Privacy Notice

Introduction

We recognise the importance of your privacy and understand your concerns about the security of your Personal Data. We are committed to ensuring that when you share Personal Data with us or we collect Personal Data about those who visit our websites, we do so in accordance with applicable and relevant privacy laws and principles.

This Privacy Notice details how we generally collect, hold, use and disclose Personal Data, your rights in relation to the Personal Data that we hold about you and the third parties to whom it may be disclosed. We do this in compliance with our obligations as a data controller under the Dubai International Financial Centre (“DIFC”) Data Protection Law No.5 of 2020 (“DPL”).

It is important that you read and retain this notice, together with any other Privacy Notice we may provide on specific occasions.

Any reference to “us”, “our”, “we” or “the Company” in this Privacy Notice is a reference to Magellan Capital Limited, as the context requires unless otherwise stated.

The Privacy Notice may form among other documents an integral part of the master agreement we have with you. However, it does not form part of any contract to provide services for which we have signed the contract with you.

This Privacy Notice applies to the following individuals (“you”):

  • Our past, present and prospective customers;
  • Website users;
  • Anyone involved in any transaction or interaction with us, whether it is in your personal capacity or as a representative of a legal entity (for example, director, a company manager, agent, legal representative, operational staff, other authorized representative, etc.); and
  • Our advisors, consultants or secondees.
Data protection principles

We comply with the DIFC DPL. This ensures your Personal Data is:

  • Used in accordance with the DIFC DPL and in accordance with your rights pursuant to the DIFC DPL.
  • Used lawfully, fairly and in a transparent manner.
  • Collected or used only for legitimate purposes that we have explicitly and specifically explained to you at the time of collection and not collected or used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and, where necessary, kept up to date including via erasure or rectification.
  • Kept only as long as necessary for the purposes we have told you about.
  • Kept securely.
Personal Data collected by the Company

Personal Data means any information about an individual from which that person can be identified, directly or indirectly. It does not include data where the identity has been removed (anonymous data).

We collect your Personal Data from various sources, such as through our company website, consent driven mailing lists for marketing purposes, and our interactions with you. We may also obtain Personal Data from other sources, background and/or identity checks or via cookies on our website.

The services we provide fall under the scope of our regulated activities and as such we generally have obligations to ask for a range of Personal Data from you which could include:

  • information that you provide to us on applications and other forms, including your name, address, mobile number, email address, date of birth, contact details, occupation, income, assets and liabilities, bank account details, nationality, trading history or statements, financial statements, credit reporting information, source of funds, source of wealth details, employment details, and any information that you provide for us to verify this information, such as a passport information or other identification documentation, as well as special categories of data or other sensitive information e.g. criminal records, political affiliations etc. or documents received from other entities not affiliated with the Company
  • information that is obtained through the Company’s website, such as location data or any other similar information which could be used to identify you, and
  • information about your transactions with us and our affiliates.

Our website is not targeted, intended or expected to be of use to children. Apart from providing information for specific services or purposes, as directed by DIFC processes, user-provided contributions of content or contact information regarding or about children are expressly prohibited.

If you choose not to provide the Personal Data we request, we may not be able to provide you with the product or service you need.

What do we do with your Personal Data

When we use the term “Processing” or “Process” this means any activity that can be carried out in connection with Personal Data such as collecting, recording, storing, adjusting, organizing, using, disclosing, transferring or deleting it in accordance with applicable laws.

We only use your Personal Data under one of the following legal grounds:

  • to conclude and carry out a contract with you;
  • to perform our pre-contractual employment obligations;
  • to comply with our legal obligations;
  • for our legitimate business interests. This Personal Data Processing may be necessary to maintain good commercial relations with all our customers and other concerned parties. We may also Process your data to prevent and combat fraud and to maintain the security of your transactions and of the operations made by us; or
  • when we have your consent,

We may also use your Personal Data for the future planning of our business, including product development and research.

Special Categories of Personal Data

“Special Categories" of particularly sensitive Personal Data require higher levels of protection. We have justification for collecting, storing, and using this type of Personal Data. We have in place an appropriate policy document and safeguards in compliance with the law. We are likely to Process Special Categories of Personal Data in the following circumstances where:

  • in limited circumstances, we have your explicit written consent.
  • it is necessary to comply with the law applicable to us in relation to anti-money laundering or counter-terrorist financing obligations or the prevention, detection, or prosecution of any crime.
  • it is necessary for the compliance with specific requirements pursuant to laws applicable to us. In such circumstances, we will provide you with clear notice unless the obligation in question prohibits such notice being given.

