Privacy Policy

Last Updated: 03/09/2025

At Nour Attorneys and Legal Consultants FZE LLC, including its subsidiaries and/or affiliates (hereinafter referred to as “we,” “our,” “us,” or “Nour Attorneys”), are dedicated to safeguarding the privacy and security of its clients and website visitors’ personal data (“User,” “Customer,” “you,” “your”). We are dedicated to transparency and ensuring that you understand your rights regarding your personal data.

When you interact with us through any of our channels, we may collect certain information about you. If such information can be used to identify you, it is classified as ‘personal data’ or ‘personal information’. In accordance with the Federal Decree Law No. 45 of 2021 Regarding the Protection of Personal Data (PDPL) of the United Arab Emirates, and other applicable data protection laws and regulations, including those relevant to international data transfers.

1. WHO WE ARE

As per the UAE Data Protection Law (and other equivalent laws in other jurisdictions), we are the Data Controller and are responsible for determining the purposes and means of processing your personal data.

This Privacy Policy along with our terms of engagement explains how we collect, use, store, share, protect your personal data and the rights you have in regards to your personal data when you engage our legal services, visit our website (https://nourattorneys.com/ ), or interact with us in any other way.

Additionally, we may collect personal data from third parties, as further detailed below. By accessing our website or engaging us for services, you agree to the terms of this Privacy Policy.

2. WHAT PERSONAL DATA DO WE COLLECT

We collect various types of personal data depending on the nature of our engagement with you. This may include, but is not limited to:

1. Identity Data: Name, date of birth, nationality, passport/ID details, visa information
2. Contact Data: Address, email address, telephone numbers.
3. Financial Data: Bank account details, payment card details, financial statements, tax information, billing and payment history.
4. Professional Data: Occupation, employer, job title, professional qualifications, business contact details.
5. Case-Related Data: Information relevant to the legal matter for which you engage us, which may include sensitive personal data such as health information, religious beliefs, political opinions, trade union membership, sexual orientation, genetic data, biometric data, or criminal records, where such data is necessary for the provision of our services.
6. Technical Data: IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
7. Usage Data: Information about how you use our website and services.
8. Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

We collect personal data directly from you, from publicly available sources, and from third parties (e.g., other parties involved in a legal matter, government authorities, financial institutions, background check providers) where necessary for the provision of our services or as permitted by law.

3. HOW WE COLLECT YOUR PERSONAL DATA
4. Information you provide

When you visit our website or utilize the “Contact Us” feature through interactive elements, online forms, email, or other communication methods, you voluntarily provide us with personal information such as your name, email address, phone number, and any other details you choose to share. We also maintain social media pages on platforms like Facebook, Twitter, Instagram, and LinkedIn. When you interact with these pages—by sending messages, commenting, or sharing content you give us access to technical and identity data. Additionally, the hosting providers of these platforms may share aggregate data and analytics related to your interactions.

We collect the information you submit when completing surveys, questionnaires, or forms. If you are a current or prospective client seeking our services, we may gather identity, contact, financial, professional, and case-related data as required for the specific services. Likewise, if you apply for a position at Nour Attorneys, you may be asked to provide your CV, which could include your personal, contact, professional, and financial data.

1. Information we collect from third parties

We may collect personal data about you from third parties, in accordance with the law and where relevant to the services we provide or our legitimate business operations. These sources include publicly available registers, court records, land registries, and other accessible databases. Additionally, information may be obtained from involved parties such as opposing counsel, courts, tribunals, expert witnesses, financial institutions, government agencies, and other legal entities related to your case. We may also receive data through professional networks and referrals from individuals or organizations directing you to our services. Furthermore, background check providers may supply information for employment purposes or as part of our due diligence processes for specific client engagements.

1. Information we collect automatically

When you visit or engage with our website, including our social media pages, we automatically collect certain technical data to enhance our services and improve user experience. This data includes your device model, operating system, browser type, unique device identifier, IP address, mobile network carrier, location, cookies; and your internet activity, such as the URL of the website from which you came to our website, how long you spent on a page, and other similar details about your use of and actions on our website.

This automatic data collection helps us understand how visitors interact with our digital platforms and allows us to optimize your experience.

4. HOW AND WHY DO WE USE YOUR PERSONAL DATA

We collect and process your personal data for specific, explicit, and legitimate purposes. We will only process your data where we have a lawful basis to do so under applicable data protection laws. The legal bases we rely on are outlined below.

