Privacy Policy

1. Introduction

Mashora Legal & Corporate Consulting (“Mashora”, “we”, “us”, or “our”) is committed to protecting your privacy and ensuring that your personal data is handled in compliance with applicable laws and regulations of the United Arab Emirates (UAE). This Privacy Policy explains what information we collect from you, how we use and protect it, and your rights regarding your personal data. We implement our privacy practices in accordance with the UAE Federal Data Protection Law and other relevant laws, reflecting our dedication to transparency and accountability.

By using our website or services, you agree to the collection and use of your information as described in this Privacy Policy. We encourage you to read this policy carefully. If you do not agree with any part of it, please do not use our services or provide us with your personal information.

2. Data Collection

We collect both personal and non-personal information from you to provide and improve our services. The types of data we collect include:

2.1 User-Provided Information

When you interact with Mashora, you may choose to provide personal information, such as:

  • Contact Information: Name, email address, telephone number, and mailing address.
  • Business Details: Company name, job title, industry, and other business-related information relevant to our consulting services.
  • Inquiry or Service Details: Information you provide when requesting our services or legal support, which may include details about your legal or corporate needs.
  • Payment Information: Financial details (e.g., bank account or payment card information) when necessary for processing payments for our services.
  • Other Information: Any other information you choose to provide when contacting us, filling out forms, subscribing to newsletters, or communicating with our team (such as feedback or inquiry details).

2.2 Automatically Collected Data

When you visit our website or use our online services, we automatically collect certain technical and usage information, including:

  • Device and Browser Data: IP address, browser type and version, device type, operating system, language settings, and hardware identifiers.
  • Usage Data: Pages you visit on our site, the dates and times of your visits, time spent on each page, links clicked, and the navigation path you take through our pages.
  • Log Information: Our servers keep logs that may record your interactions with the site (such as access times, errors, and referral URLs).
  • Location Data: General geographic location based on your IP address (e.g., city or country), which helps us understand where our users are coming from.

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies (such as web beacons, pixels, and analytics scripts) to collect information automatically. For example:

  • Cookies: Small text files stored on your device that remember information about your preferences and activity. Our site uses both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device until deleted or expired) for various purposes, including to make our site function properly and to enhance your user experience.
  • Analytics Tools: We utilize third-party analytics services like Google Analytics to gather information about website traffic and user interactions. These tools use cookies and scripts to help us analyze how visitors use the site, allowing us to improve content and performance.
  • Advertising Pixels: We may use advertising or remarketing pixels such as the Facebook Pixel and similar technologies from platforms like Google Ads and LinkedIn. These track your browsing behavior on our site and help us deliver relevant advertisements on those platforms or measure the effectiveness of our ad campaigns.

For more details on how we use cookies and how you can manage them, please see the Cookies and Tracking Technologies section below (Section 5) and/or our separate Cookie Policy.

3. Purpose of Data Collection

We collect and use your information for various purposes in connection with operating our business and providing you with services. The main purposes for which Mashora uses your data include:

  • Providing Services and Support: To deliver the legal and corporate consulting services you request, manage your engagements with us, and communicate with you about your inquiries, cases, or projects. This includes using your contact details to respond to questions, schedule consultations, and provide customer support.
  • Communication: To send administrative information, such as appointment confirmations, invoices, technical notices, updates, security alerts, and support messages. We also use your contact information to notify you about changes to our services or policies.
  • Legal and Regulatory Compliance: To fulfill our legal obligations under UAE laws and regulations. We may process personal data as required for compliance with applicable laws (for example, anti-money laundering (AML) regulations, know-your-customer requirements, court orders, or lawful requests by government authorities).
  • Improvement and Analytics: To analyze and understand how our services and website are used. This helps us improve our offerings, develop new features, and enhance user experience. We use aggregated data and analytics tools to troubleshoot issues, perform research, and inform our business strategy.
  • Marketing and Advertising: To send you marketing communications about our services, industry insights, or events that may interest you, in accordance with applicable law. We may also use data (with your consent where required) to personalize and measure our advertising campaigns. For instance, we might use your browsing behavior and cookie data to deliver targeted ads on platforms like Google, Facebook, or LinkedIn.
  • Protecting Rights and Interests: To protect the safety, rights, property, or security of Mashora, our clients, employees, and others. This includes using data to detect, prevent, and address fraud, security breaches, or other potentially prohibited or illegal activities, and to enforce our terms and agreements.

