R.E. Lee International
PRIVACY NOTICE

1. About Us

R.E. Lee International is a group of companies comprising R.E. Lee International (Cayman) Ltd. and its subsidiaries and affiliates, including R.E. Lee International Asia, LLC, R.E. Lee International Hong Kong Limited, R.E. Lee International (Middle East) Limited, and RELI Services Limited. In this Notice, we refer to these entities collectively as "R.E. Lee International," "R.E. Lee", "we," "our," or "us”.

We provide bespoke life insurance solutions designed to meet our clients’ needs with a global perspective and international scope. To learn more about us, please visit our Website.

We take your privacy seriously and are committed to safeguarding the confidentiality and privacy of your Personal Data.

The R.E. Lee International entity responsible for your Personal Data will depend on how you interact with us. In most cases, the entity with which you have a direct contractual relationship, or the entity that collects your Personal Data in connection with our services as specified by the applicable terms of engagement, will act as the controller of your Personal Data.

Contact details for all R.E. Lee International entities in respect of data protection or privacy matters are the same and can be found in the Contact Us Section of this Notice.

2. About This Notice

This Privacy Notice ("Notice") describes how R.E. Lee International collects, processes, and protects your Personal Data when you interact with us.

The categories of Personal Data we collect about you and how we process such data depend on the nature of our relationship with you and the means through which we interact. This may include interactions as a prospective or current client, beneficiary, professional advisor, referral partner, insurance carrier, goods or service provider, regulatory authorities, or other relevant third party, as well as your use of our website.

This is a global Privacy Notice providing information about our global privacy standards. Where local data protection laws impose additional or different requirements, these take precedence and are reflected in this Notice and, where applicable, in any jurisdiction-specific forms or disclosures provided at the time of collection.

For the purposes of this Notice, "Personal Data" means any information relating to an identified or identifiable natural person, whether held in electronic or physical form. Personal Data includes Sensitive Data and pseudonymised data. Unless stated otherwise, other terms used in this Notice will have the meaning given to them under applicable data protection laws.

Any third-party websites accessible via our website are not covered by this Notice. You should read the relevant third party’s privacy notice before providing any Personal Data.

This Notice, together with any applicable consent or collection forms provided at the time of collection, serves as the Personal Information Collection Statement (PICS) as required under the Personal Data (Privacy) Ordinance. It provides you with information about the purposes of collection, the classes of persons to whom your Personal Data may be transferred, and your rights of access and correction.

3. Sources of Personal Data Collection

We may collect Personal Data about you from the following sources:

If you wish for a third party to refrain from disclosing your Personal Data to us, please liaise with them directly. You may also exercise your rights in respect of Personal Data already disclosed to us by contacting the R.E. Lee International Data Protection contact at data@releeinternational.com.

4. Categories of Personal Data We Collect

We collect only the Personal Data that is necessary for the purposes for which it was collected. The categories of Personal Data we may collect depend on the nature of our relationship with you and may include the following.

5. How We Use Your Personal Data and the Legal Basis We Rely On

We use your Personal Data only for the purposes described in this section, and only where we have a lawful basis for doing so. We do not process your Personal Data for purposes that are incompatible with those described in this Notice.

Applicable data protection laws require us to identify a lawful basis for each processing activity. Depending on the nature of the processing, this may include your consent, the necessity of processing to perform our contractual obligations to you, compliance with a legal obligation to which we are subject, or our legitimate interests where not overridden by your rights and freedoms. The table below sets out our key processing activities, the categories of Personal Data involved, and the lawful basis applicable to each.

Processing Purpose

Categories of Personal Data

Lawful Basis

Client Identification, Onboarding, and Due Diligence: client onboarding, identity verification, source of wealth / source of funds checks, client and referral-source due diligence, suitability and client classification checks.

Personal identification and contact information; government and compliance information; financial information; travel and residency information; beneficiary and third-party information; director / ownership information; geo-location data where relevant.

Performance of a Contract; Legal Obligation; and, where required for specific disclosures or Sensitive Data, Consent

KYC / AML / CTF Screening and PEP Verification: screening against sanctions, PEP, adverse-media, and financial-crime databases; verification of nationality, residence, and related compliance information.

Personal identification and contact information; government and compliance information; PEP and screening information; publicly available information; geo-location data where relevant.

Legal Obligation; and, where permitted and appropriate, Legitimate Interests

Insurance Advisory, Underwriting Support, and Policy Placement: assessment of insurability; preparation and submission of insurance applications and associated documentation to carriers; coordination of medical examinations where applicable; communication with underwriters; negotiation and communication of insurance terms; policy placement and settlement.

Personal identification and contact information; financial and policy information; health and lifestyle information; travel and residency information; beneficiary and third-party information; government and compliance information.

Performance of a Contract; Consent and, where required for Sensitive Data, Explicit Consent

Policy Administration: administration of policies following placement, including policy delivery, annual policy reviews, changes to ownership, beneficiaries, or contact details, and management of claims, surrender, and other policy servicing requests.

Insurance and policy information; personal identification and contact information; beneficiary and third-party information; financial and policy information; correspondence and change request records; health information where relevant to the request.

Performance of a Contract; and, where required for Sensitive Data Consent

Client Relationship Management: managing and responding to client, referral partner, bank, and professional adviser enquiries and requests; maintaining records of client interactions; and supporting relationship communications connected with the services we provide.

Personal identification and contact information, including professional and employment information; policy information; correspondence records; contract information; beneficiary and third-party information where relevant.

Performance of a Contract; and, where permitted and appropriate, Legitimate Interests

Compliance with Legal and Regulatory Obligations: meeting obligations under applicable laws and regulations; responding to regulatory enquiries; making mandatory disclosures to authorities; supporting internal compliance reviews; and cooperating with court orders and legal processes, as necessary or as permitted by law.

Personal Data necessary to meet the relevant obligation, which may include personal identification and contact information; government and compliance information; financial and policy information; health information where relevant; contract information; director / ownership information; and beneficiary and third-party information.

Legal Obligation; and, where permitted and appropriate, Legitimate Interests

Where processing activities described in this Notice rely on legitimate interests as a lawful basis in other jurisdictions, R.E. Lee International relies on a different lawful basis in China, such as consent, necessity for the conclusion or performance of a contract, or compliance with legal duties or obligations, as applicable under the PIPL.

You may withdraw your consent at any time by contacting the R.E. Lee International Data Protection contact at data@releeinternational.com. Please note that the withdrawal of your consent does not affect the lawfulness of processing carried out prior to withdrawal, nor processing conducted on other lawful grounds.

Wherever there is a business requirement to process your Personal Data for purposes that are incompatible with those described above, we will notify you and obtain your consent where required by applicable privacy laws prior to engaging in any such further processing.

6. Sensitive Personal Data

Where we process sensitive personal data, such as health data and, in some jurisdictions, certain financial information, we do so only for purposes relevant to the services we provide and as described in this Notice or otherwise communicated to you at the time of collection. Where required by applicable law, we will obtain your explicit or separate consent and apply additional safeguards.

7. How We Share Your Personal Data

We may share your Personal Data with the following categories of recipients, only where necessary and in accordance with the purposes described in this Notice.

The categories of Personal Data shared with each category of recipient will vary depending on the nature of the services provided and may include identification data, contact details, financial information, and health data where relevant.

Sharing may occur both within and outside the country in which your Personal Data was originally collected; where it involves a cross-border transfer, the safeguards described in Section 8 (Cross-Border Transfers of Personal Data) apply.

We do not sell your Personal Data or share it for cross-context behavioural advertising. Should this change at any point in the future, we will update this Notice or otherwise notify you of any changes, and provide you with the appropriate mechanism to exercise your right to opt-out from the sale of your Personal Data.

8. Cross-Border Transfers of Personal Data

Due to the international nature of our business, your Personal Data may be transferred to and processed in countries outside the country where it was originally collected, including between our group companies and trusted third parties such as insurance providers and service providers.

Where Personal Data is transferred internationally, we ensure that appropriate safeguards are in place in accordance with applicable data protection laws. These safeguards may include:

In limited circumstances, and where permitted by applicable law, we may rely on your explicit consent for certain international transfers, particularly where this is necessary in the context of underwriting or claims assessment or administering in-force service requests involving sensitive data.

You may request further information about the safeguards we use for international transfers by contacting the R.E. Lee International Data Protection contact at data@releeinternational.com.

9. How We Protect and Secure Your Data

R.E. Lee International has implemented appropriate technological and organisational security measures designed to protect your Personal Data against accidental or unlawful loss, misuse, alteration, unauthorised disclosure, or unauthorised access. These measures include restricting access to Personal Data on a need-to-know basis, maintaining policies and procedures governing secure data handling throughout its lifecycle, and applying safeguards such as encryption and secure communication methods where appropriate.

Access to Personal Data is limited to those R.E. Lee International employees and authorised third parties who are subject to confidentiality obligations and who process such data only on our instructions.

Data Breach Notification

We maintain procedures to detect, investigate, and respond to personal data breaches. Where required by applicable law, we will notify affected individuals and relevant supervisory authorities within applicable timeframes. Specific notification requirements may vary by jurisdiction. In the UAE (DIFC), we will notify the DIFC Commissioner of Data Protection without undue delay where a breach is likely to result in a risk to individuals’ rights and freedoms. In Singapore, we will notify the PDPC and affected individuals where a breach is likely to result in significant harm or affects 500 or more individuals. In the Cayman Islands, we will notify the Ombudsman and affected individuals within 5 days where required. In Hong Kong, we will notify the PCPD and affected individuals where appropriate and in line with applicable guidance.

10. Retention and Destruction of Personal Data

We typically retain your Personal Data only for as long as is necessary, for the purposes for which it was collected, and in line with legal, regulatory, and legitimate business requirements. This will usually be for the duration of your relationship with us plus the length of any applicable statutory limitation or obligation, as required or permitted by applicable privacy laws. Upon reaching the end of the relevant retention period, R.E. Lee International will take steps to dispose of your Personal Data in a secure and permanent manner, in accordance with applicable privacy and data protection laws.

The following retention periods typically apply to key categories of Personal Data:

Data Category

Retention Period

Insurance, underwriting, and policy records, including health, financial, lifestyle, travel and residency, and beneficiary information collected in connection with the assessment, placement, and administration of life insurance policies

Seven (7) years following the last of: withdrawal or decline of the application; settlement of a claim; surrender, cancellation, or lapse of the policy; or transfer of policy service obligations to another provider.

Client relationship, KYC, AML, and compliance records, including identification, government identifier, and due diligence information

Seven (7) years following the termination of the client or client referral partner relationship.

Contract information

Seven (7) years following the termination of the contractual relationship.

Complaints records

Six (6) years following resolution of the complaint.

11. Individual Privacy Rights

Depending on where you are located and subject to applicable conditions and exemptions, you may have some or all of the following rights in relation to your Personal Data.

INDIVIDUAL PRIVACY RIGHTS

Right to Information/Confirmation of processing

The right to receive the information set out in this Notice regarding our processing of your Personal Data.

Right to Access

The right to receive a copy of or otherwise access Personal Data we hold about you.

Right to Correct

The right to request that we correct or complete inaccurate Personal Data we might hold about you.

Right to Delete/ Erase

The right to request us to delete or remove Personal Data where there is no lawful reason for us continuing to process it.

Right to Restrict Processing

The right to ask us to suspend the processing of your Personal Data in specific circumstances.

Right to Data Portability

The right to obtain and reuse your Personal Data for your own purposes across different services

Right to Object / Opt-Out

The right to opt out of our processing of your Personal Data in certain circumstances (e.g. direct marketing, Personal Data sale, automated decisions, profiling).

Right to Withdraw Consent

The right to withdraw consent at any time that you may have provided to us for processing your Personal Data (where the Legal Basis we rely on is consent).

Right to Lodge Complaint

The right to lodge a complaint with a competent supervisory authority and, where applicable under local law, to request review or appeal of a decision relating to your Personal Data.

Rights related to Automated Decisions

Where applicable, the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or similarly significant effects on you, or to request an explanation and object where provided by law.

Please note that the availability, scope, and conditions applicable to these rights vary by jurisdiction. To exercise any of your data protection rights, please contact data@releeinternational.com. We will respond to requests in accordance with applicable law and aim to do so within one (1) calendar month of receipt. This period may be extended by a further two (2) calendar months where a request is particularly complex or where we have received a significant number of requests. We will notify you of any extension and the reason for it.

We may need specific information from you to verify your identity before processing your request. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.

No fee is normally payable to exercise your rights, although we reserve the right to charge a reasonable fee, or to decline to comply, where a request is manifestly unfounded or excessive.

12. Contact Us

If you have any questions, concerns, or complaints regarding this Notice, or wish to exercise your data protection rights, please contact the R.E. Lee International Data Protection contact:

R.E. Lee International Data Protection email: data@releeinternational.com

You also have the right to lodge a complaint with a competent supervisory or enforcement authority and, where local law provides, to seek review or appeal in relation to the handling of your Personal Data.

Jurisdiction

Relevant Supervisory or Enforcement Authority

Singapore

Personal Data Protection Commission (PDPC)

UAE (DIFC)

DIFC Commissioner of Data Protection

Hong Kong

Privacy Commissioner for Personal Data (PCPD)

China

Cyberspace Administration of China (CAC)

Cayman Islands

Office of the Ombudsman (Cayman Islands)

13. Updates to This Notice

This Privacy Notice was last updated in June 2026. We may update or amend this Notice from time to time to reflect changes to how we process your Personal Data, changes to our business operations, or changes in applicable legal requirements. Any material updates will be posted on our website. Where required by applicable law, we will notify you of material changes directly.

PRIVACY NOTICE – R.E. LEE INTERNATIONAL (MIDDLE EAST) LTD.

This Privacy Notice is provided by R.E. LEE INTERNATIONAL (MIDDLE EAST) LTD. (RE Lee International, 'we' or 'us'). We are a 'Controller' for the purposes of the DIFC Data Protection No 5 of 2020 (also referred to as the "Data Protection Law"). We take your privacy very seriously. We ask that you read this Privacy Notice carefully as it contains important information about our Processing and your rights.