1. Where We Have Your Consent

When you engage us for services we expressly ask for your consent to our engagement letter to process your personal data for several purposes. By signing, you agree that we may use your personal data for various purposes. This includes but is not limited to registering you as a client of ours, verifying your identity during onboarding, conducting due diligence, providing and administering services as instructed, processing payments, billing, and collections, or managing recruitment and employment applications.

On the basis of consent, we may also process your personal data for other purposes, but only where we have obtained your explicit consent to do so. These activities include Sending you marketing communications, legal updates, newsletters, and invitations to events and analyzing usage data to improve our services and the functionality of our website.

Where we rely on consent, you have the right to withdraw it at any time by contacting us or using the opt-out mechanisms provided in our communications. Withdrawing consent will not affect the lawfulness of any processing carried out before you withdraw it.

1. To Fulfill Our Contractual Obligations

When you become our client, we process your personal data because it is necessary for the performance of our contract with you. This includes all activities necessary to manage our client relationship, from initial onboarding to the conclusion of the service including processing payments, handling billing, and communicating with you regarding your service.

1. To Comply with Legal and Regulatory Obligations

As a regulated practice, we are required to process personal data to comply with our legal obligation. This includes conducting mandatory anti-money laundering (AML), know-your-client (KYC), and other due diligence checks. Managing our business operations, including internal record-keeping, accounting, and auditing as required by law. Ensuring the security of our systems and the data we hold, as mandated by data protection legislation. Establishing, exercising, or defending our legal rights and claims in formal legal proceedings.

1. For Legal Claims and to Protect Vital Interests

We may process personal data where it is necessary to establish, exercise, or defend a legal claim. Furthermore, in rare and exceptional circumstances, we may need to process your personal data to protect your vital interests or those of another individual.

Save as otherwise set out in this Policy, where personal data is collected for specific purposes, such personal data will only be used for that specific purpose only. It will not be used for any other purpose without your consent.

5. HOW WE SHARE YOUR PERSONAL DATA

We only share your Personal Data when necessary to the following categories of recipients, for the purposes outlined in this Privacy Policy:

1. Our Employees: Members of our legal and administrative teams who require access to your data to perform their duties.
2. Service Providers: Third-party service providers who assist us in our business operations, such as IT support, cloud storage providers (e.g., Tresorit), payment processors, and professional advisors (e.g., accountants, auditors).
3. Other Legal Professionals: Opposing counsel, barristers, expert witnesses, and other legal professionals involved in your case.
4. Government and Regulatory Authorities: As required by law or regulation, or to respond to lawful requests from public authorities.
5. Courts and Tribunals: In connection with legal proceedings.
6. Business Partners: In the context of joint ventures or collaborations, with appropriate safeguards.
7. Successors: In the event of a merger, acquisition, or sale of all or a portion of our assets.

We ensure that all third parties who process personal data on our behalf are contractually obligated to protect your data in accordance with applicable data protection laws and our own standards.

6. USE OF COOKIES AND THIRD-PARTY LINKS

We may employ both temporary (session) and persistent cookies, along with tags, scripts, and similar technologies, to enhance your experience on our website and to better understand your interactions. These tools help us identify users, track website navigation, gather demographic information, analyze the effectiveness of email campaigns, and facilitate targeted engagement by monitoring activities on our platforms.

We may utilize third-party tracking services such as Google Analytics and Google Tag Manager to gain insights into visitor behavior, allowing us to improve our services and website performance.

Additionally, our pages may incorporate web beacons or pixels small electronic files designed to count visitors, monitor activity over time and across different sites, track email interactions, identify cookies or device-specific identifiers, and collect related information. This data may be linked to your unique browser, device ID, or IP address.

Most web browsers accept and maintain cookies by default. By law, we are required to set only essential cookies necessary for website operation. You can modify your cookie preferences through your browser’s ‘Help’ or ‘Settings’ menu; however, altering these settings may limit your access to certain website features.

Our website may provide links to third-party websites for your information. If you access those links through our website, you will leave our website. We do not own and control those sites, their content or their privacy practices. We encourage you to review the privacy policy of any website before submitting your personal information.

We hereby claim liability for any information, materials, products, or services posted or offered at any of the third-party sites linked to our website. By creating a link to a third-party web site, we do not endorse or recommend any products or services offered or information contained at that website, nor are we liable for any failure of products or services offered or advertised at those sites. Such a third party may have a privacy policy different from that of ours and the third-party website may provide less security than our website.

