Arrow Labs FZ LLC (herein “Arrow Labs”, “we” or “us”) is committed to maintaining your confidence and trust. We believe it is important that you understand how we collect, store, share, and use information from and about our website visitors, customers, and vendors. This website (the “Site”) and the services available through this Site (the “Services”) are operated by us. Arrow Labs adheres to this Notice with respect to our collection, use and disclosure of personal and non-personal data collected through the Site or in the course of our business activities conducted elsewhere when we act as the controller of that data. For purposes of applicable data protection law, Arrow Labs is the controller of any personal data collected from you on the Site or otherwise for the purposes of conducting or developing business with you.
This Notice does not apply to the information collected, stored, shared, or distributed by third-party sites.
Information We Collect About You
Depending on the circumstances, we may collect and hold a range of different information about you. We may collect this information directly from you by phone or email contact as well as automatically through your use of our Site or Services. In general, we collect information about you as follows:
Information We Collect Directly. In our first stages of contact with you, we collect your name, and contact information. If you register for our services, we will request additional information, which shall include contact information and payment details. We may also collect information from you at a trade show or anywhere else where we conduct business. In addition, we may collect information from you if you apply for a job, work placement or internship with us.
Your Activities. If you create an account, we collect contact information and payment information from you (credit card details, corporate banking details), albeit that any payments will be facilitated by a third-party payment provider. If you access your account, we collect information about your activities and actions while you are logged in, including about other users that you create in your account, and your activities whilst using your account. At all times you are the owner of the Personal Data in your account. Our processing allows us to provide you with full functionality of the account.
Information We Collect Automatically. When you access your account, our server automatically collects certain browser or device generated information, which may in some cases constitute personal data. While using our site, we automatically track certain information about you, via log files, cookies, pixel tags and other technologies. This information, your IP address, the number of times you visited our Site, which pages you visited and what materials, if any, you downloaded, your IP address, and location information. Please see the section “Cookies and Other Tracking Mechanisms” below for more information. We do not use this automatically collected information to try to identify you by name, and we do not associate it with the information you provide voluntarily, as detailed below.
Use of Personal Data We Collect
The following is an overview of our purposes for using your personal data. Additional details on how we process your personal data may be provided to you in a separate notice or contract.
All processing (i.e. use) of your personal data is justified by a “condition” for processing. In most cases, the processing will be justified on the basis that:
- the processing is necessary to perform a contract with you or take steps to enter into a contract at your request including to fully provide full functionality for your account;
- the processing is necessary for us to comply with a relevant legal obligation;
- the processing is in our legitimate interests, subject to your interests and fundamental rights, and notably our legitimate interest in using supplier, customer and Website user data to conduct and develop our business activities with them and with others; or
- you have consented to the processing.
We use the personal data we collect to:
- Respond to your enquiry;
- Provide you with the information or products you have requested and to otherwise fulfil your requests. For example, if you submit your name, phone number and contact information to us in order to receive more information from us, we may call or email you to follow up on your enquiry;
- Provide our Services to you, to communicate with you about your use of our Site and Services, and for other customer service purposes;
- Ensure that your account is providing full functionality and to make relevant modifications to your account as may be required to ensure you have a complete user experience;
- Better understand how users access and use our Site and Services, both on an aggregated and individualized basis, to improve our Site, Services and business, to respond to user desires and preferences, and for other research and analytical purposes;
- Support and manage a recruitment, work placement or internship process, including considering application and making offers;
- Protect and ensure safety of the Site, and our confidential and proprietary information; and
- If authorized by applicable laws or where you have agreed to receive additional communications from us, we may send you emails and other communications to inform you about products or services that may be of interest to you, and for other marketing and promotional purposes, where it is lawful for us to do so.
We take reasonable care regarding the sensitivity of the data and the risks of the processing activities, to keep any information provided to us secure and to prevent any unauthorised access, alteration, damage, or use.
Disclosure of Personal Data We Collect
Your information is not sold to or shared with unaffiliated third parties for their independent marketing purposes. However, we may disclose certain information to certain third parties, for the reasons explained in this section:
Service Providers. Arrow Labs may hire other companies to provide services on our behalf, including data hosting and cloud services providers, answering customer questions about products or services, sending mail and processing event registration. We may disclose the information we collect from you to third party vendors, service providers, contractors or agents who perform functions on our behalf.
- Sub Processor. We store all data which we process in Microsoft Azure Cloud. Our sharing of data is pursuant to the terms of a binding written contract with Microsoft which replicates our obligations to you. Microsoft Azure stores our data in the United States. See the “Cross-border Transfer” section below.
- Affiliates. We may disclose the information we collect from you to our affiliates or subsidiaries (including any company that controls, is controlled by or is under common control with us); however, if we do so, their use and disclosure of your personally identifiable information will be subject to this Notice.
- In Response to Legal Process. We may disclose the information we collect from you, to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
- Business Transfers. If we are acquired by, merge with, or enter a joint venture with another company, or if all or substantially all our assets are transferred to another company, or as part of a bankruptcy, we may transfer the information we have collected from you to the new or acquiring company.
- To Protect Us and Others. We may disclose the information we collect from you to law enforcement officials, courts and other third parties, where we believe it is reasonably necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of this Notice, or, to the extent permissible by applicable law, as evidence in litigation in which we are involved.
