privacy

Privacy policy

Effective Date: May 7, 2025
Version: V1.1
Last Version: V1.0 - Jan 1, 2025
Entity: Klub Capital Technologies Limited (“KCTL”)
Regulated by: Financial Services Regulatory Authority (FSRA), Abu Dhabi Global Market (ADGM), Licence No. 220119

This Privacy Policy (“Policy”) explains how Klub Capital Technologies Limited (“KCTL”, “we”, “us”, or “our”) collects, processes, uses, stores, discloses, and protects your personal data when you access or use our Platform and associated services.

By using our services or submitting any personal information through the Platform, you acknowledge that you have read, understood, and agreed to the practices described herein. If you do not agree with this Policy, you should not use the Platform.

1. Scope of This Policy

This Policy applies to all individuals who:

  • Use the KCTL Platform to apply for or receive financing (Borrower Prospects);
  • Interact with us through our website, support channels, or integrations;
  • Are affiliated with businesses applying for financing (e.g., founders, shareholders, directors);
  • Are Capital Partners/Clients engaging with our system in any capacity where personal data is exchanged.

This Policy is governed by the ADGM Data Protection Regulations 2021, and all personal data will be processed in accordance with the obligations established by the FSRA and ADGM Office of Data Protection.

2. What Information We Collect

We may collect and process the following categories of personal and business data:

a. Identification and Contact Data

  • Full legal name, date of birth, gender, nationality.
  • Emirates ID, passport number, visa copy.
  • Email address, phone number, residential or business address.

b. Business and Financial Information

  • Company trade licence, VAT registration, ownership structure, MOA, AOA, Commercial Lease.
  • Bank account details, IBAN, account statements.
  • Sales data, transaction records, invoice histories.
  • Loan application history, repayment status, and linked e-commerce settlement summaries.

c. Technical and Device Information

  • IP address, device identifiers, browser type, operating system.
  • Login times, location (based on IP), device fingerprinting.
  • Cookies, session tokens, usage analytics.

d. Behavioural and Interaction Data

  • Pages visited on the Platform.
  • Products viewed or applied for.
  • Customer support interactions, email or chat logs.
  • Consent status and acknowledgment records.

3. Why We Collect Your Data (Lawful Purposes)

We collect your personal data for the following reasons, in line with FSRA and ADGM obligations:

a. Regulatory and Legal Compliance

  • To meet Know Your Customer (KYC), Anti-Money Laundering (AML), and Counter-Terrorist Financing (CTF) obligations.
  • To comply with reporting requirements set by FSRA, ADGM, and other applicable authorities.

b. Product Assessment and Application Processing

  • To evaluate your eligibility for financing products.
  • To verify submitted financial data against linked platforms (e.g. Noon, Amazon).
  • To enable Capital Partners to assess and fund your application, if applicable.

c. Service Provision and Repayment Facilitation

  • To disburse approved funding to your bank account.
  • To schedule and process repayments using agreed channels.
  • To generate statements, alerts, reminders, and reconciliations.

d. Fraud Detection and Platform Security

  • To monitor platform usage patterns and detect unusual behaviour.
  • To block suspected fraud, spoofing, or impersonation attempts.
  • To log access attempts and secure digital transactions.

e. Communications and Support

  • To respond to inquiries, complaints, and service requests.
  • To notify you of changes to your account, terms, product availability or pricing.
  • To send service-related notifications (not marketing) by email or SMS.

f. Marketing and Promotional Use (Only With Your Consent)

  • If you explicitly consent, we may send you marketing materials, newsletters, or product updates.
  • You may withdraw this consent at any time by contacting us or using the unsubscribe feature in any message.

