top of page

Privacy Notice

Halo Investing MEA Ltd and its affiliates want you to be familiar with how we collect, use and disclose your personal data. Halo Investing MEA Ltd (“Halo MEA” or "us", "our" or "we") means Halo Investing MEA Ltd, a company registered in the Abu Dhabi Global Market ("ADGM") (Registration Number 000007257) and regulated by the Financial Services Regulatory Authority ("FSRA") for "arranging deals in investments", “dealing in investments as agent” and “dealing in investments as principal” in and from the ADGM (with Financial Services Permission No. 220081). 


Our registered office is at Office 502, Al Sarab Tower, ADGM Square, Al Maryah Island, P.O. Box 51921, Abu Dhabi, United Arab Emirates.


This Privacy Notice describes our practices in connection with the following information that we collect online and offline:

 

  • through our website www.haloinvesting.ae (“Websites”);

  • through our platform, as defined in the applicable Agreement (“Platform”);

  • through our information technology infrastructure, as defined in the applicable Agreement (“Halo Systems”)

  • through any social media properties (“Our Social Media”) from which you may access this Privacy Notice;

  • through HTML-formatted email messages that we send to you that link to this Privacy Notice (“Emails”);

  • through any other offline business interactions, you may have with us (“Offline Interactions").


Collectively, we refer to the Websites, Platform, Halo Systems, Our Social Media, Emails, and Offline Interactions as the “Services.” This policy describes our processing activities. This Privacy Notice should be read in conjunction with and alongside the applicable agreement ("Agreement") to which You have signed up to.


The Personal Data collected and processed by Halo MEA will depend on the Agreement to which you have signed up to. The role of Halo MEA as data controller and or data processor will also depend on which Agreement is used. Regardless of the role of Halo MEA or the Agreement, the processing of your Personal Data is protected by a robust data processing agreement. 

 

Collection of Personal Data

Personal Data is information that identifies you as an individual or relates to an identifiable individual. 


We need to collect Personal Data in order to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services. If you disclose any Personal Data relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Notice.


We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:

 

  • Identity Data includes first name, last name, username or similar identifier, title and gender.

  • Authorized Users Data means Customer’s employees, consultants, contractors, and agents who are authorized by Customer to access and use the Platform under the rights granted to Customer pursuant to the applicable Agreement.

  • Access Credentials Data includes any username, identification number, password, or other security code, method, technology, or device, used alone or in combination, to verify an individual’s identity and authorization to access and use the Platform

  • Contact Data includes email address and telephone number.

  • Customer Data has the meaning given to it in the applicable Agreement and may include Personal Data collected through the Electronic Services on the Platform via the onboarding form, client personal data, client’s end client Personal Data, Customer Data, and Personal Data input by Authorized Users, or, if no such meaning is given, means Personal Data provided by or on Your behalf of Your end users via the Electronic Services.

  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

  • Onboarding, AML and KYC Data includes mandatory identification and due diligence checks.

  • Usage Data includes information about how you use our website and services.

  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.


We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data but is not considered Personal Data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Notice.


We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences where same has not been disclosed through the AML process. 


When you access our website, we automatically collect, store and use technical information about your equipment and interaction with our website. This information is sent from your computer to us using a variety of cookies.


Read more about our use of cookies and how to disable them below.


We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyse Our Service.


You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service.

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close your web browser.

 

Learn more about cookies: All About Cookies

 

We use both session and persistent Cookies for the purposes set out below:

Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.

Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website.

Functional Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.

Analytics Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies help us understand how visitors interact with our Website, discover errors and provide better overall analytics.

For more information about the Cookies, we use and your choices regarding Cookies, and how to disable them, please visit our Cookie Settings in the Website’s Consent/Cookie Banner.

 


How we obtain your Personal Data

We and our service providers collect Personal Data in a variety of ways, including:


Through the Services / Direct interactions

We collect Personal Data through the Services, for example, when you sign up for a newsletter, request Services, register for a seminar, use Services that can be accessed only by authenticated users who have logged in, participate in a contractual arrangement for Client Services, provide information in conjunction with our Client Services, or when you interact with us at an event, call our reception desk or otherwise visit one of our offices.


From Other Sources
We receive your Personal Data from other sources, for example:

  - publicly available databases;

  - joint marketing partners and event sponsors, when they share the information with us;

Automated technologies or interactions
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this Personal Data by using cookies, server logs, and other similar technologies. 


We may also receive Technical Data about you if you visit other websites employing our cookies.

 


The purpose and lawful basis on which we use your Personal Data 

We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:

 

  • Where we need to perform the contract, we are about to enter into or have entered into with you.

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

  • Where we need to comply with a legal or regulatory obligation.


Generally, we do not rely on consent as a legal basis for processing your Personal Data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.


We have set out below, in a table format, a description of all the ways we plan to use your Personal Data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.


Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground, we are relying on to process your Personal Data where more than one ground has been set out below.

To manage our relationship with you which will include: (a) notifying you about changes to our terms or Privacy Notice, and (b) recruitment and selection.


Type of Data – To manage our relationship with you which will include:
•    Customer Data
•    Identity
•    Contact
•    Profile
•    Application details
•    Marketing and Communications

Necessary in (a) performance of a contract with you, (b) recruitment and selection processes, (c) to comply with a legal obligation, and (d) for our legitimate interests (to keep our records updated and to study how clients use our services).

 

Managing the goods and services we receive (including contract management, managing security and access to our systems and premises, payment of invoices and assessment of our suppliers or parties who tender to provide goods or services to us).


