Privacy Policy

Last Updated: 21/05/2025

Secure Resources Group (“SRG”, “we”, “us”, or “our”) is committed to maintaining the highest standards of privacy and data protection in accordance with applicable legal and regulatory frameworks, including but not limited to the United Arab Emirates Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (“PDPL”), and, where relevant, globally recognized best practices.

This Privacy Policy constitutes a detailed explanation of the methods, procedures, intentions, and operational standards applied by SRG in relation to the collection, processing, storage, retention, transmission, and disclosure of personal data pertaining to individuals interacting with us directly or indirectly across digital and physical platforms, including but not limited to users of our website at https://srgi.com.

 Purpose and Scope

This Privacy Policy is intended to serve as a comprehensive statement of SRG’s data governance practices. It applies to all individuals who access, browse, or otherwise engage with our website or who provide their personal data to SRG via email, online forms, commercial transactions, business correspondence, or any other means of communication.

The scope of this policy encompasses data subjects including but not limited to:

  • Prospective, current, and former clients and customers
  • Employees, contractors, vendors, suppliers, and consultants
  • Business partners, affiliates, and institutional stakeholders
  • Job applicants and former candidates
  • Users of SRG’s digital services and contact interfaces

Definition of Personal Data

For the purposes of this Policy, “Personal Data” shall be defined in accordance with Article 1 of the PDPL, which includes any data that enables the identification of a natural person, either directly or indirectly, such as names, identification numbers, location data, online identifiers, or any other characteristics specific to the individual’s physical, physiological, genetic, mental, economic, cultural, or social identity.

Categories of Data Collected

The personal data collected by SRG may include, but is not limited to, the following categories:

– Identifying Information
Full name, date of birth, job title, company affiliation, physical and mailing addresses, and nationality.

– Contact Information
Email addresses, phone numbers (mobile and landline), and fax numbers.

– Technical and Digital Identifiers
IP addresses, browser type and version, time zone settings, operating system details, device identifiers, usage logs, clickstream data, cookies, and metadata.

– Business and Financial Information
Company name, professional credentials, tax ID numbers, banking details (only if voluntarily provided for contractual purposes), project history, and commercial interests.

– Employment and Recruitment Information
Curriculum vitae, references, educational background, certifications, and professional experience.

– Special Category Data
SRG does not intentionally collect special categories of data as defined under the PDPL (e.g., biometric data, religious beliefs, health data) unless required by law or regulatory obligations and only with explicit consent.

Method of Collection

Personal data may be collected through multiple vectors, including but not limited to:

  • Online forms and applications submitted via our website
  • Direct email or telephonic communication
  • Responses to marketing campaigns or surveys
  • In-person meetings, business cards, and networking events
  • Business agreements, proposals, and service contracts
  • Recruitment platforms or employee onboarding documents
  • Automatically via cookies and tracking tools embedded in our website

Purpose of Processing

SRG processes personal data for a variety of legitimate business and legal purposes, including but not limited to:

  • Responding to service inquiries and client requests
  • Managing contracts, projects, and ongoing business relationships
  • Processing employment applications and recruitment assessments
  • Monitoring, enhancing, and securing digital platform performance
  • Managing marketing communications and client engagement
  • Complying with statutory and regulatory obligations applicable in the UAE and other jurisdictions

The processing of personal data is based on lawful grounds, including consent (where applicable), necessity for contract performance, compliance with legal obligations, and the legitimate interests pursued by SRG.

Legal Basis for Processing

Pursuant to the PDPL, SRG relies on the following legal bases to justify the processing of personal data:

  • Consent– where the data subject has provided clear and unambiguous permission
  • Contractual Necessity– to fulfill pre-contractual and contractual obligations
  • Legal Obligation– compliance with statutory or regulatory requirements
  • Legitimate Interest– operational efficiency, IT security, and business intelligence

In instances where consent is the legal basis, data subjects may withdraw their consent at any time without affecting the lawfulness of prior processing.

Data Sharing and Disclosure

SRG may disclose personal data to the following entities for the purposes stated above:

  • Internal business units, departments, and authorized personnel
  • Professional advisors including legal counsel, auditors, and consultants
  • Third-party service providers offering IT, cloud hosting, HR, or marketing support
  • Financial institutions for payment or invoicing purposes
  • Government authorities or regulators where legally required
  • Business affiliates and partners for project collaboration (only with strict data handling agreements)

All third parties are contractually obligated to maintain the confidentiality, integrity, and security of the data provided.

International Data Transfers

Where the processing of personal data involves transfer outside the UAE, SRG shall:

  • Ensure that the receiving country provides an adequate level of protection as per Cabinet Decision No. 6 of 2022
  • Execute data transfer agreements incorporating Standard Contractual Clauses or equivalent protections
  • Maintain internal transfer risk assessments to validate ongoing adequacy

Data Retention

SRG retains personal data only for the duration necessary to fulfil its stated purposes or to satisfy legal, contractual, or compliance obligations. The retention period may vary based on:

  • Applicable laws and regulatory frameworks
  • Contractual obligations with clients or partners
  • Nature and sensitivity of the data involved
  • Risk level and security classification

Upon expiration of the retention period, SRG shall dispose of the data securely through deletion, anonymization, or archival in accordance with industry’s best practices.

Your Rights as a Data Subject

In accordance with the UAE PDPL, you have the following rights:

  • Right to Access– request access to your personal data and obtain information about its use
  • Right to Rectification– request correction of inaccurate or incomplete data
  • Right to Erasure– request deletion of your data under specific circumstances
  • Right to Restriction– request that we limit how your data is processed
  • Right to Object– object to certain types of processing, including direct marketing
  • Right to Portability– receive your data in a structured, machine-readable format
  • Right to Lodge a Complaint– with the UAE Data Office or relevant supervisory authority

Requests to exercise any of the above rights may be submitted using the contact details. SRG reserves the right to verify identity and assess the nature of the request before proceeding.

Data Security Measures

SRG maintains a multi-layered security framework to protect the confidentiality, availability, and integrity of personal data. Measures include:

  • Role-based access controls
  • Secure socket layer (SSL) encryption
  • Firewall and intrusion detection systems
  • Physical access restrictions at data centers
  • Regular risk assessments and vulnerability testing
  • Internal data handling and confidentiality policies

In the event of a data breach that poses a high risk to your rights and freedoms, SRG will notify you and the UAE Data Office in accordance with regulatory requirements.

Cookies and Digital Technologies

SRG uses cookies and related technologies to improve website performance and personalize user experience. By continuing to use our site, you consent to our use of cookies unless you disable them in your browser settings.

Types of cookies used:

  • Essential Cookies– necessary for basic site functionality
  • Performance Cookies– collect anonymous statistics on page usage
  • Functionality Cookies– remember user preferences
  • Targeting Cookies– used by third parties to deliver relevant content

More information is available on our standalone Cookie Policy.

Contact Information

For inquiries, data access requests, or concerns about this Privacy Policy, please contact:

Secure Resources Group
Email: xx@email.com
Website: https://srgi.com

Policy Review and Updates

This Privacy Policy is reviewed regularly and updated as necessary to reflect evolving legal requirements and SRG’s internal data practices. The version published on the website at the time of your interaction shall be deemed the authoritative version.

Accessibility Toolbar

Scroll to Top