Privacy Policy

Privacy Policy

RH & HALE Lawyers (“we”, “us” or “our”) is a licensed law firm practicing in Dubai, United Arab Emirates, specializing in real estate, property law, tenancy disputes, corporate matters and other related areas.

We are fully committed to protecting your privacy and processing your Personal Data in accordance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data Protection (PDPL), its executive regulations and all applicable laws in the UAE.
This Privacy Policy describes how we collect, use, disclose, store and protect your Personal Data when you interact with us through our website (www.rhandhale.com), email, telephone, in person meetings or any other channel.

  1. Definitions
  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Sensitive Personal Data: Personal Data revealing racial or ethnic origin, religious or philosophical beliefs, criminal records, health data, biometric or genetic data, or data concerning a person’s sex life or sexual orientation.
  • Controller: RH & Hale Lawyers, which determines the purposes and means of processing Personal Data.
  • Data Subject: The individual to whom the Personal Data relates.
  1. Information We Collect

We may collect the following categories of Personal Data:

  • Contact and Identity Information: Full name, email address, telephone number, postal address, passport copy, Emirates ID and other documents that prove identity.
  • Professional and Corporate Information: Company name, trade license and position held and registration documents of a company (where relevant to corporate clients).
  • Legal Matter Information: Information regarding legal matters, contracts, documents related to a property or tenancy leases, Court filings, correspondence in the relevant dispute.
  • Payment and Financial Data: Bank account details, payment reference, invoices and transaction information.

Please note we do not store full credit/debit card numbers, expiry dates or CVV/CVC codes. Any card payments are processed by licensed third-party payment gateways that are PCI-DSS certified.

  • Website and Technical Data: IP addresses, related cookies and device information that is collected via the different website modules.
  • Sensitive Personal Data: Only where necessary for your legal matter (e.g. health information may be relevant in some disputes) and where we have an appropriate legal basis and safeguards in place for it.
  • Other Information: Any other information you provide to us voluntarily through consultations, phone calls or emails.

We collect this information directly from you, from public sources, or from third parties (such as government registries or counterparties in legal matters) where permitted by law.

  1. Purposes of Processing and Lawful Basis

We use your Personal Data for the following purposes, in accordance with the lawful bases under the PDPL (primarily consent, and specific exceptions such as performance of a contract, compliance with legal obligations, protection of your interests, public interest, or establishment/defense of legal claims):

  • To provide legal advice, legal representation and other legal services.
  • To administer and maintain our client relationships and communications, appointments and invoicing.
  • To process the processing of payments in relation to legal fees and disbursements.
  • To comply with legal and regulatory obligations (including anti-money laundering, court orders and regulatory requirements)
  • To enhance our website, services and client experience.
  • To market our legal services (where we are required to and have your consent).
  • To defend and protect our rights and interests in respect of legal claims;
  • For internal administration and quality assurance.
  1. Consent

In cases where consent is required (in particular for marketing purposes or to process certain Sensitive Personal Data), we will seek your explicit, freely given and unambiguous consent. You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.

  1. Sharing and Disclosure of Personal Data

We may share your Personal Data with:

  • Our lawyers, employees and authorized representatives (to the extent necessary).
  • Trusted service providers and processors (IT providers, cloud storage, payment gateways, document management systems) under appropriate data processing agreements.
  • Regulatory authorities, courts, government agencies or law enforcement as required by UAE law.
  • Counterparties, experts, witnesses or other legal practitioners in the context of your matter.
  • Potential buyers or successors in the event of a merger, acquisition or transfer of our business.

We do not sell your Personal Data. International transfers of your Personal Data will be made in accordance with PDPL requirements (adequate safeguards, binding corporate rules or the explicit consent of the Data Subject where available).

  1. Data Security

We implement appropriate technical and organizational security measures to protect your Personal Data from unauthorized access, loss, misuse, alteration or disclosure. These measures include encryption, access controls, secure servers and regular security testing, among others.

In the event of a Personal Data Breach, we will notify the relevant UAE authorities and the affected individuals as required by the PDPL.

  1. Data Retention

Your Personal Data will be retained for as long as it is necessary to achieve the purposes for which it was collected, to fulfil our legal and regulatory obligations (including limitation of actions for legal claims), or as required by applicable law. After that, we will securely delete or anonymize the Personal Data.

  1. Your Rights as a Data Subject

Upon the PDPL and applicable law, you have the right to:

  • Access your personal data.
  • Ensure that your inaccurate or incomplete data is corrected.
  • Erase your personal data (subject to legal exceptions).
  • Limit or object to its processing.
  • Withdraw any consent (if applicable).
  • Data portability (in some cases).
  • Not be affected by decisions made solely by automated processing that have a significant impact on you (if applicable).

To exercise your rights, please contact us using the information below. We will respond within the timeframes provided by law and may require identification confirmation. We will not discriminate against you for exercising your rights.

  1. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to provide you with an improved browsing experience and for traffic analysis purposes. You can alter your cookie preferences by adjusting your browser settings.

  1. Children’s Privacy

Our services are not intended for children under the age of 18. We do not knowingly collect Personal Data from persons under 18 without consent from a parent or guardian.

  1. Changes to this Privacy Statement

This Privacy Statement may be revised from time to time to reflect changes in our practices or to comply with legal requirements. The revised statement will be posted on our website and will be dated with a new date of effectiveness. Use of our services after such changes constitutes your acceptance of the revised statement.

  1. Contact Us

If you have any questions or suggestions, or for the exercise of your rights, please write to us at:

RH & Hale Lawyers, Al Bakhit Center, 2nd Floor, Office No: 204, Abu Baker Al Siddique St, Deira, United Arab Emirates

Email:info@rhandhale.com

Phone: +971 585 936 611

Website: www.rhandhale.com

We may designate a Data Protection Officer (DPO). You can also contact the DPO via the above channels.