x
x

Disclosure & Privacy Policy

Regulatory disclosure

Five Capital Advisors (DIFC) Limited (the “Firm” or “Company) is a Private Company incorporated in the Dubai International Financial Centre (“DIFC”) and regulated by the Dubai Financial Services Authority (“DFSA”). The Company offers financial services only to Professional Clients and Market Counterparties with sufficient financial experience and understanding of financial markets, products or transactions and any associated risks. Any such products or services will be available only to Professional Clients as defined under the DFSA Conduct of Business Module. The Firm does not provide any financial services to Retail Clients.

Privacy Policy

This privacy policy (“Policy”) clarifies how we at Five Capital Advisors (DIFC) Limited (“Firm”, “Five Capital”, “we”, “us”, “our”) collect, use, share and otherwise process Personal Data supplied to us.  We may provide additional privacy notices on specific occasions when we are collecting or Processing Personal Data about you so that you are fully aware of how and why we are using your Personal Data. Those notices should be read together with this Policy.  For the purposes of this Policy, terms such as “Processing”, “Personal Data” and “Special Categories of Personal Data” shall be interpreted in accordance with DIFC Law No. 5 of 2020 and the associated Data Protection Regulations as amended from time to time (“DIFC Data Protection Law”). The key terms from the DIFC Data Protection Law used in this Policy are set out below:

“Data Subject” means the identified or Identifiable Natural Person to whom Personal Data relates.

“Personal Data” includes any information relating to an identified or Identifiable Natural Person to whom the Personal Data relates to. “Identifiable Natural Person” means a natural living person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one (1) or more factors specific to his biological, physical, biometric, physiological, mental, genetic, economic, cultural or social identity (and
“Identified Natural Person” is interpreted accordingly).

“Process”, “Processed”, “Processes” and “Processing” means any operation or set of operations performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage and archiving, adaptation or alteration, retrieval, consultation, use,
disclosure by transmission, dissemination, transfer or otherwise making available, alignment or combination, restricting (meaning the marking of stored Personal Data with the aim of limiting Processing of it in the future, erasure or destruction, but excluding operations or sets of operations performed on Personal Data by: (a) a natural person in the course of a purely personal or household activity that has no connection to a commercial purpose; or (b) law enforcement authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and preventing threats to public security.

“Special Categories of Personal Data” includes Personal Data revealing or concerning (directly or indirectly) racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, criminal record, trade-union membership, and health or sex life and including genetic data and biometric data (where it is used for the purpose of uniquely identifying a natural person).

Who is the Controller?

The controller is Five Capital Advisors (DIFC) Limited, Level 14, Central Park Towers, Dubai, United Arab Emirates.

Collection of Information

Information may be collected from you in the course of your use of Five Capital’s website and/or in any communication between you and Five Capital’s personnel. If you are the Firm’s client or prospective client we may also collect information about people who work for you. This information may be provided by you or we may source this information from company and trade registers, and other publicly available sources.

The types of Personal Data we may collect include: your contact details (such as your work address, email address and work telephone number), UAE Emirates ID number, passport details, assets, transaction and/or income information and information such as your job title. In addition, we collect the Personal Data you choose to provide to us, e.g.  if you contact us by letter, telephone, website, email or any other means of electronic or personal communication.

Uses of Personal Data

Firm may use your Personal Data for any of the following purposes:

  • in the course of carrying out client due diligence and achieving a sufficient knowledge and understanding of a prospect or client and its business, management and employees;
  • to provide financial services such as advisory, arranging to its clients or to conduct due diligence on them;
  • To prevent fraud;
  • in order to ensure the legitimacy of all requests for further information from Five Capital;
  • to check the identity of prospects and new clients and to prevent money laundering;
  • to disclose it to its service providers, professional advisers and agents, where necessary;
  • if you have registered for employment purposes, to review whether you are a suitable candidate for any job opportunities within Five Capital;
  • occasionally, to trace debtors;
  • to record and monitor for internal Firm’s purposes your use of Five Capital’s websites. For internal administrative or training purposes;
  • for responding to court orders or regulatory or legal requirements;
  • for updating our records and databases;
  • for responding to your queries or informing you of new developments at Five Capital, including news, thought-pieces or blogs;
  • for the marketing of Five Capital’s capabilities.