We will only use your personal data for the purposes we collected it for, or for closely related purposes that are reasonably expected in the context of our relationship, unless we obtain your consent or have a legal obligation to use it for other purposes. If we need to use your data for an unrelated purpose, we will notify you and seek your consent or rely on another lawful basis as required by UAE law.

4. Third-Party Data Sharing

Mashora respects the confidentiality of your information. We do not sell your personal data. However, in certain circumstances, we may share your information with trusted third parties, but only under appropriate safeguards and for legitimate purposes. Such third parties may include:

  • Service Providers: Third-party vendors who perform services on our behalf and under our instructions. These include, for example, IT hosting companies, cloud storage services, customer relationship management (CRM) platforms, email service providers, and analytics providers. These service providers are bound by confidentiality or data processing agreements and are only permitted to use your data to perform services for Mashora, not for their own purposes.
  • Advertising and Marketing Partners: With your consent or as permitted by law, we may share certain limited data with advertising partners to assist with our marketing efforts. For instance, we might share a hashed version of your email address or information about your site usage with platforms like Google, Facebook, or LinkedIn to create custom audiences or targeted ads. Additionally, these partners (through cookies or pixels on our site) may collect information automatically as described in the Cookies section. Any data we share is handled in accordance with those platforms’ privacy policies.
  • Payment Processors and Financial Institutions: When you make payments for our services, your payment information and necessary personal details will be shared with banks, credit card companies, payment gateways, or other financial institutions to process the transaction. Such entities are responsible for handling your payment data securely and are bound by their own privacy and security obligations.
  • Legal and Regulatory Bodies: We may disclose your information to government authorities, regulators, courts, or law enforcement agencies if required to do so under applicable law. For example, we might share data in response to a subpoena, court order, or other legal process, or to comply with mandatory governmental requests. We may also share information when we believe in good faith that it is necessary to prevent violations of law or to protect the rights, property, or safety of Mashora, our clients, or others (for instance, providing information to law enforcement to help prevent fraud or cybercrime).
  • Professional Advisors: In the course of our business, we may need to share data with our professional advisors, such as lawyers, auditors, insurers, or accountants. These parties are bound by duties of confidentiality and will only use the information as needed to provide their services to us (e.g., giving legal advice or conducting financial audits).
  • Business Transfers: If Mashora undergoes a business transaction such as a merger, acquisition, reorganization, or sale of certain assets, your personal data may be transferred to the acquiring or successor entity as part of that transaction. In such cases, we will ensure the recipient agrees to protect personal data in a manner consistent with this Privacy Policy or we will seek your consent where required by law.

Whenever we share your information with third parties, we ensure that we have a valid legal basis for doing so and that appropriate safeguards are in place to protect your data. Third parties who receive personal data from us are expected to handle it in compliance with applicable privacy laws and only for the purposes we have specified.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our website to improve functionality, analyze usage, and support our marketing efforts. This section explains how we use these technologies and how you can manage your preferences.

5.1 Use of Cookies

Cookies are small text files that are placed on your device when you visit our site. They allow the website to recognize your device and remember certain information about your visit (such as your preferences or whether you are logged in). Mashora uses several types of cookies for different purposes:

  • Essential Cookies: These cookies are necessary for our website to function properly. They enable core features like page navigation and access to secure areas of the site. Without these cookies, certain services or functionalities may not be available. (Because they are essential, you cannot opt out of these cookies.)
  • Performance and Analytics Cookies: These cookies collect information about how visitors use our site (for example, which pages are visited most often or if users encounter error messages). We use this data to improve the website’s performance and user experience. For instance, Google Analytics may set cookies to help us understand user interactions on our site. The information collected by these cookies is aggregated and generally does not identify you personally.
  • Functionality Cookies: These cookies allow the site to remember choices you make (such as your language preference or other settings) to provide a more personalized experience. They may also enable enhanced features, like remembering your details for faster form submission. Disabling these may affect some of the site’s functionality.
  • Marketing and Advertising Cookies: These cookies track your online activities to help us deliver more relevant advertising or to limit how many times you see an ad. They may be set by us or by our advertising partners. For example, the Facebook Pixel and similar tools from Google or LinkedIn may use cookies to record your visit to our site and the pages you interacted with. This information allows us to later show you targeted ads on those platforms and measure the effectiveness of our ad campaigns. These cookies may also track your browser across other sites to build a profile of your interests.

