Privacy Policy

Hamdan AlShamsi Lawyers & Legal Consultants LLC (“HAS”, “we”, “our”, “us”) respects the privacy rights of online visitors and subscribers to our marketing communications (“you”, “your”, “yours”) and is committed to protecting the confidentiality of your personal information. This policy (“Privacy Policy”) explains how we collect, use, share, and otherwise process your Personal Data in accordance with Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, as amended from time to time (the “PDPL”) and other applicable laws.

In this Privacy Policy, “Personal Data” means information that (either in isolation or in combination with other information held by HAS enables you to be identified as an individual or recognized directly or indirectly. Unless we specifically state otherwise, HAS is the controller of the Personal Data we process, and is therefore responsible for ensuring that the systems and processes we use are compliant with PDPL to the extent applicable to us.

If you provide us with Personal Data relating to other persons (such as family members, work colleagues, employees, etc.), you are responsible for ensuring the relevant individuals are made aware of the terms of this Privacy Policy and that you are legally entitled to provide us with their Personal Data. You are also responsible for ensuring that their Personal Data is accurate and up-to-date.

This Privacy Policy does not apply to websites maintained by other companies or organisations to which we provide links on our Site, and HAS is not responsible for any Personal Data you submit to third-party websites accessible through links on our Site.

This information is provided to inform online visitors and subscribers of our Privacy Policy. By visiting https://alshamsilegal.com (“Site”), you consent to the collection and processing of your Personal Data as described in this Privacy Policy.

 

What Personal Data do we collect from you?

HAS may collect Personal Data from you when you visit our website, engage with us through online forms, subscribe to our publications/newsletters, or otherwise interact with us.

We collect the following categories of Personal Data about visitors, clients, prospective clients, suppliers, job applicants, and other third parties:

  • Basic data:This includes your name, title, gender, organization, job responsibilities, phone number, mailing address, email address, and other contact details, including areas of interest.
  • Special categories of data: In limited cases, where relevant to the services we provide, you may provide us with information such as your religious or philosophical beliefs, racial or ethnic origin, health-related data, sexual orientation, or trade union membership. Such data is only collected where strictly necessary.
  • Registration data:Information you provide when registering for newsletters, events, seminars, subscriptions, or downloading materials, including dietary preferences (excluding special categories of data), subscriptions, downloads.
  • Client service data:Personal Data received from clients in relation to their employees, customers, or other individuals known to them; billing and invoicing information; payment history; and client feedback. 
  • Marketing data:Data relating to your participation in events, conferences, or seminars hosted or sponsored by us, as well as your professional credentials, affiliations, preferences, and interests in our services.
  • Transaction data:Any personal data included in documents, correspondence, or materials provided in the context of legal transactions, proceedings, or other client instructions.
  • Interaction data:Contact details, email communications metadata, and other technical data relating to your interactions with us through our website or other digital means.
  • Compliance data:Information such as government-issued IDs, passport numbers, dates of birth, beneficial ownership details, and any information provided for the purposes of compliance with anti-money laundering (AML), know-your-client (KYC), or similar regulatory requirements applicable to us.
  • Job applicant data:Data provided by job applicants or others on our Sites or offline means in connection with employment opportunities, which also may be subject to an additional relevant local recruitment privacy policy. 
  • Device data:Technical information such as your IP address, device identifiers (e.g., UDID), cookies, and analytics data related to your use of our website.

 

How do we collect your Personal Data?

We collect Personal Data through the following methods:

  • Directly from you: When you complete forms on our Site, contact us, or subscribe to our services or communications.
  • Automatically via marketing communications: When you interact with our marketing emails or newsletters, which track preferences and engagement.
  • Automatically via the Site: When you browse our Site, we may collect IP addresses, cookie data, and usage analytics. This is generally anonymous and does not identify you individually.

This list is non-exhaustive.

 

How is Personal Data used?