Less commonly, we may Process this type of Personal Data where it is needed in relation to legal claims, where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent, or where you have already made the information public.

For marketing purposes, we would not obtain Special Categories of Personal Data, however, if we do, we will issue a separate notice on how we would use the data.

We envisage that we may hold information about criminal convictions. We will only collect Personal Data about criminal convictions if it is appropriate and where we are legally able to do so. For example, to determine whether we can onboard you as a client or enter in to an agreement with you.

Legal Obligations

We may be required to retain and use Personal Data to meet our internal and external audit requirements, for data security purposes and as we believe to be necessary or appropriate:

  • comply with our obligations under applicable law and regulations, which may include laws and regulations outside your country of residence;
  • to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence;
  • to carry out anti-money laundering, sanctions or Know Your Customer (“KYC”) checks as required by applicable laws and regulations;
  • to protect our rights, privacy, safety, property, or those of other persons; or
  • after you have done business with us for legal, regulatory and compliance reasons, such as the prevention, detection or investigation of a crime; loss prevention; or fraud prevention.
Your Consent

In general, we do not rely on consent as our Processing reason and also would not require consent if we use Special Categories of your Personal Data in accordance with our written policy to carry out our legal obligations.

In limited circumstances, we may approach you for your written consent to allow us to Process certain particularly sensitive data. If we do so, we will provide you with full details of the Personal Data that we would like and the reason we need it so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your relationship with us that you agree to any request for consent from us.

With whom do we share your Personal Data and for which reasons

To comply with our regulatory obligations, we may disclose Personal Data to the relevant government, supervisory and judicial authorities such as:

  • Public authorities, regulators and supervisory bodies such as the financial sector supervisors in the countries in which we operate.
  • Tax authorities may require us to report customer assets or other Personal Data such as your name and contact details and other information about your organization, for this purpose, we may Process your data such as your tax identification number or any other national identifier in accordance with applicable local law.
  • Judicial/investigative authorities such as the police, public prosecutors, courts and arbitration/mediation bodies on their express and legitimate request.

When we use third parties to carry out certain activities in the normal course of business, we may have to share Personal Data required for a particular task. For instance:

  • IT service providers who may provide application or infrastructure (such as cloud) services;
  • Marketing activities or events and managing customer communications;
  • Legal, auditing or other services provided by lawyers, notaries, trustees, company auditors or other professional advisors;
  • Identifying, investigating, or preventing fraud or other misconduct by specialized companies.

As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or merges with us, your Personal Data will be disclosed to such entity. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information will be considered an asset of ours and as such it is possible it will be sold or transferred to third parties.

The third parties or group entities may located in a jurisdiction that does not have the same level of data protection as the DIFC. In such cases the third parties or group entities will be required to abide by standard data protection clauses or the Personal Data transfer may be subject to a lawful derogation. You may ask us for further details of these safeguards, where required.

These companies acting on our behalf are required to keep your Personal Data confidential.

How we protect your Personal Data

We take our obligations to protect your Personal Data seriously and as such we take reasonable steps to hold Personal Data securely in electronic form.

Once we have received your Personal Data, we will take reasonable steps to use technical measures to prevent unauthorised access, modification or disclosure, and take steps to protect the Personal Data we hold from interference, misuse, loss, unauthorised access, modification or unauthorised disclosure.

Some electronic communications through non-secure web platforms may not be secure, virus- free or successfully delivered. If you communicate with us using a non-secure web platform, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.

How long do we keep your Personal Data?

We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we Process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. We have a Retention Policy which outlines the applicable periods.

What happens if we make changes to this Privacy Notice

If we change this Privacy Notice we will post the changes on this website, therefore please check back regularly to ensure you are aware of any changes to our Personal Data Processing operations. The changes will take effect as soon as they are posted on our website.

Cookie Policy

During your interaction with our website, we may use cookies to improve security, enhance functionality, and remember your preferences. A cookie is a small text file containing a unique identification number that helps our website recognise your browser and respond accordingly.