7. INTERNATIONAL DATA TRANSFERS.

As we regularly serve clients internationally, it may be necessary to transfer personal data outside the UAE, particularly if you are located outside the UAE or if your services involve parties or jurisdictions outside the UAE. Our third-party service providers such as IT support and cloud storage providers may also process your data globally and may be located outside the UAE.

When transferring your personal data outside the UAE, we ensure that it is sent only to countries or territories recognized by the UAE Data Office as providing adequate data protection. Currently, a comprehensive list of such countries has not been made publicly available. We also implement appropriate safeguards to protect your data in compliance with the UAE Personal Data Protection Law (PDPL) and other applicable laws.

In the absence of an adequacy decision, we transfer your personal data only if supported by a contractual agreement that mandates the recipient to implement measures equivalent to those required under UAE law. If neither of these grounds applies, we will seek your explicit consent before transferring your data to the overseas recipient.

8. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR

We will only retain your personal data for as long as is reasonably necessary to fulfill the purposes for which it was collected. Our retention periods are determined by considering our legal, regulatory, professional, and contractual obligations. We are required to retain certain personal data for a significant period after the conclusion of the matter. This is necessary to comply with our professional responsibilities, for the establishment or defense of legal claims, and to meet our legal and regulatory record-keeping obligations. We will hold your personal data in accordance with applicable laws.

Where we process your data based on your consent, we will retain your data until you notify us that you wish to withdraw your consent.

Once the applicable retention period or purpose has expired, your personal data will be securely and permanently destroyed or anonymized so that it can no longer be associated with you.

9. YOUR RIGHTS AND CHOICES

You have various rights with respect to our use of your personal data:

• Access: You have the right to request a copy of the personal data we hold about you. However, this may be limited if revealing such information would disclose data about another individual or if legally prohibited.
• Accuracy: We strive to keep your personal data accurate, up-to-date, and complete. Please contact us if your data changes or if you notice any inaccuracies, so we can update our records accordingly.
• Objecting: In certain circumstances, you may object to the processing of your personal data or request that we restrict or erase it. If you wish us to stop using your data, please contact us.
• Porting: You can request that some of your personal data be provided to you or transferred to another data controller in a structured, machine-readable format.
• Erasure: When your data is no longer necessary for the purposes it was collected for, or if it has been unlawfully processed, you have the right to request its deletion.
• Complaints: If you believe your data protection rights have been violated, you may lodge a complaint with the relevant supervisory authority or seek legal remedies through the courts.
• Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent.

To exercise any of the above rights, contact us at the details provided below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

10. HOW DO WE KEEP YOUR INFORMATION SAFE?

We have put in place robust technical and organizational security measures to protect your personal data from accidental loss, unauthorized access, misuse, alteration, or disclosure. These measures include encryption, where all data particularly sensitive client information is encrypted both during transmission and while stored. We utilize Tresorit’s end-to-end encryption and zero-knowledge architecture to ensure your data remains highly secure in the cloud. Access controls are strictly enforced to ensure that only authorized personnel can access your data on a need-to-know basis. We conduct regular security audits and updates of our security protocols to address evolving threats and technologies. Additionally, all our employees receive ongoing training on data protection and cybersecurity best practices to maintain the highest level of data security.

11. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically and without prior notice. If we make significant changes that affect how we handle your personal data or alter the terms of this policy, we will notify you through email or other appropriate means. Continued use of our website or services after such notification shall signify your acceptance of our revised policy.

We encourage you to review this Privacy Policy regularly to stay informed about our privacy practices. We provide access to the most current version of this policy via:

• The Website
• Incorporation into our engagement letter, terms and Conditions of our engagement, or other relevant documents as needed

Please feel free to contact us if you have any questions regarding our security measures or any aspect of this Privacy Policy.

12. CONTACT US

If you have any concerns about our use of your personal data, you can make a complaint to our Data Protection Officer using the contact details provided below. You also have the right to lodge a complaint with the relevant supervisory authority in the UAE.

Nour Attorneys Data Protection Officer

Name: Ahmed Elshnawy
Email: [email protected]

Office No. 402, Crystal Tower, Business Bay – Dubai, United Arab Emirates

Thank you for trusting Nour Attorneys with your personal information.