RU
TMS|UAE

Privacy Policy

Effective date: June 1, 2025
Last updated: June 1, 2025



1. Overview

At TMS Partners – FZCO (“TMS|UAE”), we are committed to protecting the privacy, confidentiality, and integrity of the personal information entrusted to us by our clients, website visitors, service users, employees, and partners. We believe that maintaining the trust of those with whom we interact requires transparency, responsibility, and compliance with applicable data protection laws and ethical standards.

This Privacy Policy (the “Policy”) sets out our practices concerning the collection, use, retention, protection, and disclosure of personal information, both through our website and in the course of our professional engagements. It applies to all information provided to us online or offline, voluntarily or automatically, unless otherwise governed by a specific contractual arrangement or required by law.

By visiting our website or providing personal data to us, you acknowledge and agree to the terms of this Policy and to the processing practices described herein.

This Policy should be read together with our Terms of Use. Together, they establish the legal basis on which any personal data we collect from you, or that you provide to us, will be handled.

We process personal data in accordance with applicable data protection regulations, regardless of the country from which you access our services.

Though this Policy is governed by the applicable data protection laws of the United Arab Emirates, including Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, we also align our privacy practices with internationally recognized data protection principles, including those set out in the General Data Protection Regulation (GDPR) of the European Union, where applicable.

2. Our commitment to privacy

We recognize that the confidentiality of personal information is not only a legal obligation, but a professional and ethical one. This Policy reflects our dedication to ensuring that:

  • • Personal information is collected only where lawful and necessary;
  • • Information is processed in a fair, transparent, and secure manner;
  • • Data subjects are informed of their rights and empowered to exercise them;
  • • Personal data is not used beyond the scope for which it was collected without appropriate consent;
  • • All necessary safeguards are in place to protect data from unauthorized access, alteration, or disclosure.

We also understand the importance of privacy in digital environments and implement both organizational and technical measures to ensure your data is handled securely.

3. Scope of application

This Policy applies to personal information processed by TMS|UAE in connection with:

  • • The operation of our website: www.tmsemirates.ae;
  • • The delivery of our services, including accounting, tax compliance, corporate advisory, and consulting;
  • • Communications and interactions with prospective clients, vendors, or business contacts;
  • • Employment applications or HR-related inquiries;
  • • Compliance with legal and regulatory requirements.

This Policy applies whether we act as a data controller or as a processor on behalf of clients, in accordance with our professional engagements. Where TMS|UAE acts as a data processor, we process personal data strictly in accordance with the client’s documented instructions, applicable service agreements, and relevant data protection obligations. We do not process such data for our own purposes and implement appropriate contractual, technical, and organizational safeguards to ensure its confidentiality and integrity.

It does not extend to third-party websites that may be linked from our website. We encourage you to review the privacy policies of those sites before providing any personal data.

4. Definition of personal information

"Personal information" refers to any information that identifies or could reasonably identify an individual, either directly (e.g., name, identification number) or indirectly (e.g., IP address, location data, preferences). It includes contact information, professional affiliations, and financial details related to individuals. It does not include:

  • • Publicly available business or directory-based information (such as name, position, business title, public phone number, email address, or other contact details published in directories), unless combined with other identifying data;
  • • Anonymized or aggregated data that cannot reasonably be linked to an individual.

Our website and services are not directed at individuals under the age of 18, unless explicitly required for professional purposes with parental or guardian consent. We do not collect personal data from children. If we become aware that such data has been provided without appropriate consent, we will delete it promptly.

5. Collection of personal information

We collect personal information through various methods:

  • Information you give to us including via website forms, phone, email, or otherwise. We may also collect personal data via direct messages on messaging platforms such as WhatsApp or Telegram, or through our official social media accounts, including LinkedIn. We may also collect personal data provided through emails, messaging platforms, surveys, digital forms, service agreements, and other direct interactions with our firm. It may include your name, email, phone number, address, and financial details etc.;
  • Information we collect automatically - during each visit to our website we may collect technical data including IP address, cookie data, browser type and version, technical characteristics of the device, time of access, login credentials, time zone setting, pages visited, interaction data, length of visits, and error reports. This technical data is collected solely for statistical analysis and website optimization purposes and is not used to personally identify you.;
  • Information from third-party sources such as partner websites, service providers, analytics platforms, and credit agencies. This data may be combined with the information you provide for service improvement and personalization.

We do not collect, store, or process credit or debit card information. All online payments, if applicable, are processed through secure third-party providers, and no payment details are retained on our systems.

