Effective Date: November 27, 2024

Privacy Policy

AiguillePath Consulting (FZE) ("we," "our," or "us") respects your privacy and is committed to protecting the personal data we collect and process. This Privacy Policy explains how we act as a Data Controller (when determining the purposes and means of processing personal data) and a Data Processor (when processing data on behalf of our clients). It also details your rights, especially under the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant laws.

1. Scope

This Policy applies to personal data collected from:

  • Visitors to our website (https://www.aiguillepath.com) or any site owned by us.

  • Clients and prospective clients seeking our consulting services.

  • Vendors, partners, and third-party service providers.

  • Individuals who interact with us via email, phone, or in person.

  • Job applicants or those inquiring about employment opportunities.

When we process personal data on behalf of clients under a written agreement, we act as a Data Processor. In other circumstances (e.g., website visitors, marketing activities), we act as a Data Controller.

2. Information We Collect

We may collect and process the following:

  1. Personal Information

    • Name, title, company affiliation.

    • Contact details (e.g., email, phone, mailing address).

    • Identification documents if needed for compliance.

  2. Business Information

    • Strategic, operational, or financial details are shared during consulting engagements.

  3. Technical Information

    • IP address, browser type, device details, geolocation, and site interaction data.

  4. Marketing & Communication Preferences

    • Your preferences for receiving marketing materials, newsletters, and surveys.

  5. Sensitive Data

    • Not actively collected; we will seek explicit consent if needed for legal or compliance reasons.

  6. Cookies and Tracking Data

    • Collected via cookies, beacons, and similar technologies (see Section 9).

3. How We Use Your Information

We use collected personal data to:

  • Provide consulting services tailored to your needs.

  • Communicate about projects, inquiries, and updates.

  • Fulfill contracts and comply with legal obligations.

  • Analyze and improve our website, services, and marketing.

  • Send newsletters and promotions with your consent.

  • Manage employment applications and recruitment activities.

4. Legal Basis for Processing

Depending on the jurisdiction, our legal bases include:

  • Contractual Necessity: To perform under a contract.

  • Legitimate Interests: To maintain business operations, manage relationships, and improve services.

  • Consent: This is for marketing or non-essential data processing (withdrawal is possible anytime).

  • Legal Obligation: To comply with applicable laws, regulations, or court orders.

5. Data Sharing and Disclosure

Your personal data may be shared with:

  • Third-Party Service Providers: For IT, marketing, analytics, legal, or other support (e.g., Google Analytics, ZohoBooks).

  • Regulatory Authorities: If required by Law or in audits.

  • Business Partners: Under collaboration or partnership agreements, subject to confidentiality.

We do not sell personal data to third parties. Where required under the CCPA, we will provide an opportunity to opt out of any potential data "sale" in a broader sense, though we currently do not sell data.

6. Data Retention

We retain personal data only as long as necessary to fulfill the purposes stated or comply with legal requirements. Examples include:

  • Marketing Data: Retained for up to 48 months or until you opt-out.

  • Financial & Compliance Data: Typically retained for 6 years after service completion or longer if mandated by Law.

If retention for legal or regulatory reasons is needed beyond these periods, we will securely store the data until no longer required. Thereafter, data is securely deleted or anonymized.

7. Data Security

We deploy technical and organizational measures to safeguard personal data, such as:

  • Encryption during transit and at rest.

  • Role-based and restricted access controls.

  • Regular security audits and staff training.

8. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your data.

  • Rectification: Correct incomplete or inaccurate information.

  • Erasure: Request deletion of your data (subject to legal exceptions).

  • Restriction: Limit how your data is used.

  • Portability: Obtain your data in a structured format.

  • Objection: Object to processing, including marketing.

CCPA-Specific Rights (for California Residents):

  • Right to Know: About the categories of personal data collected, used, and shared.

  • Right to Delete: Request deletion of personal data.

  • Right to Opt-Out: Of the sale of personal data, if applicable.

To exercise any you would like of these rights or to learn your verification process and typical response times (generally within 30 days), please get in touch with [email protected].

You also have the right to complain with your local data protection authority, such as an EU supervisory authority for GDPR complaints.

9. Cookies and Tracking Technologies

We use cookies, pixels, and similar technologies to:

  • Enhance website functionality and user experience.

  • Analyze traffic (e.g., via Google Analytics).

  • Deliver targeted advertising or marketing communications with your consent.

You can adjust browser settings to refuse certain cookies or receive alerts when cookies are being sent. For a full list of cookies and how we use them, please see our Cookie Policy.

10. International Data Transfers

Personal data may be transferred to, and processed in, countries outside your jurisdiction, including the UAE. We ensure such transfers are protected by appropriate safeguards, such as Standard Contractual Clauses or Binding Corporate Rules (where applicable). If you wish to know more or request copies, please contact us at [email protected].

11. Updates to This Privacy Policy

We may periodically update this Privacy Policy to reflect changes in our practices or legal requirements. A new "Last Updated" date will be posted on our website. For significant changes, we will notify you via email or a prominent website notice.

12. Governing Law

This Privacy Policy is governed by and interpreted according to the laws of the United Arab Emirates.

13. Contact Us

For privacy questions or concerns or to exercise your rights:

AiguillePath Consulting (FZE)
Sharjah Research Technology and Innovation Park Free Zone
Email: [email protected]
For all data protection inquiries, please email [email protected].

14. Children's Data

Our services are not intended for persons under 18. We do not knowingly collect personal data from minors.

15. Automated Decision-Making

We do not engage in automated decision-making or profiling using your personal data.

16. Breach Notification Policy

In the event of a data breach, we will notify affected individuals and the relevant authorities within the legally mandated timeframe.

Last Updated: November 27, 2024