Type of Data collected:
•    Identity
•    Contact
•    Technical 
 

(a) Necessary to fulfil our obligations to you under our contract with you, or (b) to support our legitimate interests in (i) performing a contract with our supplier who you work for or represent (ii) ensuring the protection of our systems and premises and (iii) assessing our suppliers or tenderers, provided such interests are not overridden by the rights and interests of the data subjects concerned.


To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data)
 

Type of Data collected:

•    Identity
•    Contact
•    Technical 
 

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise). Necessary to comply with a legal obligation.

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.
 

Type of Data collected:
•    Identity
•    Contact
•    Profile
•    Usage
•    Marketing and Communications
•    Technical 
 

Necessary for our legitimate interests (to study how clients use our services, to develop them, to grow our business, and to inform our marketing strategy).

To use data analytics to improve our website, services, marketing, customer relationships, and experiences.
 

Type of Data – includes:
•    Technical
•    Usage 
 

Necessary for our legitimate interests (to define types of clients for our services, to keep our website updated and relevant, to develop our business, and to inform our marketing strategy).

To make suggestions and recommendations to you about services that may be of interest to you.


Type of Data – includes:
•    Identity
•    Contact
•    Technical
•    Usage
•    Profile
 

Necessary for our legitimate interests (to develop our services and grow our business).

 

How long we keep your Personal Data / data retention

We only keep your information for as long as we need it. We keep your information for this long so that we can ensure we contact you with information on services, suggestions, offers and recommendations relevant and appropriate to you. When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), we will securely store your Personal Data and isolate it from any further processing until deletion is possible. We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you.  The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data.


In some circumstances we may anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

 


Who we share your Personal Data with

We sometimes share some of your information with other organisations, namely affiliates or subsidiaries who are bound by similar confidentiality obligations. We also use a number of carefully selected third parties to supply us with products and services. We will only share your information with our affiliates, subsidiaries and suppliers where it is necessary for them to provide us with the services we need.


Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Data in the same way as set out in this privacy notice.


We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions. 


We also use and disclose your Personal Data as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so. We have set these out in the table below.


To comply with applicable law and regulations
•    This can include laws outside your country of residence.


To cooperate with public and government authorities
•    For example, when we respond to a request or provide information, we believe is important.
•    These can include authorities outside your country of residence.


To cooperate with law enforcement.
•    For example, when we respond to law enforcement requests and orders or provide information, we believe is important.
 

For other legal reasons.
•    To enforce our terms and conditions; and
•    To protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others.
 

In connection with a sale or business transaction.
•    We have a legitimate interest in disclosing or transferring your Personal Data to a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings) Such third parties may include, for example, an acquiring entity and its advisors.

 

Which countries we transfer your Personal Data to

Our servers and filing systems are located in the United Arab Emirates and the EEA. We may disclose your Personal Data to other Halo Investing entities for the purpose of our internal business processes (such as administration and billing) and for the purpose of providing Services. When we provide Personal Data to entities outside of the jurisdiction in which it was collected, we have in place an intra-group transfer agreement in the form approved by the European Commission. We will comply with any transfer requirements applicable under local law.


Our partners and third-party service providers and partners operate in the UAE, EEA and around the world.  This means that when we collect your Personal Data it may be processed in countries that may have data protection laws that are different to the laws of your country. Some countries outside of the ADGM and European Economic Area (the “EEA”) are recognised as providing an adequate level of data protection (the full list of these “specified countries” is available here). 


We have taken appropriate safeguards to require that the Personal Data we process will remain protected in accordance with this Privacy Notice when transferred internationally, including when processed internationally by our third-party service providers and partners. Some of the safeguards we have taken include implementing the Standard Contractual Clauses for transfers of Personal Data. We have also implemented similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request. 


How we protect your Personal Data / data security 

Sending information via the internet is not totally secure. Although we do our best to protect your information, we cannot guarantee the security of any information you transmit to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.


We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.


We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

 


Your rights regarding your Personal Data 

Depending on where you live, you have rights in respect of your information. These rights may include the right to:


•    access your information
•    withdraw your consent to the processing of your information at any time
•    ask us to make changes to the information we hold about you to make sure that it is accurate and up to date
•    delete or erase your information (sometimes called the right to be forgotten)
•    stop or restrict our processing of your information
•    object to our processing your information
•    not be subject to automated decision-making and
•    request the transfer of some of the information we hold about you (known as data portability).

We have appointed a Data Protection Officer (DPO) who oversees data privacy and data protection compliance and informs and advises us on our data protection obligations. If you would like to exercise any of your rights, please contact us at privacy@haloinvesting.ae.  Please note that an archive copy of any information provided to us may be retained by us for our records and for audit purposes.


You can also unsubscribe from our emails at any time by clicking on “unsubscribe” at the bottom of the email.
 

Making a complaint

If you have any questions, concerns or complaints about the way we process your Personal Data, please contact privacy@haloinvesting.ae. Whilst we would like an opportunity to assist you first, you also have a right to lodge a complaint with a Regulator / supervisory authority in your country. You can find contact details for relevant supervisory authority for your country of residence as follows:  

 


Updates to this Privacy Notice

Our Privacy Notice may change from time to time, and any changes will be effective when posted. If we make material changes, we will take steps to notify you, such as by posting a notice on our website. 

Last Modified: 31 August 2023

 

MEA8003 / 2.0 / 2308

Anchor 1
Anchor 2
Anchor 3
bottom of page