- Aggregate and De-Identified Information. We may share aggregate and de-identified information about users with third parties for marketing, advertising, research or similar purposes.
We reserve the right to share any information that you provide which is not deemed personal data or is not otherwise subject to contractual restrictions.
The Site is not for use by children under the age of 16 years and we do not knowingly collect, store, share or use the personal data of children under 16 years. If you are under the age of 16 years, please do not provide any personal data, even if prompted by the Site to do so. If you are under the age of 16 years and you have provided personal data, please ask your parent(s) or guardian(s) to notify us and us will delete all such personal data.
Retention of Personal Data
We apply a general rule of keeping personal data only for as long as required to fulfil the purposes for which it was collected. However, in some circumstances, we may retain personal data for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required.
In specific circumstances, we may also retain your personal data for longer periods of time corresponding to a statute of limitation so that we have an accurate record of your dealings with us in the event of any complaint or challenges.
Communications from Us
We and our affiliates may send you emails and other marketing communications about products, services or other information we think may be of interest to you, where permitted under applicable law. You may opt out of these emails at any time by sending an email from the email address you wish to unsubscribe and following the instructions contained in any of our marketing emails. You may also opt out of other marketing communications at any time by contacting us as set forth in the “Contact Us” section below and requesting to opt out.
All information that we collect from you may be transferred to, processed in, and stored in Microsoft Azure Cloud, which is currently hosted in the US. The jurisdictions in which your information may be processed, may not have an equivalent level of data protection laws as those in your jurisdiction. We take reasonable steps to ensure that your personal data receives an equivalent level of protection as may apply in the jurisdiction in which you are resident. In particular, we have entered into a binding written agreement with Microsoft Azure which includes provisions to protect personal data when in the US which are compliant with relevant data protection laws.
We aim to safeguard and protect your personal data from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss. We utilize and maintain certain processes, systems, and technologies to do so. However, you acknowledge that no transmission over the Internet is completely secure or error-free, and that these processes, systems, and technologies utilized and maintained by us are subject to compromise. Accordingly, we cannot be held responsible for unauthorized or unintended access that is beyond our control.
This Site may contain links to third party sites. Since we neither control nor are we responsible for the privacy practices of those websites, we encourage you to review the privacy policies of such third-party sites. This Notice applies solely to personal data collected by our site or in the course of our business activities.
We will take steps in accordance with applicable legislation to keep your personal data accurate, complete and up-to-date. You may be entitled to have any inadequate, incomplete or incorrect personal data corrected (that is, rectified), or the right to request access to your personal data and additional information about the processing, or to have your personal data erased, under certain circumstances. Your rights are dependent on the jurisdiction in which you live, but you should contact us if you would like to make a request for your personal data or to exercise any rights in respect of it.
EU residents also have the following additional rights in certain situations:
- Data Portability – You have the right to receive all such personal data which you have provided to us in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.
- Right to Erasure - You are entitled to have your personal data erased under specific circumstances.
- Right to Restriction of Processing - You have the right to restrict our processing of your personal data (that is, allow only its storage) where:
- you contest the accuracy of the personal data, until we have taken sufficient steps to correct or verify its accuracy;
- where the processing is unlawful, but you do not want us to erase the personal data;
- where we no longer need your personal data for the purposes of the processing, but you require such personal data for the establishment, exercise or defense of legal claims; or
- where you have objected to processing justified on legitimate interest grounds, pending verification as to whether we have compelling legitimate grounds to continue processing.
- Right to Object to Processing – in certain situations you have the right to object to that processing. If you object, we must stop that processing unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or we need to process the personal data for the establishment, exercise or defence of legal claims.
- Right to Object to Direct Marketing - You have the right to object to our use of your personal data for direct marketing purposes, such as when we use your personal data to invite you to our promotional events.
You also have the right to lodge a complaint with the supervisory authority, if you consider that the processing of your personal data infringes applicable law. To ensure swift resolution of your complaint we recommend the following lead supervisory authority:
Office of the Data Protection Commissioner
Canal House, Station Rd, Cooltederry, Portarlington, Co. Laois, Ireland
Tel. +353 57 868 4800
Fax +353 57 868 4757
A list of alternative data protection supervisory authorities is available here: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
Please contact our Data Protection Officer if you wish to exercise any of your rights, or if you have any enquiries or complaints regarding the processing of your personal data. You may send your request or enquiry to Arrow Labs at Office #303, Building 3, Dubai Internet City, P.O Box 500045 Dubai, United Arab Emirates or by e-mail to: [email protected] We may require you to provide verification of your identity and to pay a reasonable fee (to the extent permitted by law) for a copy of the personal data that we hold. Please note that in certain circumstances we may withhold access to your personal data where we have the right to do so under current data protection legislation, for example, where disclosing such data may reveal the identity of a third party.
Updating your Information
In the event there is a change to any information that you provide to us, you are responsible for notifying us of this change. You may do this by writing to the postal address or email address above and providing a clear explanation of the information you would like to update. You may ask us to make changes to the information held about you at any time to ensure that it is accurate and up to date.
Changes to this Privacy Notice
We may change this Notice from time to time and the updated Notice will apply to all your information held by us at the time. If we make material changes to this Notice, we will put a notice on our home page.
If you have any queries about this Notice, would like to exercise any rights in relation to your personal data and our use of it or contact us about this Notice or our privacy practices, you may do so by submitting your request in writing to us at the postal address above or by e-mail to: