Privacy Policy

1. Information We Collect

1.1 Personal Information

When you engage with our services, we may collect the following personal data:

• Contact Information: Name, email address, phone number, business address, job title, company name
• Business Information: Company registration details, trade license number, tax registration number, financial statements, accounting records
• Identification Documents: Emirates ID, passport copies, visa information, authorized signatory details (when required for regulatory compliance)
• Financial Data: Bank account details (for payment processing only), transaction records related to our services
• Communication Records: Emails, phone call recordings (with consent), chat messages, consultation notes, service requests

1.2 Automatically Collected Information

When you visit our website https://auditfirmsdubai.ae, we automatically collect:

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, time spent, referring URLs)
• Location data (general geographic location based on IP address)
• Cookies and similar tracking technologies (see Cookie Policy)

1.3 Information from Third Parties

We may receive information about you from:

• UAE government entities (Ministry of Economy, Federal Tax Authority, Dubai Economy & Tourism)
• Banks and financial institutions (for verification purposes with your consent)
• Professional referral partners (lawyers, business consultants) who recommend our services
• Public registries and databases (for regulatory compliance verification)

2. How We Use Your Information

2.1 Primary Service Delivery

Farahat Office & Co. uses your personal information strictly for legitimate business purposes:

• Audit Services: Conducting external audits, internal audits, forensic audits, RERA audits, VAT audits, and due diligence services
• Regulatory Compliance: Preparing and filing audit reports with UAE Ministry of Economy, Federal Tax Authority, RERA, and other regulatory bodies
• Professional Consultation: Providing tax advisory, financial consulting, compliance guidance, and business advisory services
• Client Communication: Responding to inquiries, providing service updates, sharing audit findings, discussing recommendations
• Billing and Payments: Processing invoices, collecting payments, maintaining financial records

2.2 Business Operations

We use your data to:

• Maintain client relationship management (CRM) systems
• Improve service quality through feedback analysis
• Conduct internal quality control reviews
• Train our audit professionals (using anonymized data)
• Protect against fraud, unauthorized access, and security threats

2.3 Marketing Communications (With Consent)

With your explicit consent, we may send you:

• Newsletters about UAE tax and audit regulatory updates
• Service announcements and special offers
• Industry insights and professional guidance
• Invitations to webinars, seminars, and educational events

You can opt-out at any time by clicking the "Unsubscribe" link in any marketing email or contacting us directly.

2.4 Legal and Regulatory Obligations

We process your data when required by law:

• Compliance with UAE Federal Law and tax regulations
• Responding to court orders, subpoenas, and government requests
• Fulfilling anti-money laundering (AML) and know-your-customer (KYC) requirements
• Protecting legal rights and preventing fraud or misconduct

3. How We Protect Your Information

3.1 Security Measures

Farahat Office & Co. implements industry-leading security protocols to safeguard your data:

• Encryption: All data transmission uses SSL/TLS encryption (256-bit)
• Secure Storage: Client data stored on encrypted servers with restricted access
• Access Controls: Role-based permissions, multi-factor authentication (MFA), and audit trails
• Physical Security: Secure office premises with controlled access and 24/7 surveillance
• Regular Audits: Internal security audits and penetration testing
• Employee Training: Mandatory confidentiality agreements and data protection training

3.2 Data Retention

We retain your personal information for:

• Active Clients: Duration of engagement plus 7 years (as required by UAE audit regulations)
• Audit Records: Minimum 10 years from report date (regulatory requirement)
• Financial Records: 7 years from last transaction (tax law requirement)
• Marketing Data: Until you withdraw consent or request deletion

After retention periods expire, we securely delete or anonymize your data unless legal obligations require longer retention.

3.3 Data Sharing and Disclosure

We share your information only in these limited circumstances:

• With Your Consent: When you authorize us to share data with third parties
• Regulatory Bodies: UAE Ministry of Economy, Federal Tax Authority, Dubai Economy, RERA, and other authorities as legally required
• Service Providers: Cloud hosting, payment processors, IT support (all bound by strict confidentiality agreements)
• Professional Partners: Legal counsel, tax advisors, specialist consultants (only when necessary for service delivery)
• Parent Company: FAR Consulting Middle East (for integrated business services with your consent)

We never sell your personal data to third parties for marketing purposes.

4. Online Payment Security

Farahat Office & Co. processes online payments through PayTabs, a Payment Card Industry Data Security Standard (PCI DSS) compliant payment gateway.

4.1 Payment Protection

• All credit/debit card transactions are fully encrypted and processed securely
• Your complete credit card number is never visible to Farahat Office & Co. staff
• PayTabs uses 3D Secure technology for enhanced fraud protection
• Transaction data is encrypted and stored within PayTabs' secure banking infrastructure
• All funds are transferred directly from your card to our UAE bank account (PayTabs never holds funds)

4.2 Accepted Payment Methods

We accept Visa and MasterCard credit/debit cards, and bank wire transfers (AED and USD).

4.3 Third-Party Payment Privacy

PayTabs has its own privacy policy governing payment data. Review their policy at: https://www.paytabs.com/policy

5. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance user experience and analyze website performance.

5.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality (login, security, form submissions)
• Analytics Cookies: Google Analytics to understand visitor behavior and improve our website
• Functional Cookies: Remember your preferences (language selection, location)
• Marketing Cookies: Measure advertising effectiveness (only with your consent)

5.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.

For detailed information, see our Cookie Policy.

6. Your Privacy Rights

Under UAE data protection laws and GDPR principles, you have the following rights:

6.1 Right to Access

You can request a copy of all personal data we hold about you, including how we obtained it and how we use it.

6.2 Right to Rectification

If your personal information is inaccurate or incomplete, you have the right to request corrections.

6.3 Right to Erasure ("Right to be Forgotten")

You may request deletion of your personal data, subject to legal and regulatory retention requirements for audit records.

6.4 Right to Restrict Processing

You can request that we limit how we use your personal data in certain circumstances.

6.5 Right to Data Portability

You can request your data in a structured, machine-readable format for transfer to another service provider.

6.6 Right to Object

You can object to processing of your data for marketing purposes or when processed based on legitimate interests.

6.7 Right to Withdraw Consent

If we process your data based on consent, you can withdraw that consent at any time.

How to Exercise Your Rights

To exercise any of these rights, contact our Data Protection Officer:

We will respond to your request within 30 days.

7. International Data Transfers

While Farahat Office & Co. primarily operates within the UAE, we may transfer data internationally in these situations:

• Cloud service providers with servers outside the UAE (with appropriate safeguards)
• Parent company operations across Middle East and Asia
• Cross-border audit engagements for multinational clients (with your authorization)

All international transfers comply with UAE data protection standards and include appropriate security measures such as:

• Standard Contractual Clauses (SCCs)
• Data Processing Agreements (DPAs)
• Adequacy decisions for countries with equivalent data protection laws

8. Children's Privacy

Our services are designed for businesses and professionals. We do not knowingly collect personal information from individuals under 18 years of age. If you believe we have inadvertently collected data from a minor, please contact us immediately.

9. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations.

• Notification: Material changes will be announced via email to registered clients and posted on our website
• Effective Date: Changes become effective 30 days after posting unless otherwise stated
• Review Regularly: We encourage you to review this policy periodically

Last Updated: November 16, 2025

10. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:

11. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of the United Arab Emirates. Any disputes arising from this policy or our data practices shall be subject to the exclusive jurisdiction of the Dubai Courts.