Privacy Policy
Who is responsible for your personal data?
Aston Advisory Group provides business formation and support services (including human resources, payroll and corporate governance services) (“Services”) through our offices in Qatar, the United Arab Emirates and Oman. Aston Advisory Group is responsible for your personal data. Aston Advisory Group comprises (referred to collectively as "Aston Advisory Group" or "we" or "our"). For the purposes of applicable data protection law (in particular, the General Data Protection Regulation (EU) 2016/679 (the "GDPR") or Qatar’s Personal Data Privacy Law No. 13 of 2016), your data will be controlled by the Aston Advisory Group affiliate that you have instructed or that is providing Services to you or communicating to you and each such entity is regarded as an independent data controller of your personal data. This Notice applies to all such entities
What personal data do we collect?
We only collect the personal data we need in order to provide the Services you have requested, or that we need in order to fulfil our legal or regulatory obligations in relation to those Services. For example, we may need your personal data in order to incorporate a commercial entity in any one of the locations where we operate, obtain a trade licence, obtain resident, family, dependant and employee visas.
Personal data we collect about you may include the following:
-
General identification and contact information: your name; address; email; telephone details; gender; marital status; family status; date and place of birth.
-
Other personal information: passport information, qualifications and certifications
-
Statistical information: aggregate statistical information about website site visitors and users for internal use
-
Publicly available information in relation to professional history: educational background; employment history; skills and experience; professional licenses and affiliations; educational and professional qualifications.
-
Further information obtained from third parties such as the local police or Thomson Reuters.
Information about other people
If you provide information to us about any person other than yourself, your employees, counterparties, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.
How do we collect your personal data?
he circumstances in which we can collect personal data about you include:
-
when you or your organisation enquire about our Services;
-
when you or your organisation offer to provide, or provides, services to us;
-
when you correspond with us by phone, email or other electronic means, or in writing, or when you provide other information directly to us, including in conversation with our staff;
-
when you or your organisation browse, complete a form or make an enquiry or otherwise interact on our website or other online platforms;
-
when you attend our seminars or other events or sign up to receive personal data from us, including training;
-
by making enquiries from your organisation, other organisations with whom you have dealings such as former employers and educational institutions, or from third party sources such as government agencies, a credit reporting agency, information service providers or from publicly available records.
If you fail to provide personal data
Where we need to collect personal data by law or in order to process your instructions or perform a contract we have with you and you fail to provide that data when requested, we may not be able to carry out your instructions or perform the contract we have or are trying to enter into with you. In this case, we may have to cancel our engagement or contract you have with us, but we will notify you if this is the case at the time.
How will we use your personal data?
We use your personal data only for the following purposes:
-
To fulfil a contract for Services, or take steps linked to a contract, with you or your organisation. This includes:
-
to register you as a client of Aston Advisory Group;
-
to provide and administer Services as instructed by you or your organisation;
-
to process payments, billing and collection; and
-
to process applications for employment.
-
-
As required by Aston Advisory Group to conduct our business and pursue our legitimate interests, in particular:
-
to administer and manage our relationship with you, including accounting, auditing, and taking other steps linked to the performance of our business relationship including identifying persons authorised to represent our clients, suppliers or service providers;
-
to carry out background checks, where permitted;
-
to analyse and improve our services and communications and to monitor compliance with our policies and standards;
-
to manage access to our premises and for security purposes;
-
to protect the security of our communications and other systems and to prevent and detect security threats, frauds or other criminal or malicious activities;
-
to exercise or defend our legal rights or to comply with court orders;
-
to provide Services to our clients;
-
o communicate with you to keep you up-to-date on the latest developments, announcements, and other information about our Services and solutions (including briefings, newsletters and other information), events and initiatives; to send you details of client surveys, marketing campaigns, market analysis, or other promotional activities; and
-
to collect information about your preferences to personalise and improve the quality of our communications with you.
-
-
For purposes required by law, including maintaining records, compliance checks or screening and recording (e.g. anti-money laundering, financial and credit checks, fraud and crime prevention and detection, trade sanctions and embargo laws). This can include automated checks of personal data you provide about your identity against relevant databases and contacting you to confirm your identity, or making records of our communications with you for compliance purposes.
We will not use your personal data for taking any automated decisions affecting or creating profiles other than as described above.
Disclosure of your personal data
We will share your personal data, in the following circumstances:
-
with our affiliates for the purposes of providing you with our Services as described in this Privacy Notice;
-
with third parties including certain service providers we have retained in connection with the Services we provide, such as translators or other necessary entities;
-
with companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such personal data is shared;
-
with courts, law enforcement authorities, regulators, government officials or attorneys or other parties where it is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process;
-
with service providers who we engage within or outside of Aston Advisory Group, domestically or abroad, e.g. shared service centres, to process personal data for any of the purposes listed above on our behalf and in accordance with our instructions only; and
-
if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.
Information about criminal Convictions
We may collect information about criminal convictions in the course of carrying out the agreed Services. In particular, in order to obtain a work visa from a government department, a certificate of good conduct or police clearance may be required which may reveal information about previous criminal convictions. We will only use this information for the purposes of carrying out the Services and in compliance with the applicable data protection law.
Security of your personal data
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
Our security measures include:
- encryption of our services and data;
- review of our information collection, storage and processing practices, including physical security measures;
- restricting access to Personal Data to employee’s, clients and suppliers who have a legitimate purpose for holding and processing the Personal Data and who are subject to contractual confidentiality and processing obligations. They may be disciplined, or their contract terminated if they fail to meet these obligations; and
- internal policies setting out our data security approach and training for employees
Updating personal data about you
If any of the personal data that you have provided to us changes, for example if you change your email address or if you wish to cancel any request you have made of us, or if you become aware we have any inaccurate personal data about you, please let us know by sending an email to contact@aston.ae We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
Your rights
You have various rights with respect to our use of your personal data:
- Access: You have the right to request a copy of the personal data that we hold about you. There are exceptions to this right, so that access may be denied if, for example, making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information. You are entitled to see the personal data held about you. If you wish to do this, please contact us using the contact details provided below.
- Accuracy: We aim to keep your personal data accurate, current, and complete. We encourage you to contact us at contact@aston.ae to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date.
- Objecting: In certain circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data. If you would like us to stop using your personal data, please contact us at contact@aston.ae.
- Porting: You have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.
- Erasure: You have the right to ask/require us to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data have been unlawfully processed.
You may, at any time, exercise any of the above rights, by contacting us at contact@aston.ae together with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.