We use the following types of cookies:

Name: Purpose: Expires:
Security Cookies: XSRF-TOKEN Help protect your information by ensuring that interactions with our website are secure. They prevent unauthorised actions by verifying that requests are made by legitimate users. 120 minutes post opening the website and then reset
Preference Cookies: CookieConsent Store your preferences, such as your acceptance of cookies on our website. This ensures that you don’t need to confirm cookie consent each time you visit. 120 minutes post opening the website and then reset

These cookies do not track your browsing behaviour or collect personally identifiable information. You may choose to adjust your browser settings to refuse cookies or to notify you when a cookie is being set. However, please note that if you refuse certain cookies, parts of the website may not function as intended.

Direct Marketing

We may use your Personal Data to offer you products and services that we believe may interest you. If you do not wish to receive marketing offers from us, you can let us know by emailing us at dpo@magellancap.com. Note however that we have no control over the way social media sites target and market our paid advertising, to its audience.

What are your rights and how do we respect them

Under certain circumstances, and where the conditions specified in the DIFC Data Protection Law No. 5 of 2020 (DIFC Law) are met, by law, you have the right to:

  • Request access to your Personal Data. This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully Processing it.
  • Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us to continue to Process it.
  • Object to Processing of your Personal Data. You have the right to object where we are Processing your Personal Data for example in relation to marketing material.
  • Request the restriction of Processing of your Personal Data. This enables you to ask us to suspend the Processing of Personal Data about you, for example, if you want us to establish its accuracy or the reason for Processing it.
  • Data portability enables you to receive or request transfer of the data you have provided us in a structured, commonly used and machine-readable format.
  • Object to automated Processing, including profiling which produces legal or other seriously impactful consequences concerning you.

We may need to request specific Personal Data from you to help us confirm your identity and ensure your right to access the Personal Data (or to exercise any of your other rights). This security measure ensures that Personal Data is not disclosed to an unauthorised person.

You will not have to pay a fee to exercise your rights. However, we may charge a reasonable fee if your request for access is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances, where permitted by law.

Upon your request we will remove your personal contact details from our database, however, you may continue to receive promotional emails from our other websites, providers, or other non-affiliated marketers whose services you may have accessed via Magellan’s website. You can request them directly to remove your data from their system.

Complaints, concerns, and exercising your rights

If you have any concerns or questions regarding this notice, you may contact our Data Protection Officer (“DPO”) through the contact methods below.

DPO Contact Details:
Nora O’ Dwyer
dpo@magellancap.com
Office 04, Level 5,
Gate District Precinct Building 03,
Dubai International Financial Centre, Dubai,
United Arab Emirates

We will make every effort to resolve your complaint internally and as soon as practicable and as prescribed by law.

However, if we are unable to satisfactorily resolve your complaint you have the right to make a complaint to the DIFC Data Protection Commissioner.

DIFC Data Protection Commissioner Contact Details:
Dubai International Financial Centre Authority
Level 14, The Gate Building, DIFC, UAE
+971 4 362 2222
commissioner@dp.difc.ae

Privacy Notice for Candidates and Employees

Objective of this Notice

This Privacy Notice (hereinafter referred to as this ‘Notice’) is intended to inform you that Magellan Capital Limited (hereinafter referred to either as ‘Magellan or ‘the Firm’ or “we” or ”us” or “our”) is consider the Data Controller of your Personal Data and will therefore be responsible for deciding how your Personal Data is processed, and protecting this data, during and after your employment relationship with us, in accordance with the DIFC Data Protection Law No. 5 of 2020 (‘DPL 2020’).

We are required under this law to notify you of the information contained in this Notice. We may update this Notice at any time, but if we do so, we will provide you with an updated copy of this Notice as soon as reasonably practical via our website.

This Notice applies to all employees, employees on contract, temporary workers, secondees, directors, authorised individuals and officers who process Personal Data and are employed by us. Any reference to ’you’, ‘your’, ‘yours’ or ‘yourself’ in this Privacy Notice is a reference to any of our employees (full-time and contractors), directors, authorised individuals and officers, as the context requires unless otherwise stated.

We are required under the DPL 2020 to notify you of the information contained in this Notice.