The purposes for which we use Personal Data, and the corresponding legal bases for such processing, include the following:

  • We use basic data, registration data, client service data, and device data to provide legal advice and respond to queries. This processing is necessary to perform our contractual obligations to our clients and to take steps at the request of prospective clients prior to entering into a contract.
  • We process basic data, special categories of data, registration data, marketing data, and client service data to manage our relationships with clients, suppliers, and service providers. This includes administrative functions such as invoicing and engagement management, which are essential for fulfilling our contractual obligations.
  • We process device data to analyze how users interact with our website. This is necessary for our legitimate interests in improving the functionality, content, and user experience of our Site.
  • We use basic data, registration data, transaction data, and device data to monitor and maintain the security of our website and IT systems. This processing is necessary for our legitimate interests in detecting and preventing fraud, misuse, and other unlawful activity.
  • We process basic data, interaction data, and device data to maintain accurate contact records and strengthen our engagement with clients, prospective clients, and other stakeholders. This is necessary for our legitimate interests in improving our services and communications.
  • We use marketing data, basic data, special categories of data (where relevant), registration data, client service data, and device data to provide you with information on services, events, legal updates, and topics of interest. This processing is based on our legitimate interests in promoting our services, or, where required by law, on your consent.
  • We process compliance data, basic data, registration data, transaction data, and device data to comply with applicable legal obligations. This includes our obligations under:
    • UAE Federal laws on anti-money laundering and combating the financing of terrorism,
    • tax reporting obligations, and
    • client due diligence obligations, as well as specific regulatory requirements imposed on law firms under the supervision of the UAE Ministry of Justice, the Legal Affairs Department of the Government of Dubai and the Department of Legal Affairs or equivalent regulatory bodies overseeing licensed legal practitioners and law firms in the relevant emirate or free zone.
  • We process job applicant data and compliance data for evaluating candidates and administering recruitment and onboarding processes. This processing is necessary for entering into employment or contractual relationships and for compliance with applicable labour, immigration, and legal requirements. Where applicable, this may be further governed by our specific recruitment, onboarding or employee-related policies.

 

Sharing of Personal Data

We may share Personal Data with the following categories of recipients, in accordance with applicable laws and only where necessary for the purposes described in this Policy:

  • Suppliers and Service Providers: We may share Personal Data with third-party suppliers, vendors, and service providers who perform services on our behalf and under our instructions. These include:
    • IT and infrastructure providers (e.g., for email, data storage, client onboarding/intake, finance, and CRM systems);
    • professional advisors, lawyers, and consultants who support our operations, including in relation to analytics, website administration, and marketing campaigns;
    • venue operators and event organizers in connection with conferences, seminars, and client events.

To the extent we can, we bind these third parties contractually if directly contracted with us to safeguard the confidentiality and security of Personal Data and to use such data only for the purpose of providing services to us.

  • Financial Institutions: We may share necessary Personal Data with financial institutions or payment processors in connection with billing, invoicing, and payment-related matters.
  • Regulators, Courts, and Legal Authorities: We may disclose Personal Data as required to comply with our legal and regulatory obligations, including tax and anti-money laundering reporting requirements, or in response to:
    • court orders, subpoenas, or other legal process;
    • requests from regulators or government authorities (e.g., the Ministry of Justice, Legal Affairs Departments, and other authorities overseeing licensed legal professionals in the UAE);
    • legally enforceable demands from law enforcement or public agencies.

We may also disclose Personal Data when necessary to establish, defend, or enforce our legal rights, to protect the rights, property, or safety of HAS, our clients, employees, or others, or in connection with legal proceedings.

 

Marketing communications

We may send you marketing communications by way of email to provide you with relevant legal insights or invite you to events. We do not sell or pass on your details to third-party marketing companies. Our marketing communications may include tracker technology, which allows us to better understand the effectiveness of our communications.

We endeavour to ensure that any marketing communications which are sent to you are appropriate. When you receive marketing communications, you will be given the opportunity to unsubscribe from our mailing lists or update your preferences. In order to do this, you simply need to follow the ‘unsubscribe’ link in the email. Alternatively, you can change your preferences or unsubscribe by contacting us at info@alshamsilegal.com.

 

What about Site cookies?

To enhance your experience on our Site, we place small text files in your computer’s browser to record your preferences (“Cookies”). We use Cookies to understand site usage and improve content.

