How We Use Your Data

We use your data to:

  • Provide project management and consultancy services

  • Manage client relationships and communications

  • Process transactions and invoices

  • Comply with legal obligations and regulatory requirements

  • Improve our website and user experience

  • Send business updates, service offerings, and marketing materials (you may opt out at any time)

5. Legal Basis for Processing

We process your personal data on one or more of the following legal bases:

  • Your explicit consent

  • Performance of a contract

  • Compliance with legal obligations

  • Our legitimate business interests

6. Data Sharing and Disclosure

We do not sell or rent your data. We may share it with:

  • Subcontractors or service providers under confidentiality agreements

  • Legal or regulatory authorities when required by law

  • Our professional advisors (e.g., auditors, lawyers)

  • Technology partners for hosting and IT support

7. International Data Transfers

If data is transferred outside the UAE, we ensure that adequate protection measures are in place, in line with applicable data protection laws and standard contractual clauses.

8. Data Retention

We retain personal data only as long as necessary for the purposes stated or as required by law. When no longer needed, data is securely deleted or anonymized.

9. Your Rights

You have the right to:

  • Access your data and request a copy

  • Correct or update inaccurate data

  • Withdraw your consent

  • Object to certain types of processing

  • Request deletion or restriction of your data

To exercise your rights, please contact us via our website or in writing.

10. Data Security

We implement appropriate technical and organizational measures to protect your data against loss, misuse, unauthorized access, disclosure, alteration, or destruction.

11. Use of Cookies

Our website uses cookies to enhance your browsing experience. You can manage your cookie preferences via your browser settings.

12. Updates to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. The latest version will always be available on our website.

13. Linked websites

This Privacy Policy does not apply to linked websites.

14. Rights to access and correction of your business information

You have the right to access your business information unless we are permitted by law to withhold that information. Any requests for access to your business information should be made to the Data Protection Officer (see below) in writing. You also have the right to request the correction of any of your business information which is inaccurate. Any corrections should be advised to us in writing.

In some circumstances it may be appropriate and lawful for us to deny access, including if:

  • providing access would have an unreasonable impact on the privacy of another individual;
  • the request is frivolous or vexatious;
  • the information relates to existing or anticipated legal proceedings between you and us and the information would not be accessible by the process of legal discovery in those proceedings;
  • giving access would reveal our intentions in relation to negotiations with you and prejudice those negotiations;
  • providing access would be unlawful or if denying access is required or authorised under the UAE Personal Data Protection Law and international best practices.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us at data@crestmanagementconsultancy.com