Privacy Policy

1. Information We Collect

We collect information that you provide directly to us, information collected automatically when you use our services, and information from third-party sources. The types of information we collect include:

1.1 Personal Identification Information

• Full legal name as it appears on your Emirates ID or passport
• Email address and contact telephone number
• Emirates ID number and UAE residency details
• Date of birth and nationality
• Passport number and country of issuance
• Physical address and postal code within the UAE
• Photographs and biometric data submitted for verification purposes
• Occupation and employer information where required for verification

1.2 Financial Information

• Bank account details provided for bank account verification services
• Payment card information processed through our secure payment gateway
• Transaction history and payment records related to our services
• Tax identification numbers where required by UAE law
• IBAN and SWIFT/BIC codes for bank transfer processing

1.3 Technical and Usage Data

• IP address, browser type, and operating system
• Device identifiers and mobile device information
• Pages visited, time spent on pages, and click patterns
• Referring URL and search terms used to find our website
• Location data (with your consent) for region-specific services
• Server logs and error reports for troubleshooting and security

2. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, maintain, and improve our UAE identity verification services, including UAE Pass verification, bank account verification, compliance checks, criminal record checks, financial monitoring, and watchlist screening.
• Identity Verification: To verify your identity and authenticate your access to our platform and services, ensuring the security and integrity of our verification processes.
• Communication: To respond to your inquiries, send you service-related notifications, OTP codes for authentication, and important updates about your verification requests.
• Payment Processing: To process payments for our services, issue receipts, and manage billing and collection activities in compliance with UAE financial regulations.
• Compliance: To comply with applicable UAE laws, regulations, and legal processes, including anti-money laundering (AML) and know-your-customer (KYC) requirements under UAE Federal Decree-Law No. 20 of 2018.
• Improvement: To analyze usage patterns, improve our website functionality, and develop new features and services that better serve our users.
• Security: To detect, prevent, and address technical issues, fraud, security breaches, and other potentially prohibited or illegal activities in accordance with UAE Cyber Crime Law.
• Analytics: To generate anonymized, aggregated analytics that help us understand service usage trends and improve our platform performance.

3. Data Storage and Security

Your personal data is stored on secure servers located within the United Arab Emirates. We implement industry-standard security measures including:

• 256-bit SSL/TLS encryption for all data in transit between your browser and our servers
• AES-256 encryption for data at rest on our servers and databases
• Multi-factor authentication for administrative access to our systems
• Regular security audits and penetration testing by certified third-party security firms
• Firewall protection and intrusion detection/prevention systems
• Access controls ensuring that only authorized personnel can access personal data
• Regular data backups stored in encrypted, geographically separate facilities within the UAE
• Automated monitoring and self-healing systems that detect and respond to security anomalies

Despite our best efforts, no method of electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. We encourage you to use strong passwords and to not share your login credentials with others. In the event of a data breach, we will notify affected users and the relevant UAE data protection authority within seventy-two (72) hours as required by law.

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Government Authorities: We may disclose your information to UAE government entities, including the Federal Authority for Identity, Citizenship, Customs & Port Security (ICP), Dubai Police, and other regulatory bodies as required by law.
• Service Partners: We share necessary information with our authorized partners such as UAE Pass, banks, and financial institutions solely for the purpose of completing verification requests you have initiated.
• Payment Processors: We share payment information with our PCI-DSS compliant payment processing partners to facilitate secure financial transactions.
• Legal Requirements: We may disclose information when required by law, subpoena, court order, or other legal process, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

5. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and collect information about how you use our site. We use the following types of cookies:

• Essential Cookies: Required for the basic functionality of the website, such as session management, authentication, and security features.
• Performance Cookies: Help us understand how visitors interact with our website by collecting anonymous analytics data.
• Functionality Cookies: Remember your preferences and settings to provide a more personalized experience.
• Analytics Cookies: Used by services such as Google Analytics to help us improve our website performance and content.

For more detailed information about our use of cookies, including how to manage your preferences, please refer to our Cookie Policy.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Verification records are retained for a minimum of five (5) years as required by UAE federal regulations governing identity verification services and anti-money laundering requirements. Payment records are retained for seven (7) years as required by UAE Commercial Transactions Law. Account data is retained for the duration of your account plus one (1) year after deletion for audit purposes. After the retention period expires, your data will be securely deleted or anonymized in accordance with our data destruction policies. You may request early deletion of your data, subject to legal and regulatory obligations, by contacting us at support@icpverification.ae. Technical and usage data is retained for up to two (2) years in anonymized form for analytics purposes.

7. Your Rights

Under UAE data protection laws, including Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, and under the GDPR for EEA residents, you have the following rights:

• Right of Access: You have the right to request a copy of the personal data we hold about you, free of charge, within thirty (30) days of your request.
• Right to Rectification: You have the right to request correction of any inaccurate or incomplete personal data.
• Right to Erasure: You have the right to request deletion of your personal data, subject to legal retention obligations under UAE law.
• Right to Restrict Processing: You have the right to request that we limit how we use your data in certain circumstances.
• Right to Data Portability: You have the right to request transfer of your data to another service provider in a structured, commonly used, and machine-readable format.
• Right to Object: You have the right to object to our processing of your personal data for direct marketing purposes or processing based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with the UAE data protection authority or, for EEA residents, with your local supervisory authority.

To exercise any of these rights, please contact our Data Protection Officer at support@icpverification.ae. We will respond to your request within thirty (30) days. We may request verification of your identity before processing your request to protect against unauthorized access.

8. International Data Transfers

Your personal data is primarily stored and processed within the United Arab Emirates. In certain circumstances, we may transfer your data to countries outside the UAE when necessary for service delivery or legal compliance. Such transfers will only be made to countries that provide an adequate level of data protection as determined by the UAE data protection authority, or where appropriate safeguards such as Standard Contractual Clauses are in place. For EEA residents, we use the European Commission's approved Standard Contractual Clauses for transfers from the EEA. We will ensure that your data receives the same level of protection regardless of where it is processed. We maintain records of all international data transfers and make them available to supervisory authorities upon request.

9. Children's Privacy

Our services are not intended for use by individuals under the age of eighteen (18). We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal data, we will take steps to delete such information from our servers promptly. If you are a parent or guardian and become aware that your child has provided us with personal information, please contact us at support@icpverification.ae so that we can take appropriate action.

10. UAE Data Protection Law Compliance

This Privacy Policy is designed to comply with Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and its implementing regulations. We are committed to processing your personal data lawfully, fairly, and transparently. We ensure that data collection is limited to what is necessary for the specified purposes, that data is accurate and kept up to date, and that appropriate security measures are in place. Our Data Protection Officer oversees compliance with UAE data protection laws and can be reached at support@icpverification.ae for any data protection inquiries or complaints. We conduct regular Data Protection Impact Assessments for high-risk processing activities as required by law.

11. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the relevant UAE data protection authority without undue delay and, where feasible, within seventy-two (72) hours of becoming aware of the breach. When a breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly. Our notification will describe the nature of the breach, the categories and approximate number of individuals affected, the likely consequences, and the measures we have taken or propose to take to address the breach. We maintain a record of all personal data breaches as required by UAE data protection law.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website with a revised "Last Updated" date. For significant changes, we may also send an email notification to the address associated with your account. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our services after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: