UAE Euro Gateway™ - Privacy Policy

Last Updated: September 27, 2025
Version: 2.0
Effective Date: September 27, 2025

1. Introduction

Welcome to UAE Euro Gateway™, a Maison Jeanjean FZE LLC property (License No. 262311466888). We are committed to protecting your privacy and ensuring the security of your personal data according to the highest international standards.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:

  • Visit our website (uaeeurogateway.pro)

  • Use our services (company formation, visa processing, talent recruitment, certification programs)

  • Interact with us through our communication channels

  • Engage with our content on social media platforms

IMPORTANT: By using our services or providing your personal data, you explicitly consent to the practices described in this policy. If you do not agree with these practices, please discontinue use of our website and services immediately.

2. Data Controller

The data controller for the purposes of this Privacy Policy is:

UAE Euro Gateway™ (Maison Jeanjean FZE LLC)
License No. 262311466888
Registered Address: Amber Gem Tower - Al Rashidiya 3 - Ajman - United Arab Emirates
Contact Email: info@uaeeurogateway.com
Data Protection Officer: info@uaeeurogateway.com

3. Information We Collect

We collect and process the following categories of personal data:

3.1 Personal Identification Data

  • Examples: Full name, email address, phone number, WhatsApp number, passport details, Emirates ID, nationality, date of birth, place of birth

  • Purpose: Company formation, visa processing, identity verification, communication, and service delivery

  • Legal Basis: Contractual necessity, legal obligation, consent

3.2 Financial Information

  • Examples: Payment details (credit/debit cards, bank transfers, cryptocurrency wallet addresses), billing address, transaction history, financial statements

  • Purpose: Processing payments for services, fraud prevention, financial compliance

  • Legal Basis: Contractual necessity, legal obligation

3.3 Technical Data

  • Examples: IP address, browser type and version, device information, operating system, time zone setting, browser plug-in types, geolocation data, cookies, pixel tags

  • Purpose: Website functionality, analytics, security, fraud prevention

  • Legal Basis: Legitimate interest, consent (for non-essential cookies)

3.4 Legal and Compliance Data

  • Examples: Business license documents, Emirates ID copies, proof of address, tax residency details, beneficial ownership information, source of funds documentation, due diligence records

  • Purpose: Compliance with UAE and international regulations, KYC/AML procedures, regulatory reporting

  • Legal Basis: Legal obligation, contractual necessity

3.5 Talent Recruitment Data

  • Examples: CVs/resumes, cover letters, technical assessments, certification results, academic qualifications, work history, references, interview recordings (with consent)

  • Purpose: Recruitment services, talent matching, certification programs, employer matching

  • Legal Basis: Consent, contractual necessity

3.6 Communication Data

  • Examples: Email correspondence, chat logs, call recordings, WhatsApp messages, Telegram communications, social media interactions, support tickets

  • Purpose: Customer support, service improvements, dispute resolution, communication records

  • Legal Basis: Legitimate interest, consent, contractual necessity

3.7 Social Media and Third-Party Platform Data

When you interact with us through social media platforms, we may collect:

  • Facebook/Instagram: Profile information, interactions with our posts, messages sent to our pages

  • LinkedIn: Professional profile data, connection requests, messages, engagement data

  • WhatsApp/Telegram: Contact information, message content, delivery status

  • YouTube: Viewing behavior, comments, subscriptions to our channel

  • Google Services: Gmail interactions, Google Drive file sharing, Google Analytics data, Google Ads engagement

Legal Basis: Consent, legitimate interest for business communication

4. Legal Basis for Processing

We process your data based on the following legal grounds:

4.1 Consent (Article 6(1)(a) GDPR)

  • Marketing communications (granular consent obtained)

  • Non-essential cookies and tracking

  • Social media data processing

  • Interview recordings

  • Sharing data with potential employers

4.2 Contractual Necessity (Article 6(1)(b) GDPR)

  • Service delivery (company formation, visa processing)

  • Payment processing

  • Customer support

4.3 Legal Obligation (Article 6(1)(c) GDPR)

  • UAE regulatory compliance (DIFC, ADGM, Free Zone requirements)

  • EU tax reporting obligations

  • Anti-money laundering (AML) requirements

  • Know Your Customer (KYC) procedures

  • Data breach notifications

4.4 Legitimate Interest (Article 6(1)(f) GDPR)

  • Fraud prevention and security

  • Business operations optimization

  • Direct marketing to existing clients (with easy opt-out)

  • Website analytics (anonymized data)

Balancing Test: Our legitimate interests have been assessed against your rights and freedoms. You have the right to object to processing based on legitimate interest.

5. How We Use Your Data

5.1 Primary Purposes

5.2 Marketing Communications

We will only send marketing communications if you have:

  • ✅ Explicitly opted in via checkbox

  • ✅ Provided granular consent for each communication type

  • ✅ Not withdrawn consent

Granular Consent Options:

  • Company formation updates and news

  • Visa processing information and changes

  • Talent recruitment opportunities

  • Industry insights and market reports

  • Product updates and new services

  • Event invitations and webinars

6. Data Sharing and Disclosure

6.1 Third-Party Recipients

6.2 International Transfers

EU Adequacy Decisions: We transfer data to countries with EU adequacy decisions where possible.

Standard Contractual Clauses (SCCs): For transfers to countries without adequacy decisions, we use:

  • EU Commission SCCs (2021 version)

  • Additional safeguards including encryption

  • Transfer Impact Assessments (TIAs) conducted

Specific Transfer Scenarios:

  • UAE ↔ EU: Protected by SCCs and local data protection laws

  • USA (Google, Meta, etc.): Protected by SCCs, encryption, and platform DPAs

  • Other countries: Case-by-case assessment with appropriate safeguards

6.3 Social Media Platform Data Sharing

By interacting with us on social platforms, data is shared according to:

  • Facebook/Instagram: Meta's Data Policy

  • LinkedIn: LinkedIn Privacy Policy

  • WhatsApp: WhatsApp Privacy Policy

  • Telegram: Telegram Privacy Policy

  • YouTube/Google: Google Privacy Policy

Your Control: You can adjust privacy settings on each platform independently.

7. Data Retention

7.1 Retention Schedule

7.2 Automated Deletion

We have implemented automated systems to delete data when retention periods expire, unless legal holds apply.

8. Your Rights (Enhanced)

8.1 GDPR Rights (EU Residents)

8.2 UAE Residents' Rights

Under UAE Federal Law No. 45 of 2021:

  • Right to access personal data

  • Right to request correction

  • Right to object to processing

  • Right to lodge complaints with UAE Data Office

8.3 How to Exercise Rights

Email: info@uaeeurogateway.com
Subject Line: "Data Subject Request - [Specify Right]"
Required Information:

  • Full name

  • Email address used with our services

  • Specific request details

  • Proof of identity (for security)

9. Data Security (Military-Grade)

9.1 Technical Safeguards

  • Encryption: AES-256 for data at rest, TLS 1.3 for data in transit

  • Access Controls: Multi-factor authentication, role-based access, principle of least privilege

  • Network Security: Firewalls, intrusion detection/prevention systems, VPN access

  • Regular Security Audits: Quarterly penetration testing, annual security assessments

  • Backup Security: Encrypted backups with 3-2-1 backup strategy

  • Endpoint Protection: Advanced threat protection on all devices

9.2 Organizational Safeguards

  • Employee Training: Mandatory data protection training, regular updates

  • Background Checks: Security clearance for personnel handling sensitive data

  • Data Processing Agreements: All vendors required to sign DPAs

  • Incident Response Plan: 24/7 monitoring, defined escalation procedures

  • Business Continuity: Disaster recovery procedures, data restoration capabilities

9.3 Data Breach Response

Detection ⟹ Assessment (within 6 hours) ⟹ Containment (within 12 hours) ⟹ Notification:

  • Supervisory Authority: Within 72 hours

  • Affected Individuals: Without undue delay (if high risk)

  • Documentation: Comprehensive incident logs maintained

10. Cookies and Tracking Technologies

10.1 Cookie Categories

10.2 Third-Party Cookies

  • Google Analytics: Website performance analysis

  • Facebook Pixel: Conversion tracking and remarketing

  • LinkedIn Insight Tag: Professional audience targeting

  • YouTube Embed: Video content delivery

10.3 Cookie Management

Cookie Consent Banner: Granular choices provided for all non-essential cookies
Browser Settings: Instructions provided for cookie management
Opt-Out Links: Direct links to major advertising opt-out programs

11. Children's Privacy (Enhanced Protection)

Our services are NOT intended for individuals under 18 years old. We:

  • ❌ Do not knowingly collect data from minors

  • ❌ Do not target advertising to minors

  • ✅ Implement age verification for sensitive services

  • ✅ Will delete any inadvertently collected minor data within 30 days

  • ✅ Report any concerning activity to appropriate authorities

Parental Controls: Parents may contact us to request information about their child's data.