5.2 Managing Cookies and Tracking Preferences

You have the right to control how cookies and similar technologies are used on your device. Here are ways you can manage your preferences:

  • Browser Settings: Most web browsers let you adjust settings to refuse new cookies, delete existing cookies, or notify you when new cookies are set. Please refer to your browser’s help documentation for instructions on how to do this. Note that blocking or deleting cookies may impact your experience on our site; some features might not work correctly if cookies are disabled.
  • Opt-Out Tools: For analytics and advertising cookies, many third parties provide options to opt out of data collection. For example, you can install the Google Analytics Opt-out Browser Add-on to prevent your data from being used by Google Analytics. Similarly, you can adjust your Google Ads settings or use Facebook’s ad preferences settings to control personalized advertising. Other advertising networks and analytics services may offer their own opt-out mechanisms.
  • Cookie Consent Management: If our website features a cookie consent banner or settings tool, you can use it to customize your cookie preferences at any time. This might include accepting or rejecting different categories of cookies (such as only accepting essential cookies).
  • Do Not Track (DNT): Some browsers have a “Do Not Track” feature that sends a signal to websites indicating you do not wish to be tracked. Currently, there is no universal standard for how websites should respond to DNT signals. Mashora treats DNT signals according to our own privacy standards and the capabilities of the technology, but the best way to ensure tracking is limited is to use the methods described above (browser settings and opt-out tools).

By continuing to use our site without disabling cookies or opting out via the methods above, you consent to our use of cookies and similar technologies as described in this Policy. For more detailed information about the specific cookies and tracking technologies we use, please see our Cookie Policy or contact us with any questions.

6. Data Security Measures

We take the security of your personal data seriously. Mashora implements a variety of technical and organizational measures to safeguard your information from unauthorized access, disclosure, alteration, or destruction. Our security measures include:

  • Encryption: We use encryption protocols such as SSL/TLS to protect data transmitted on our website. When you enter information on our site, the data is encrypted in transit to prevent eavesdropping by third parties.
  • Secure Storage: Personal data collected through our site or services is stored on secure servers. We employ firewalls, anti-malware tools, and other security technologies to protect our IT infrastructure against intrusion and attacks.
  • Access Controls: We restrict access to personal information to authorized personnel who need it for their job responsibilities. Staff members and contractors who handle personal data are required to maintain confidentiality and are given training on privacy and security best practices.
  • Monitoring and Testing: We monitor our systems for possible vulnerabilities and security incidents. Regular security assessments, such as vulnerability scans and penetration tests, are conducted to evaluate our defenses and proactively address potential weaknesses.
  • Incident Response: Mashora has an incident response plan in place to handle any suspected personal data breach swiftly and effectively. If a security incident occurs, we will contain and investigate the issue, and notify affected parties and authorities as required by UAE law.
  • Vendor Due Diligence: When we engage third-party service providers who may handle personal data on our behalf, we assess their security practices to ensure they meet appropriate standards. We also include data protection obligations in our contracts with such providers to protect your information.

While we strive to protect your personal data with strong security measures, no method of transmission over the Internet or electronic storage is completely secure. Therefore, we cannot guarantee absolute security of your information. In the event of a data breach involving your personal data, we will follow applicable UAE breach notification laws and inform you and the relevant authorities as required.

