Privacy Policy

This Privacy Policy outlines how Dominion Financial Services L.L.C (the “Company”, “we”, “us”, or “our”) collects, processes, uses, stores, and protects your personal data in accordance with applicable laws and regulations in the United Arab Emirates, including Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL).

By accessing our website, submitting your information, or registering with the Company, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.

The Company operates solely as an introducing broker and does not provide trading, execution, custody, or investment advisory services. Any financial services will be provided directly by third-party financial institutions, subject to their own terms and policies.

The Company may collect and process various categories of personal data as part of its onboarding, compliance, and operational processes. This includes, but is not limited to:

• Identification Information: such as your full name, nationality, date of birth, and other personal identifiers;
• Contact Details: such as your email address, telephone number, and residential address;
• Identification Documents: including copies of your passport, Emirates ID, or other government-issued identification;
• KYC and Due Diligence Information: including source of funds, employment details, financial profile, and other information required for regulatory compliance;
• Technical Data: such as IP address, browser type, device information, and usage data collected through our website or systems.

The Company collects such information directly from you or through authorised third-party verification providers as part of the onboarding and compliance process.

The Company collects and processes personal data for legitimate business and regulatory purposes, including but not limited to:

• Client Onboarding and Verification: to identify and verify your identity and establish a business relationship;
• Regulatory Compliance: to comply with applicable legal and regulatory obligations, including anti-money laundering (AML), combating the financing of terrorism (CFT), sanctions screening, and record-keeping requirements;
• Communication and Client Support: to communicate with you, respond to inquiries, and provide customer support services;
• Facilitating Introductions: to introduce you to third-party financial institutions and service providers in line with the Company’s role as an introducing broker;
• Operational and Service Improvement: to analyse, monitor, and improve the Company’s website, systems, and services, including enhancing user experience and security.

The Company ensures that personal data is only used for the purposes for which it was collected or for purposes that are compatible with those purposes, in accordance with applicable laws and regulations.

The Company processes personal data in accordance with applicable data protection laws and based on one or more of the following legal grounds:

• Consent: where you have provided clear and explicit consent for the processing of your personal data for specific purposes;
• Legal and Regulatory Obligations: where processing is necessary to comply with applicable laws and regulations, including AML/CFT requirements, sanctions obligations, and regulatory reporting;
• Contractual Necessity: where processing is necessary for the performance of a contract or to take steps prior to entering into a contractual relationship;
• Legitimate Interests: where processing is necessary for the Company’s legitimate business interests, such as client onboarding, relationship management, fraud prevention, and operational efficiency, provided that such interests do not override your fundamental rights and freedoms.

Where processing is based on consent, you have the right to withdraw your consent at any time, subject to applicable legal and regulatory limitations.

The Company may share or disclose your personal data where necessary for legitimate business, operational, or regulatory purposes, and in accordance with applicable laws and regulations. Such disclosures may include:

• Third-Party Financial Institutions: to which you are introduced, for the purpose of onboarding, account opening, and provision of financial services;
• Service Providers: including third-party vendors and technology providers that support the Company’s operations, such as KYC/AML verification providers (including Sumsub), IT service providers, and cloud storage providers;
• Regulatory and Government Authorities: including the Securities and Commodities Authority (SCA) and other competent authorities, where disclosure is required to comply with legal or regulatory obligations;
• Professional Advisors and Auditors: including legal advisors, compliance consultants, and external auditors, where necessary for professional or regulatory purposes;
• Affiliated Entities: where applicable, within the Company’s group, subject to appropriate safeguards.

All third parties are required to handle personal data in accordance with applicable data protection laws and are subject to appropriate confidentiality and data protection obligations.

The Company does not sell, rent, or otherwise commercially disclose your personal data to any third party.

The Company retains personal data only for as long as necessary to fulfil the purposes for which it was collected, including the provision of services, compliance with contractual obligations, and adherence to applicable legal and regulatory requirements.

Personal data shall be retained in accordance with the Company’s internal record retention policies and applicable laws and regulations in the United Arab Emirates, including anti-money laundering and regulatory record-keeping requirements. This may include retaining certain records for a minimum prescribed period following the termination of the business relationship or completion of a transaction.

Where personal data is no longer required for the purposes for which it was collected, and there is no legal or regulatory obligation to retain it, the Company will ensure that such data is securely deleted, destroyed, or anonymised in a manner that prevents unauthorised access or reconstruction.

The Company also ensures that data retention periods are periodically reviewed to ensure continued compliance with evolving legal, regulatory, and business requirements.

The Company implements appropriate technical and organisational measures to safeguard personal data against unauthorised access, disclosure, alteration, misuse, or loss. These measures are designed to ensure a level of security appropriate to the nature, sensitivity, and risk associated with the personal data processed.

Such measures include, but are not limited to, access controls, data encryption, secure storage systems, network security protocols, and regular monitoring of systems to detect and prevent potential security breaches. Access to personal data is restricted to authorised personnel strictly on a need-to-know basis and subject to confidentiality obligations.

The Company also ensures that third-party service providers who process personal data on its behalf are subject to appropriate data protection obligations and contractual safeguards.

In the event of a data breach or security incident, the Company will take prompt action to contain and mitigate the impact, investigate the incident, and comply with any applicable notification obligations under relevant laws and regulations.

Subject to applicable laws and regulations, you may have certain rights in relation to your personal data. These rights may include the right to request access to your personal data, request correction of inaccurate or incomplete information, request deletion or restriction of processing, and withdraw your consent where processing is based on consent.

You may also have the right to object to certain types of data processing, particularly where such processing is based on legitimate interests or for direct marketing purposes, where applicable.

Requests to exercise your rights must be submitted to the Company through the designated communication channels. The Company will assess and respond to such requests in accordance with applicable legal and regulatory requirements. Please note that certain rights may be limited where the processing of data is required to comply with legal, regulatory, or contractual obligations, including obligations relating to anti-money laundering and record-keeping.

The Company may transfer, store, or process personal data outside the United Arab Emirates where necessary for operational, regulatory, or service-related purposes, including sharing data with affiliated entities, partner financial institutions, or service providers.

In such cases, the Company ensures that appropriate safeguards are implemented to protect personal data in accordance with applicable data protection laws and regulatory requirements. These safeguards may include contractual protections, data transfer agreements, and ensuring that recipients are subject to adequate data protection standards.

By providing your personal data, you acknowledge and consent to such transfers, where required by applicable law.

The Company’s website or platform may contain links to third-party websites or services for your convenience and information. These third-party websites operate independently and are not controlled or maintained by the Company.

The Company does not accept any responsibility or liability for the content, privacy practices, or data handling procedures of such third-party websites. Users are encouraged to review the privacy policies and terms of use of any third-party websites they access.

Accessing third-party links is at your own risk, and the Company shall not be liable for any loss or damage arising from your use of such external websites or services.

The Company reserves the right to amend, update, or modify this Privacy Policy from time to time to reflect changes in legal, regulatory, or operational requirements, as well as changes in the Company’s data processing practices.

Any updates to this Policy will be published on the Company’s website or made available through appropriate communication channels. Where required by applicable laws or regulations, the Company will notify you of material changes.

You are encouraged to review this Policy periodically to stay informed about how your personal data is collected, used, and protected.

If you have any questions, requests, or concerns regarding this Privacy Policy or the processing of your personal data, you may contact the Company using the details below:

Email: support@dominionmarkets.ae

The Company will make reasonable efforts to respond to all inquiries and requests in a timely manner, in accordance with applicable legal and regulatory requirements.