The DPL 2020 requires the Firm to demonstrate that any Personal Data we hold about you is:

  • Processed lawfully, fairly and transparently
  • Processed for specified, explicit and legitimate purposes
  • Adequate, relevant and limited to what is necessary
  • Accurate and, where necessary, kept up to date
  • Kept for no longer than is necessary
  • Processed securely and protected against accidental loss, destruction or damage.
Definitions under DPL 2020
  • Data Subject: the identified or identifiable natural person to whom Personal Data relates.
  • Data Controller: any person who alone or jointly with others determines the purposes and means of the Processing of Personal Data.
  • Data Processor: any person who Processes the data on behalf of the Data Controller.
  • Personal Data: any information referring to an identified or identifiable natural person.
  • Process, Processes, Processed, Processing: any operation or set of operations performed upon Personal Data, such as collection, recording, organization, structuring, storage etc.
  • Special Categories of Personal Data: Personal Data revealing or concerning (directly or indirectly) racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, criminal record, trade union membership and health or sex life and including genetic data and biometric data where it is used for the purpose of uniquely identifying a natural person.
What personal data we collect about you

The Firm is required to keep and Process your Personal Data for employment purposes. The information that we hold, and Process will be used for management and administrative use only. We will keep and use your Personal Data to enable us to carry out our business and management of the employment relationship with you effectively, lawfully, and appropriately, during the recruitment process, whilst you are employed by us and at the time your employment ends. This includes information that enables us to comply with the employment contract, any legal requirements, and for us to protect our legal position in the event of any legal proceedings. If you do not provide this data, we may in some circumstances be unable to comply with our legal and regulatory obligations. Under such circumstances, we will inform you of the implications of that decision.

We may from time to time need to process your data in order to pursue legitimate business interests. The Firm however will not process your data where these interests are overridden by your own interests.

The sort of information the Firm holds with regard to your Personal Data includes your application form and references; your right to work in the country such as a copy of a passport and / or birth certificate and your valid visa; your contract of employment and any amendments to it; all correspondences with or about you; salary information, contact and emergency contact details; records of holiday, sickness and other absences; information required for equality monitoring policy, training records, appraisals; undertakings/ declarations and where appropriate disciplinary, grievances and any other formal action.

There are certain types of more sensitive personal data which require a higher level of protection, such as information relating to your health, which could include reasons for absence, medical certificates, and/or other health reports. These will be used in order to comply with health, safety and occupational health obligations to consider (if ever required) how your health affects your ability to do your job and whether any adjustments may be required. The Firm also uses this information to administer its policy relating to sick leave for employees, as well as any health and life insurance policies (if applicable).

Where the Firm is processing your Personal Data based on your consent, you have the right to withdraw that consent at any time.

We will process your personal data in connection with the management of our relationship with you, for the following purposes and in reliance of the listed legal bases:

Personal data type: Purpose:

Personal details such as name, last name, date of birth, gender, contact details (such as phone number(s), email address(es)), and residential and/or business address(es)

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • In order to meet our obligations under applicable law.
  • For our legitimate interest in using your details to share information for the efficiency of business communications.
  • Where we need to share your information in a life-or-death situation.

ID and Visa details such as passport, national ID card, labor card, residence Visa or similar documents Previous ID and new ID details (ID Number, Name, Expiry date)

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • In order to meet our obligations under applicable law.
  • For our legitimate interest in using your details to share information for the efficiency of business communications.
  • Where we need to share your information in a life-or-death situation.

Emergency contact details (Name, Relationship, address, Contact Number)

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • Where we need to share your information in a life-or-death situation.

Fin Financial information such as Salary, bank account details, payroll records and bonuses

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • In order to carry out our employment obligations.
  • For our legitimate interest - Where it is necessary to share such information to protect the public against dishonesty, malpractice or other improper behaviour.

Employment Contract between the Firm and the employee that includes: (Name, agreement starting date, start date, position, salary: {Basic wage, benefits, bonuses, allowances}, reporting line manager)

Start date and, if different, the date of your continuous employment

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • In order to carry out our employment obligations.

Leave Information and reason for leaving (Sick leave, Annual leave, personal leave, no show leave)

  • In order to carry out our employment obligations.

Personal photo (Photograph)

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • To meet our obligations under applicable law.

Education certificate photocopy

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • To meet our obligations under applicable law.

Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process)

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • To meet our obligations under applicable law.

Employment records (including job titles, work history, working hours, holidays, training records and professional memberships)

  • In order to enter into a contract with you at your request or to perform our contract with you.

Compensation history

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • To meet our obligations under applicable law.