7. User Rights and Data Control

Under UAE data protection laws, you have certain rights regarding your personal data. Mashora is committed to respecting your rights and helping you exercise control over your information. Subject to some legal exceptions, your rights include:

  • Right to Access: You can request confirmation of whether we are processing your personal data, and if so, ask for a copy of the information we hold about you. We will provide this information, along with details about how we use your data, within the time frame set by law.
  • Right to Correction: If any of your personal data is inaccurate or incomplete, you have the right to request that we correct or update it. We encourage you to keep your information up to date and will make corrections promptly when we receive valid requests.
  • Right to Deletion: You may request that we delete your personal data in certain circumstances. For example, if the data is no longer needed for the purposes it was collected, or if you withdraw consent (where consent was required), or if you object to a particular processing and we have no overriding legitimate grounds to continue. Upon a valid deletion request, we will erase your information unless we are required to keep it by law or have another lawful basis to retain it (for instance, some data may be kept to comply with financial record-keeping laws or to resolve disputes).
  • Right to Object/Opt-Out: You have the right to object to certain processing activities. In particular, you can always opt out of our direct marketing communications. If you no longer wish to receive emails or other communications about our services, you can unsubscribe via the link in those messages or contact us to be removed from our mailing list. Additionally, if we are processing your data based on our legitimate interests, you may object to that processing and we will consider your request and whether our interests in using the data are overridden by your privacy rights.
  • Right to Restrict Processing: In certain situations, you can request that we limit the processing of your data (for example, while we verify the accuracy of your data after you have contested it, or if you want us to preserve data while a legal claim is pending). When processing is restricted, your data will still be stored, but not used or shared until the restriction is lifted.
  • Right to Withdraw Consent: If we rely on your consent for any part of our data processing (such as for optional marketing or use of certain cookies), you have the right to withdraw that consent at any time. This will apply going forward, meaning it will not affect the lawfulness of any processing done before your withdrawal. For example, you can withdraw your consent to marketing emails by unsubscribing, or adjust your cookie consent preferences on our site.
  • Right to Data Portability: Where applicable under law, you may request to receive your personal data that you have provided to us in a structured, commonly used, machine-readable format, and have the right to transmit that data to another party. This right applies when the processing is based on your consent or a contract with you, and is carried out by automated means.
  • Right to Lodge a Complaint: If you believe your data protection rights have been violated, you have the right to lodge a complaint with the relevant regulatory authority in the UAE. We would appreciate the chance to address your concerns first, so we encourage you to contact us with any complaint and we will do our best to resolve it.

To exercise any of your rights or to make an inquiry about your personal data, please contact us using the information provided in the Contact Information section below. We will need to verify your identity to ensure we do not disclose data to the wrong person or make unauthorized changes. We will respond to your request within the timeframe required by law and will let you know if we require additional information from you. Please note that certain rights may be limited by law; for instance, if fulfilling your request would reveal personal data about another individual, or if you request deletion of data that we are legally obligated to keep, we may not be able to comply fully but will provide an explanation.

8. Data Retention and Deletion

Mashora will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations. Our data retention practices are designed to ensure we do not keep personal data longer than needed. Below are some general guidelines we follow:

  • Client Service Records: If you become a client and use our legal or corporate consulting services, we will retain your information for the duration of our relationship (while we are providing services) and for a period after the services have ended. This post-service retention is to comply with legal requirements (for example, maintaining records for accounting or regulatory compliance) and to be able to address any follow-up inquiries or issues. Typically, client records may be kept for several years after the conclusion of the service, in line with statutory requirements or professional guidelines.
  • Legal Requirements: Certain information may be retained to fulfill specific legal obligations. For instance, UAE law may require us to keep transaction records, contracts, invoices, or communications for a set minimum period. Likewise, information related to anti-money laundering checks or other compliance records might be kept for the legally mandated duration (which could be several years).
  • Marketing Data: If you have subscribed to our newsletter or agreed to receive marketing communications, we will retain your contact details for marketing purposes until you unsubscribe or opt out of receiving such communications. Once you opt out, we will promptly remove you from our active marketing lists. (We may still keep a record of your email address in a suppression list to ensure we honor your opt-out going forward, as required by law.)
  • Website Usage Data: Analytics data and web server logs are generally retained for a short period to support site functionality and security. We might keep these logs for a few months to a year, as this helps us analyze trends and investigate any technical issues or security incidents. After that, the data may be deleted or anonymized (stripped of any identifiers that could link it back to an individual).
  • Deletion or Anonymization: When we no longer have a legitimate need or legal obligation to keep your personal data, we will securely delete it or anonymize it. Anonymization means transforming the data so that it can no longer be associated with you (for example, aggregating data for statistical purposes). We aim to include retention periods in our internal data inventory and to periodically review the data we hold and erase or anonymize information that is no longer required.