We do not collect sensitive personal data (such as religious beliefs, health status, or biometric data) unless voluntarily provided for legitimate and lawful purposes, and only with your explicit consent.

You may also access our website anonymously; however, certain features may require the voluntary provision of personal data to function properly.

6. Purpose and lawful grounds of processing

We process personal data lawfully, fairly, and in a manner that is proportionate to the stated purpose. We do not process data that is excessive, irrelevant, or incompatible with the original purpose of collection.

We process personal information when we have a clear legal basis to do so, which may include one or more of the following:

  • Contractual necessity - to fulfil a service agreement or professional engagement with you;
  • Legal obligations - to comply with tax, accounting, anti-money laundering (AML), or corporate governance laws;
  • Legitimate interests - to manage our business, improve our services, prevent fraud, and secure our IT infrastructure, analyze usage patterns, and enhance the user experience across our website. In particular, we may process identity, ownership, and financial data in order to comply with applicable laws related to anti-money laundering (AML), counter-terrorism financing (CTF), and the identification of ultimate beneficial ownership (UBO). Such processing is based on our legal obligations as a Designated Non-Financial Business and Profession (DNFBP) under Cabinet Decision No. 10 of 2019 and Cabinet Decision No. 58 of 2020.We only collect and process such information to the extent required by law or regulatory guidance, and apply appropriate safeguards to ensure its confidentiality and integrity;
  • Your consent - for certain marketing communications, use of cookies, or voluntary data submissions. By providing your contact information, you consent to its use for service-related notifications, updates, and occasional promotional messages.

If you submit your information via our contact form, we may process your name, email, and message to:

  • • Respond to your inquiry and understand your request;
  • • Evaluate your matter and communicate with you;
  • • Improve the overall user experience;
  • • Offer to subscribe to legal updates, if you opt in.

If you do not provide such information, we may not be able to assist you further.

Aggregated or anonymized data may be used for statistical or analytical purposes and may be shared with partners, provided such data does not identify any individual.

We process personal data both manually and by automated means (e.g., through internal systems or secure cloud environments), but we do not engage in any automated decision-making or high-risk processing, such as large-scale profiling, behavioral analysis, or systematic monitoring.

We ensure that any processing based on legitimate interest does not override your own rights and freedoms.

7. Disclosure and sharing of information

We may share personal data only where necessary, and only with trusted recipients under appropriate legal or contractual safeguards:

  • • Group companies: including subsidiaries or affiliated entities;
  • • Regulatory authorities, government bodies, or law enforcement agencies;
  • • Professional advisors: such as lawyers, accountants, or consultants;
  • • Third-party service providers: engaged to deliver operational services on our behalf (e.g., IT or analytics vendors);
  • • Business partners or subcontractors: involved in service delivery;
  • • Credit agencies: where required for risk or eligibility checks;
  • • Buyers or successors: in the event of business sale or asset transfer.

We do not sell or rent your personal data to third parties, nor do we share it for their direct marketing purposes.

We may disclose your data only when necessary to fulfill your service requests, contractual duties, comply with legal obligations, or protect our legal rights, users, and assets.

8. Cross-border data transfers

A cross-border data transfer refers to any transfer of personal data to a jurisdiction outside of the UAE, including to foreign authorities, organizations, or service providers. As a UAE-based firm with international clients and partners, we may transfer your personal data outside the jurisdiction in which it was collected. In doing so, we ensure:

  • • That the destination country has adequate data protection standards; or
  • • That appropriate safeguards, such as Standard Contractual Clauses, are in place; or
  • • That you have given explicit informed consent to such a transfer.

We strive to minimize the extent and frequency of cross-border transfers and perform regular vendor due diligence to ensure ongoing compliance.

By providing personal data, you acknowledge that it may be transferred and processed outside your jurisdiction, subject to appropriate safeguards as outlined in this Policy.

Where cross-border transfer of personal data is required, we implement appropriate contractual, technical, and organizational safeguards to ensure data remains protected in accordance with applicable law.

9. Cookies and website tracking

To enhance your browsing experience and improve the functionality of our website, we use cookies and similar tracking technologies. Cookies are small text files placed on your device by your browser when you visit our website. They help remember your preferences, enable secure access, and provide anonymized usage insights.

We use both first-party and limited third-party cookies strictly for the following purposes:

  • Essential cookies – required for basic website functionality, including secure browsing and form submissions;
  • Analytical/performance cookies – help us understand how visitors interact with our site (e.g., page views, visit duration, traffic sources) to optimize structure and content;
  • Functionality cookies – remember your preferences (such as language or region) to provide a more consistent and user-friendly experience.