4. Sharing and Disclosure of Personal Data

We may share your personal data with the following parties under strict confidentiality obligations:

a. Regulatory Authorities and Law Enforcement

  • FSRA, ADGM Office of Data Protection, UAE Central Bank, UAE tax authorities;
  • Any other government authority or court under legal obligation or lawful request.

b. Capital Partners (Where Applicable)

  • If you apply for a Product offered by a third-party Capital Partner, relevant data (such as KYC documents, sales summaries, and repayment history) will be shared to enable assessment and servicing.
  • Capital Partners are contractually bound to handle your data responsibly and may not use it outside of the financing relationship.

c. Service Providers and Data Processors

  • Identity verification and sanctions screening;
  • Payment gateway and banking infrastructure;
  • Cloud hosting and secure document storage;
  • Communication platforms for support and transactional notifications.

Each vendor is required to follow confidentiality agreements and data protection obligations equivalent to our own.

5. International Data Transfers

Some of our servers or third-party providers may be located outside the United Arab Emirates or ADGM jurisdiction. In such cases, your personal data may be transferred internationally.

These transfers shall only occur under conditions that provide adequate data protection safeguards, such as:

  • Standard Contractual Clauses (SCCs);
  • Data Processing Agreements with cross-border provisions;
  • Vendor certification to ADGM-approved frameworks.

You may request a copy of applicable safeguards by contacting our Data Protection Officer at dpo@klubworks.com.

6. Data Retention Policy

We will retain your data only as long as necessary for the purpose for which it was collected and in accordance with applicable regulations. Specifically:

  • KYC, transaction, and repayment data will be stored for at least seven (7) years from your last interaction, as required by FSRA;
  • Audit logs and communication records may be stored longer if related to regulatory or legal inquiries;
  • Marketing consents and opt-out preferences are retained until you request deletion.

At the end of the retention period, your data will be anonymised or securely deleted.

7. Data Subject Rights (Your Legal Rights)

As a user of our Platform and a data subject under ADGM law, you have the following rights:

  • Right to Access: Request a copy of your personal data and processing details.
  • Right to Rectification: Correct any incorrect or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion under specific circumstances.
  • Right to Restrict Processing: Ask us to temporarily stop processing your data.
  • Right to Object: Object to processing for legitimate interests or direct marketing.
  • Right to Withdraw Consent: Withdraw consent for optional uses at any time.

To exercise any of these rights, email us at dpo@klubworks.com. We will respond within thirty (30) calendar days.

8. Restrictions to Your Data Rights under ADGM Regulations

  • Legal, Security, and Regulatory Exemptions: Your rights may be limited for national security, crime prevention, or legal obligations.
  • Public Interest and Oversight: Limited to ensure regulatory integrity, public protection, and legal functions.
  • Confidentiality and Third-Party Rights: Limited to protect legal privilege and third-party rights.
  • Market and Business Integrity: Disclosure may be withheld for economic, strategic, or commercial reasons.
  • Archiving and Research: Rights may not apply if data is used solely for non-identifiable research purposes.

9. Your Responsibilities

  • Ensure all information you provide is accurate and current.
  • Use a secure connection and keep your login credentials confidential.
  • Inform us immediately of any suspected breach or unauthorized access.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain secure user sessions;
  • Analyse usage and improve Platform performance;
  • Remember user preferences and settings.

You may disable cookies in your browser settings. Some Platform features may not function correctly without them.

11. Changes to This Policy

We may update this Policy periodically to reflect:

  • Regulatory changes;
  • New product launches or Platform enhancements;
  • Feedback from users or the FSRA.

We will notify you of material changes via Platform banners or email. Continued use of our services after such updates will constitute your agreement to the revised Policy.

12. Contact Information

Data Protection Officer (DPO)
Email: dpo@klubworks.com
Phone: +971524109479
Hours: Monday–Friday, 9:00 AM – 6:00 PM (Gulf Standard Time)

If you believe your data rights have been infringed and you are unsatisfied with our response, you may escalate your concern to:

Office of Data Protection
Abu Dhabi Global Market (ADGM)
Website: https://www.adgm.com