Performance information

  • In order to enter into a contract with you at your request or to perform our contract with you.

Disciplinary and grievance information

  • For our legitimate interest
  • To meet our obligations under an applicable law.

Information about your use of our information and communications systems

  • For our legitimate interest - Where it is necessary to share such information to protect the public against dishonesty, malpractice or other improper behaviour.
  • To meet our obligations under an applicable law.

Results of background check, including screening and previous employer cancelation details

  • To meet our obligations under an applicable law.
  • In order to enter into a contract with you at your request or to perform our contract with you.
  • For our legitimate interest - Where it is necessary to share such information to protect the public against dishonesty, malpractice or other improper behavior.

Dependent information and details (Name, Identification details and documents copy such as Passport, Residence Visa, National Identity card, Health care Insurance)

  • To meet our obligations under an applicable law.
  • In order to enter into a contract with you at your request or to perform our contract with you.
  • In certain circumstances, with your consent

Health care Insurance certificate

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • In order to carry out our employment obligations

Non Disclosure agreement, Non compete agreement

  • To meet our obligations under an applicable law.
  • In order to enter into a contract with you at your request or to perform our contract with you.

Personal Account Transactions - Personal Account Transactions relate to all trading accounts, statements and transactions that employees hold/carry out with other brokers,
And;
Outside Business Interests declarations – refers to appointments/positions that employees hold outside the Firm. The purpose of these declarations is to manage conflicts of interests.

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • For our legitimate interest - Where it is necessary to share such information to protect the public against dishonesty, malpractice or other improper behaviour.
  • To meet our obligations under an applicable law.
Special Category Data

Information about your health, including any medical condition, health, and sickness records, including:

where you leave employment and under any share plan operated by a group company the reason for leaving is determined to be ill-health, injury or disability, the records relating to that decision.

Details of any absences (other than holidays) from work including time on statutory parental leave and sick leave; and where you leave employment and the reason for leaving is related to your health, information about that condition needed for pensions and permanent health insurance purposes. Declaration of fitness.

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • To meet our obligations under an applicable law.
  • Processing is necessary for the purpose of carrying out the obligations and exercising the specific rights of a Controller or a Data Subject in the context of the Data Subject's employment.
  • Where we need to share your information in a life-or-death situation.

Information about criminal convictions and offences

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • For our legitimate interest - Where it is necessary to share such information to protect the public against dishonesty, malpractice or other improper behaviour.
  • To meet our obligations under an applicable law.
  • Processing is necessary for the purpose of carrying out the obligations and exercising the specific rights of a Controller or a Data Subject in the context of the Data Subject's employment.

Religion (for Visa application purposes)

  • In order to enter into a contract with you at your request or to perform our contract with you.
  • To meet our obligations under an applicable law.
  • Processing is necessary for the purpose of carrying out the obligations and exercising the specific rights of a Controller or a Data Subject in the context of the Data Subject's employment

The above list is by no means exhaustive and should be used merely as a point of reference from which a working definition of business purposes can be established and further developed.

Lawful grounds for Processing

The Firm may Process personal information lawfully for a number of reasons, including in order to:

  • Perform an employment contract
  • Comply with a legal obligation
  • Protect your right as an employee or another individual’s vital interests (for example, medical data during a health emergency)
  • Carry out a task in the public interest, or in exercising official authority vested in the employer
  • Protect the legitimate interests of the employer or a third party, except where this is overridden by the interests or rights of the employee
  • Employees family members / dependants are also covered under this notice to the extent they form part of the benefits under the employment contract.
Sharing and transferring Personal Data

Magellan will only disclose your Personal Data to third parties if the Firm is legally obliged to do so or where there is a need to comply with its contractual obligations to you, for instance the Firm may need to pass on certain information to any external Service Providers including the Firm’s group companies, HR and payroll provider, pension, benefits or health insurance providers. Where there is a requirement to use an intermediary, the Firm will ensure that the Personal Data is exported to one who is located in a jurisdiction that is deemed by the DIFC Data Commissioner as having an adequate data protection regime, where this is not possible and a provider in a non-adequate jurisdiction is selected, the Firm will ensure that safeguards are introduced to protection your data, this may include standard contractual clauses or a legal derogation; you may ask us for further details of this. Where we use certain service providers in other jurisdictions/countries that have not been deemed "adequate", we will have other legal mechanisms in place to ensure appropriate processing of your personal data.