If you wish to request the deletion of your personal data, you may contact us at any time. We will evaluate your request in light of our legal and contractual obligations. If we are able to delete the data, we will do so and also instruct third parties who process it on our behalf to delete it, if applicable. In cases where we must retain information (e.g., to comply with a legal obligation or to establish/exercise legal claims), we will inform you of that decision. Please note that even after deletion, some residual information might remain in backup files for a short period until those backups are updated or deleted.

9. International Data Transfers

Mashora primarily stores and processes personal data within the UAE. However, in certain instances, your information might be transferred to, stored in, or accessed from jurisdictions outside of the UAE. For example, if we use a cloud computing service or email provider whose servers are located in another country, or if our analytics and marketing partners (like Google or Facebook) store data on servers abroad, your data could be processed internationally.

When your personal data is transferred out of the UAE, we take steps to ensure it remains protected according to the standards of UAE privacy law and this Privacy Policy. Such steps may include:

  • Adequacy Decisions: Transferring data to countries that have been officially deemed to provide an adequate level of data protection by UAE regulators (if such adequacy mechanisms are established).
  • Contractual Safeguards: If the recipient country is not recognized for adequate protection, we will use legally-approved contractual clauses or agreements (such as UAE Data Office-approved standard contractual clauses, if available) that oblige the recipient to protect your data to UAE standards. These contracts impose duties on the recipient to keep your information secure and use it only for the agreed purposes.
  • Consent or Other Legal Basis: In the absence of an adequacy decision or contractual safeguards, we may seek your explicit consent for the transfer, after informing you of any potential risks. Alternatively, we may rely on other legal bases permitted under UAE law for international transfers, such as when the transfer is necessary to perform a contract with you, to implement pre-contractual measures at your request, to conclude or perform a contract in your interest, or to exercise or defend legal claims.

We will always strive to minimize the amount and frequency of personal data transfers outside the UAE. If we do transfer your data internationally, we remain responsible for ensuring your information is treated securely and in accordance with this Policy. You can contact us if you would like more information about the safeguards we have in place for international data transfers.

10. Third-Party Links

Our website or communications may contain links to external websites or services that are not operated by Mashora. These third-party sites have their own privacy policies and practices, which may differ from ours. For example, our site might feature links to government portals, professional resources, partner company websites, or social media platforms.

If you click on a third-party link, any personal data you provide to those sites (or that is collected through your interaction) is governed by the privacy policy of the third-party site. We do not control and are not responsible for the content, security, or privacy practices of any external websites. We encourage you to review the privacy policy of every website you visit, especially if you are sharing personal information.

This Privacy Policy applies only to Mashora’s website and services. Once you leave our site or engage with a third-party service, our responsibility for your privacy ends with respect to that activity. If you have questions about how another site uses your information, please consult that site’s privacy policy directly.

11. Policy Updates

Mashora may update this Privacy Policy from time to time to reflect changes in our practices, to clarify our policies, or to comply with legal requirements. When we make material changes to the Policy, we will update the “Last Updated” date at the bottom of this page. In case of significant changes, we may also provide a more prominent notice of the modification — for example, by posting a notice on our website’s homepage or, if we have your email on file, by sending you an email notification.

We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of our website and services following the posting of changes to this Privacy Policy will be considered acceptance of those changes, to the extent permitted by law. Should we seek to use your personal data for a new purpose not originally disclosed, we will notify you and obtain consent when required.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please feel free to contact us using the information below:

Mashora Legal & Corporate Consulting
Office R10 – Level 2, The Souq Qaryat Al Beri, Abu Dhabi, UAE
Email: privacy@mashora.ae (Attn: Data Protection Officer)

Our Data Protection Officer (or designated privacy representative) will review and respond to your inquiry as soon as possible, generally within 30 days. We are committed to addressing any issues you may have and will work with you to resolve any concerns about your privacy or the protection of your data.

Thank you for trusting Mashora with your legal and corporate consulting needs. Your privacy is important to us, and we are dedicated to safeguarding your personal information in accordance with this Policy.

Last Updated: March 13, 2025