Legal Bases for Processing your Personal Data


We will Process your Personal Data for our legitimate business interests and if and to the extent the DIFC Data Protection Law provides a legal basis for us to do so. The legal basis we use will include one of the following:

  • necessary to comply with a legal obligation, for example to carry out anti-money laundering checks, reporting to regulators and investors;
  • necessary to perform a contract we have entered into with you or in order to take steps at your request prior to entering into a contract;
  • necessary for our (or a third party’s) legitimate interest which is not overridden by your interests or fundamental rights and freedoms. Such legitimate interests include the providing of services by us, administrative or operational processes, and direct marketing; or
  • based on your consent for a specific purpose(s).

Please note that we may use or disclose Personal Data, in accordance with the DIFC Data Protection Law, if we reasonably believe that use or disclosure is necessary to protect our rights and/or to comply with judicial or regulatory proceedings, a court order or other legal process.

Use of cookies: Our website uses "cookies" to help personalize your online experience. These technologies and the information collected about you may be used to track your activity across multiple devices. Where appropriate, we use cookies to store your preferences and other information on your computer and mobile devices in order to save you time by eliminating the need to enter the same information repeatedly. You can set your browser settings, to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. Please contact us at the details below if you want further information about the cookies we use.

Special Categories of Personal Data

Given the nature of our services, we do not usually collect Special Categories of Personal Data. We may collect certain Special Categories of Personal Data (for example, criminal record checks for anti-money laundering compliance purposes).

To the extent that we have a business need to collect any Special Categories of Personal Data, and are permitted to do so by DIFC Data Protection Law, we will identify the appropriate legal bases for that Processing. The legal basis for Processing Special Categories of Personal Data may include:

  •  where the Processing is necessary for compliance with a specific requirement of applicable law to which the Firm is subject, subject to providing the Data Subject with clear notice of such
    Processing as soon as reasonably practicable to the extent that we are permitted to do so;
  • where the Processing is necessary for the purpose of the establishment, exercise or defence of legal claims; or
  • where you have given your valid and explicit consent to the Processing of Personal Data for a specific purpose(s).

Disclosure of Personal Data

We may share your Personal Data with the third parties set out below:

  • Five Capital group entities;
  • the DFSA and any other public authority we may be subject to for the purpose of demonstrating compliance with applicable law or to reply to a request;
  • such third parties as we reasonably consider necessary in order to prevent crime, e.g. the police;
  • where reasonably necessary, to any third party service providers and specialist advisers who
  • provide us with administrative, financial, research or other services in connection with the services we provide to you;
  • our auditors for the purposes of carrying out financial and regulatory audits;
  • our agents, including credit reference agencies, acting on our behalf, carrying out such credit  and identity checks, including money laundering checks, compliance regulatory reporting and fraud prevention checks, as we may reasonably consider necessary or desirable. Any third party referred to in this section may share any Personal Data concerning you with us and other organisations involved in credit reference, the prevention of fraud and/or crime and/or money laundering or for similar purposes or to recover debts involved;
  • investment partners, introducing brokers, market makers, liquidity providers, prime brokers, clearing and settlement agents, exchanges, clearing houses and trade repositories, as applicable;
  • courts, tribunals and regulatory authorities as agreed or authorised by law to enable us to enforce our agreement with you, comply with the requirements of a court, regulator or
    government agency; and
  • anyone authorised by you, as notified by you to us.

If Five Capital appoints third parties to host, maintain, manage, or to provide other services in relation to data then your Personal Data may be accessed and used by these third parties to the extent necessary to fulfil their hosting, maintenance, managerial, and/or other functions.  We may also disclose your Personal Data to the extent necessary if we enter into negotiations for a merger or acquisition.  Where we do so, we will ensure that there is a written contract in place with appropriate safeguards for your Personal Data, including security measures and restrictions on the use of such data.

Transfer of Personal Data

Five Capital may have a business need to transfer your Personal Data to countries outside of DIFC, whether to service providers, Five Capital group entities or otherwise.