If there is a requirement in the future to process your data for a purpose other than for which it was collected, the Firm will always provide you with notice and the information on that purpose and any other relevant information.

Record keeping and data retention

Magellan will maintain clear and accessible records of all data processing activities.

Your Personal Data will only be kept for as long as is necessary to fulfil the purpose we collected it for or as required by law. Where there is a legal requirement to keep the data, the Firm will comply with the statutory retention periods. All personnel and pay records will be retained for a period of 6 years from the last date of employment.

All employee leaver information will be retained for a period of 6 years unless the Data Subject requests to be forgotten.

Where the data is required to defend a potential claim, the data will be retained for the required period of time.

Recruitment records such as CVs and application forms on unsuccessful candidates will be kept for a period of 1 year from the date of rejection.

Your data subject rights

Under the DPL 2020, as a Data Subject, you have a number of rights with regard to your Personal Data. You have the right to request from the Firm to access to and to rectify your data as well as for it to be erased and to restrict processing of your data in certain circumstances.

If you have provided consent for the processing of your data, you have the right to withdraw that consent at any time, which will not affect the lawfulness of the processing before your consent has been withdrawn.

You also have the right to lodge a complaint with the DIFC Data Commissioner if you feel that the Firm has not complied with the DPL 2020 requirements regarding how the Firm deals with your Personal Data.

Your rights pursuant to DPL 2020 amongst others:

  • Request access to your Personal Data (commonly known as a "data subject access request"). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
  • Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your Personal Data. This enables you to ask SPHA to delete or remove Personal Data where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
  • Object to processing of your Personal Data. You have the right to object where we are processing your Personal Data for direct marketing purposes.
  • Request the restriction of processing of your Personal Data. This enables you to ask SPHA to suspend the processing of Personal Data about you, for example, if you want us to establish its accuracy or the reason for processing it.
  • Data portability enables you to receive or request transfer of the Personal Data you have provided SPHA in a structured, commonly used and machine-readable format.
  • Object to automated processing, including profiling which produces legal or other seriously impactful consequences concerning you.
Consent

In general, there are other legal bases available to process your data for example to fulfil legal or contractual obligations as an employer to provide an employment contract, process salary payment, set up and administer schemes for pension, life cover etc. which mean that relying on explicit consent is not always necessary. However, for most other scenarios, employers will need to show that employees give their consent freely to the specific use, purpose, or processing of that data and the consent will need to be clearly connected to the processing. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact the Data Protection Officer using the email provided below. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Data security

We are committed to safeguarding and protecting your personal data and implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any personal data provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.

To inform us of changes

It is important that the Personal Data we hold about you is accurate and, where necessary, kept up to date. Please keep us informed if your personal information changes during your working relationship with us and respond promptly to our request for updates of your data.

How we update or change this Notice

We may change or update parts of this Notice in order to maintain our compliance with applicable DIFC Data Protection Law and any changes to other laws or following an update to our internal practices. Therefore, please ensure that you regularly check this Notice so you are fully aware of any changes or updates. We will inform you of any material changes to this Notice.

Contacting us about this Notice or making a complaint

If you have any queries about the contents of this Notice, or wish to inform us of a change or correction to your personal data, would like a copy of the data we collect on you, or would like to raise a complaint or comment, please contact us by:

DPO Contact details:

Nora O’ Dwyer
dpo@magellancap.com
Phone: +971 4323 0800

If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can escalate your complaint to the data protection supervisory authority in your jurisdiction. Contacts of the relevant data protection supervisory authority in the DIFC is as follows:

DIFC Data Protection Commissioner

Contact Details:
Dubai International Financial Centre Authority Level 14,
The Gate Building
+971 4 362 2222
commissioner@dp.difc.ae

This notice was last updated on: 27 January 2025

Your Cookie Preference

We respect your privacy and aim to provide the optimal user experience on our website. To achieve this, we utilise essential cookies for site navigation and functionality. Your continued browsing implies consent to our use of these cookies.

Essential Cookies - These cookies are necessary for the website to function properly and cannot be switched off in our systems (always active)

For a detailed understanding of how we use cookies and how you can manage your preferences, please read our full cookie policy available on our Privacy Policy page.

© MAGELLAN CAPITAL LIMITED.