Cookies, alone, do not reveal any personal information. If you choose to provide personal information, e.g. if you subscribe to marketing communications, this information may be linked to data stored in Cookies.

You can set your browser options to avoid receiving Cookies, and you can also delete existing Cookies from your browser. If you wish to block Cookies, please open your internet browser and adjust the preferences.

You may find that some parts of the Site will not properly function if you have refused Cookies.

Should you continue without changing settings on your machine, it will be assumed that you are content to receive Cookies on alshamsilegal.com 

 

How do we use Cookies?

Cookies on our Sites are generally divided into the following categories:

  • Necessary Cookies:These cookies are essential for the website to function and cannot be disabled in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the Site will not then work. These cookies do not store any personally identifiable information.
  • Functional Cookies:These cookies enable the Site to provide enhanced functionality and personalisation. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.
  • Performance Cookies: These cookies enable us to track visits and traffic sources, allowing us to measure and improve the performance of our Site. They help us determine which pages are the most and least popular, and show us how visitors navigate the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not be able to determine when you have visited our Site, and therefore, we will not be able to monitor its performance.
  • Targeting Cookies: These cookies may be set through our Site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store personal information directly, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
  • Social Media Cookies: These cookies are set by a range of social media services that we have added to the Site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

 

Transferring your Personal Data

The majority of our information is stored in the United Arab Emirates. In certain circumstances, we may transfer the Personal Data we collect about you to other jurisdictions. However, any such transfer shall not prejudice the data.

 

Personal Data Retention

We typically retain Personal Data related to marketing activities for as long as you accept marketing communications from us, and we will delete such data in accordance with applicable law upon request.  For Personal Data that we collect and process for other purposes, we will typically retain such Personal Data for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy and as otherwise specified in applicable record retention policies and procedures.

 

Personal Data Security

HAS takes all reasonable measures to secure personal data, including:

  • encrypting data during transmission and at rest;
  • implementing access controls and secure authentication methods; and
  • systems for accessing potential vulnerabilities.

While we endeavour to always protect our systems, sites, operations and information against unauthorized access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others.

You also have an important role in protecting Personal Data. You should not share any username, password, or other authentication data provided to you with anyone. We also recommend that you do not reuse passwords across multiple websites or applications.  If you have any reason to believe that your username or password has been compromised, please contact us as detailed below.

 

Your Rights under UAE Laws

Under the UAE PDPL, you may exercise the following rights:

  • access and obtain a copy of personal data directly provided by you;
  • request correction or deletion of inaccurate or unnecessary data directly provided by you;
  • restrict processing of data under specific circumstances;
  • object to processing for marketing or non-essential purposes;
  • request for deletion/erasure of the account in accordance with this Privacy Policy (in such case, the relevant data shall be deleted except as required for compliance with relevant laws); and
  • such other rights as the UAE PDPL provides.

 

Changes to this Privacy Policy

HAS reserves the right to modify this Privacy Policy at any time to reflect changes in legal requirements or operational practices. Any updates will be posted on the Site, and you will be notified of significant changes.

It is clarified that the continued use of the Site constitutes acceptance of the updated policy.

 

Governing Law and Dispute Resolution

This Privacy Policy is governed by the laws of the United Arab Emirates. Any disputes arising from this Privacy Policy shall be subject to the exclusive jurisdiction of the courts in Dubai.

 

Contact Information

For any questions or concerns regarding this Privacy Policy (or questions on its updates/ amendments) or for account erasure/deletion, users may contact HAS at:

Email: info@alshamsilegal.com
Phone: +971 4 346 9262
Address: Office 401, Bay Square, Bld-01, Marasi Drive, Business Bay, Dubai, UAE

 

Partial Invalidity

If any provision of this Privacy Policy or the application thereof or circumstance shall be invalid or unenforceable to any extent, the remainder of this Privacy Policy and the application of such provision to you or circumstances other than those as to which it is held invalid or unenforceable shall not be affected thereby, and each provision of this Privacy Policy shall be valid and enforceable to the fullest extent permitted by applicable law. Any invalid or unenforceable provision of this Privacy Policy shall be replaced with a provision which is valid and enforceable and most nearly reflects the original intent of the unenforceable provision.