Data transfers to legal entities in states outside the DIFC (known as third countries) takes place so long as:

  • the third country has been determined by the Commissioner as jurisdiction providing adequate level of protection under the DIFC Data Protection Law; or
  • we have provided appropriate safeguards under the DIFC Data Protection Law. Where we use certain service providers or transfer your data to our group entities outside an adequate
    jurisdiction, we may use specific contracts approved by the DIFC which gives Personal Data the same protection it has in the DIFC. Please contact us at the contact details below if you want further information on the specific mechanism used by us when transferring your Personal Data out of the DIFC; or
  • one of the specific derogations in the DIFC Data Protection Law applies (including, but not limited to, where you have explicitly consented to the proposed transfer in accordance with the
    DIFC Data Protection Law).

How We Protect Your Personal Data

We have implemented appropriate technical and organisational measures to protect your Personal Data in accordance with the DIFC Data Protection Law.

Retention

We retain your Personal Data as long as it is necessary to satisfy or meet the purposes for which it was obtained including applicable legal or regulatory requirements or for any minimum retention period set out in applicable law, and for any further period necessary for the specified purpose, and subject to any legal hold, in which case a new retention period will apply for the duration of that legal hold.  This is also subject to any earlier valid and accepted exercise of your Data Subject Rights.Your Rights in Relation to Your Information

Your Rights in Relation to Your Personal Data

You have rights as a Data Subject which you can exercise under certain circumstances in relation to your Personal Data that we hold. These rights are to:

  • request access to a copy of your Personal Data (commonly known as a “Data Subject Access Request”) and request certain information in relation to its Processing;
  • request rectification of your Personal Data, if it is inaccurate or incomplete;
  • request the erasure of your Personal Data in certain circumstances (for example, where the Processing of the Personal Data is no longer necessary based on the purposes for which it was collected or the Processing is unlawful);
  • request the restriction of Processing of your Personal Data in certain circumstances (for example, where you raise an issue regarding the accuracy of the Personal Data). As the restriction on Processing is often temporary, we will inform you before removing any restriction and re-commencing Processing;
  • request the porting (i.e. transferring) of certain of your Personal Data. Data Subjects have the right to have the Personal Data they have provided to us and which they have consented to be Processed or which Five Capital Processes in accordance with the performance of a contract returned to them in a structured, commonly used and machine readable format, or, where technically feasible, transferred directly to a third party. Such Processing must be by automated means; 
  • to not be discriminated against as a result of exercising your rights under the DIFC Data Protection Law, including not being denied any services, being charged different prices or rates for such services or being provided less favorable level or quality of services;
  • where Processing is based on your consent, to withdraw that consent. If you wish to withdraw your consent, please use the contact details below. Please note that any withdrawal of consent shall not affect the lawfulness of the Processing prior to the withdrawal; 
  • object to the Processing of your Personal Data on reasonable grounds where such Processing is carried out for the purposes of our, or a third party’s, legitimate interests; 
  • the right to object to any decision based solely on automated Processing, including profiling, which produces legal consequences concerning him, or other seriously impactful consequences and to require such decision to be reviewed manually; and
  • The right to file a complaint with the DIFC Data Protection Commissioner.

You also have the right to object to the use of your Personal Data for direct marketing at any time. We will notify you before we disclose your Personal Data for the first time to third parties or use it on your behalf for direct marketing purposes. We will provide you with the option to object to such disclosures or Processing for direct marketing purposes at any time.

Where you exercise your rights to access, rectification or erasure, we shall respond within one (1) month of such request (with certain limited exceptions). You will, in general, not have to pay a fee to exercise any of your rights mentioned in this Policy. However, we may charge a reasonable fee if your request to exercise your rights is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. 

When we respond to a Data Subject Access Request, we need to ensure that we do not disclose the Personal Data of any other individual, or otherwise infringe upon any other individual’s rights. We will redact or otherwise obscure any Personal Data relating to other individuals before responding. Additionally, if we have to limit the amount of Personal Data we can provide in response to a Data Subject Access Request to protect the rights of other individuals, we need to let the Data Subject know.

Amendments 

If your Personal Data changes, please let us know as we will update your details. This can be done via the contact details set out below. 

Changes to the Policy and Notification of Changes

This Policy may change and you should review it regularly and we reserve the right to update this Policy at any time. Five Capital will notify you of any material changes, by means of updating the Policy on the Firm’s website, when it is required to do so.

Questions and Concerns 

If you have any questions or concerns about Five Capital’s handling of your Personal Data, or about this Policy, please contact us using the contact information set out below: 

Email: privacy@fivecap.com

Telephone Number:  +971 (0)43204939