We do not use cookies for profiling, behavioral advertising, or automated decision-making. Data collected via cookies is anonymized and used solely for aggregate analytics and service improvement.

Specifically, we may use tools such as Google Analytics. This data is processed in an aggregated and anonymized form and is stored on servers located outside the UAE. We do not allow Google or any other third party to access or use this data to identify individual users. You may opt out of Google Analytics by installing the opt-out browser add-on.

Cookies do not reveal your personal identity unless you choose to provide such information through our contact forms or service inquiries.

You can control or delete cookies at any time through your browser settings:

  • • Accept or block all cookies;
  • • Set alerts for when a cookie is being placed;
  • • Delete stored cookies manually.

Please note that disabling certain cookies may affect the functionality and performance of the website.

For more information, visit www.allaboutcookies.org.

By continuing to use our website, you consent to our use of cookies as described in this Policy.

10. Security of personal data

We maintain appropriate physical, technical, and organizational security measures to protect your data against accidental loss, unauthorized access, misuse, alteration, or disclosure. These measures include:

  • • Secure hosting and data encryption;
  • • Access controls and authentication;
  • • Employee confidentiality obligations;
  • • Regular audits and incident response protocols.

As a professional services provider subject to regulatory confidentiality obligations, we treat all clientrelated personal data with strict confidence, both during and after the engagement. Such data is not disclosed except as required by law or with the client’s consent.

Our website is secured with SSL (Secure Sockets Layer) encryption to ensure the safe transmission of data between your browser and our servers.

In case of a data breach likely to harm privacy/confidentiality, we will notify the UAE Data Office and affected individuals promptly, in accordance with applicable requirements. While we strive to protect your data, no system can guarantee absolute security. We encourage you to report any concerns regarding misuse or unauthorized access.

11. Data retention

Personal data is retained no longer than necessary to fulfill the processing purpose or as required by law. When the purpose no longer applies, data is securely deleted or anonymized.

Mainly we retain your personal data for as long as necessary to:

  • • Deliver services as per the engagement terms;
  • • Fulfil our legal, regulatory, and contractual obligations;
  • • Defend legal claims or comply with audit requirements;
  • • Maintain accurate business and tax records.
  • • Provide for secure storage and operational continuity.
  • • Assist you with future matters;
  • • Improve services based on your feedback;

Typically, accounting and corporate records are retained for 5-10 years in accordance with applicable laws. Where no specific retention period is defined by contract or law, we retain personal data for no longer than 12 months after the end of the engagement or interaction.

12. Your rights

You have the following rights under applicable data protection law:

  • Access: to request a copy of the data we hold about you;
  • Correction: to amend any incomplete or inaccurate data;
  • Erasure: to request deletion when data is no longer necessary;
  • Restriction: to limit the processing of your data in certain cases;
  • Objection: to object to processing based on legitimate interest;
  • Data portability: to obtain a copy of your data in a structured format;
  • Withdraw consent: at any time, for processing based on your consent.

To exercise your rights, please contact us using the details below. We may require you to verify your identity before fulfilling the request.

Applicable law may require or permit us to decline your request. If we do so, we will explain the reasons, subject to legal limitations.

We encourage you to keep your personal data accurate and up to date. If you believe that any information, we hold is incorrect or incomplete, please contact us to request correction.

13. How to contact us

If you have any questions, concerns, complaints, or wish to exercise your rights under this Policy, please contact us at info@tmsemirates.ae.

We aim to respond to all inquiries within 30 days. If you are not satisfied with our response, you may contact the UAE Data Office or the data protection regulator in your jurisdiction.

14. Updates to this Policy

We reserve the right to amend or update this Privacy Policy from time to time to reflect changes in law, technology, or our business practices. The most recent version will always be available on our website, with a clearly stated "Last Updated" date. Where significant changes are made, we will notify users accordingly.

If any provision of this Privacy Policy is held to be invalid, illegal, or unenforceable under applicable law, the remaining provisions shall remain in full force and effect.

This Privacy Policy may be made available in more than one language. In the event of any discrepancy or inconsistency between the English version and any translation, the English version shall prevail.

By continuing to use our website and services, you confirm your acceptance of this Privacy Policy. If you do not agree with its terms, please discontinue the use of our website.

Thank you for your request.
Our specialist will contact you shortly.

📝