12. Automated Decision-Making and Profiling

12.1 Automated Processing

We may use automated decision-making for:

  • Fraud Detection: Risk scoring for transactions

  • Application Screening: Initial document verification

  • Marketing Personalization: Content recommendations

12.2 Your Rights

  • Right to request human intervention

  • Right to express your point of view

  • Right to contest automated decisions

  • Right to receive explanation of decision logic

13. Cross-Border Data Transfers (Detailed)

13.1 Transfer Mechanisms

  • Adequacy Decisions: Preferred method when available

  • Standard Contractual Clauses: EU Commission approved (2021)

  • Binding Corporate Rules: For intra-group transfers

  • Certification Schemes: When applicable

13.2 Transfer Impact Assessments

We conduct TIAs considering:

  • Local laws in destination country

  • Government access requirements

  • Additional safeguards needed

  • Alternative transfer mechanisms

14. California Privacy Rights (CCPA/CPRA)

For California residents, additional rights include:

  • Right to Know: Categories and sources of personal information

  • Right to Delete: Request deletion of personal information

  • Right to Opt-Out: Sale or sharing of personal information

  • Right to Non-Discrimination: Equal service regardless of privacy choices

  • Right to Correct: Inaccurate personal information

  • Right to Limit: Sensitive personal information use

CCPA Contact: info@uaeeurogateway.com (Subject: "CCPA Request")

15. Updates to This Policy

15.1 Notification Process

Material Changes:

  • Email notification to all users (30 days advance notice)

  • Prominent website banner

  • Social media announcements

  • Updated consent collection for new purposes

Minor Changes:

  • Website notification

  • Updated "Last Modified" date

15.2 Version Control

All previous versions maintained for audit purposes and available upon request.

16. Contact Information

16.1 General Inquiries

Email: info@uaeeurogateway.com
Response Time: 48 hours for general inquiries

16.2 Data Protection Requests

Email: info@uaeeurogateway.com
Subject: "Data Protection Request"
Response Time: 30 days maximum

16.3 Complaints and Disputes

Internal: info@uaeeurogateway.com
EU Supervisory Authority: Your local Data Protection Authority
UAE Authority: UAE Data Office (dataoffice.gov.ae)

17. Governing Law and Jurisdiction

17.1 Applicable Laws

  • UAE Residents: UAE Federal Law No. 45 of 2021 (Data Protection Law)

  • EU Residents: General Data Protection Regulation (GDPR)

  • California Residents: California Consumer Privacy Act (CCPA/CPRA)

  • Other Jurisdictions: Applicable local data protection laws

17.2 Dispute Resolution

Primary Jurisdiction: Dubai Courts, UAE
Alternative: Arbitration under Dubai International Arbitration Centre (DIAC) rules
EU Residents: Right to lodge complaints with local supervisory authorities

18. Definitions

Personal Data: Any information relating to an identified or identifiable natural person
Processing: Any operation performed on personal data
Data Controller: Entity determining purposes and means of processing
Data Processor: Entity processing data on behalf of controller
Consent: Freely given, specific, informed, and unambiguous indication of agreement
Legitimate Interest: Processing necessary for legitimate interests (subject to balancing test)

Document Control:
Version 2.0 | September 27, 2025 | Next Review: March 27, 2026

Certification: This policy has been reviewed for compliance with GDPR, UAE Data Protection Law, and international best practices.

Contact for Legal Review: info@uaeeurogateway.com

Skilled talent, Global reach and Business Optimization.

UAE EURO GATEWAY A Maison Jeanjean FZE LLC Property — License No. 262311466888 - UAE

For Companies
For Talents
Certification
Privacy Policy
Terms & Conditions