How to contact us
If you have any questions about this Privacy Notice, how we handle your personal data, or would like to exercise any of your rights, please contact:

Data Protection Manager Mary Wilson
Address: Al Fattan Currency House
Tower 1, Mezzanine Level,
Office M07 DIFC,
Sheikh Zayed Road, Dubai
Telephone number: + 971 4388 9040
Email: data@releeinternational.com

Changes to the Privacy Notice
The latest version of the Privacy Notice can be found here on our website at https://www.releeinternational.com/en/ We may change this Privacy Notice from time to time. We therefore recommend that you check this Privacy Policy on a regular basis.

Current Version: June 2021

USEFUL WORDS AND PHRASES

We have listed below certain words and phrases that have particular meanings in the Data Protection Law and are used throughout this Privacy Notice: 

Term

Definition

Commissioner 

This means the DIFC commissioner, appointed by the President of the DIFC pursuant to article 43 (1) of the Data Protection Law to administer and enforce the Data Protection Law. 

Controller 

This means any person who alone or jointly with others determines the purposes and means of the Processing of Personal Data. In this case, we are the Controller.

Data Protection Law

This means the DIFC Data Protection Law No. 5 of 2020 as may be amended.

Data Subject

This means the person to whom the personal data relates.

Identifiable Natural Person 

This means a natural living person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one (1) or more factors specific to his biological, physical, biometric, physiological, mental, genetic, economic, cultural or social identity (and "Identified Natural Person" is interpreted accordingly).

Personal Data

This means any information any information referring to an identified or Identifiable Natural Person.

Processing

This means any operation or set of operations performed upon personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage and archiving, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, transfer or otherwise making available, alignment or combination, restricting (meaning the marking of stored personal data with the aim of limiting Processing of it in the future), erasure or destruction, but excluding operations or sets of operations performed on personal data by:

(a) a natural person in the course of a purely personal or household activity that has no connection to a commercial purpose; or

(b) law enforcement authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and preventing threats to public security.

Special Categories of Personal Data

This means any information relating to:

  • racial or ethnic origin or communal origin; 

  • political affiliation or opinions;

  • religious beliefs or beliefs of a similar nature;

  • criminal record;

  • trade union membership;

  • physical or mental health or condition;

  • sexual life; and

  • genetic data or biometric data to uniquely identify you.

WHAT PERSONAL DATA WE COLLECT AND WHAT WE USE IF FOR:  

We may collect, use, store and transfer different kinds of personal data about you, which we have been provided with as follows: 

 


 

HOW WE KEEP YOUR PERSONAL DATA SECURE:

We implement appropriate technical and organisational measures in order to protect your Personal Data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of Processing. We aim to ensure that the level of security and the measures adopted to protect your Personal Data are appropriate for the risks presented by the nature and use of your Personal Data.

 

WHY DO WE PROCESS YOUR PERSONAL DATA:

We use your Personal Data for the following purposes listed in this section. We are allowed to do so on certain legal bases (please see section 'How is Processing your data lawful' for further detail): 

 

Origin of Data 

Why do we need it? 

Lawful basis for Processing

Application Form and 

Insurability Questionnaire 

to respond to your enquiries, to provide you with our advisory services 

  1. Processing is necessary for the performance of a contract we have with you; 

  2. Processing is necessary to fulfil our legitimate business interests;

  3. Processing is necessary to comply with a legal obligation (Tax and VAT collection);

  4. Processing is required for the purposes of preventive or occupational medicine, the assessment of the working capacity of an employee, medical diagnosis, the provision of health or social care or the treatment or the management of health or social care systems and services;

  5. Processing is required for protecting members of the public against dishonesty, malpractice, incompetence or other improper conduct of persons providing insurance, investment, management consultancy including any resulting financial loss.

to communicate with you

  1. We have your consent to do so;

  2. Processing is necessary for the performance of a contract we have with you; 

  3. Processing is necessary to fulfil our legitimate business interests.

to screen the information you provided for potential risk or fraud

  1. Processing is in our business legitimate interests;

  2. To comply with our legal obligation; 

  3. Processing is required for protecting members of the public against dishonesty, malpractice, incompetence or other improper conduct of persons providing insurance, investment, management consultancy including any resulting financial loss.

Device Information

to help us screen for potential risk and fraud (in particular, your IP address)

Processing is in our business legitimate interests;

To comply with our legal obligation.

to improve and optimise our Site (for example, by generating analytics about how our customers browse and interact with the Site..

Processing is in our business legitimate interests.

Information collected via comments/feedback

to manage and improve our services and the way we communicate with you. 

Processing is in our business legitimate interests.

 

HOW IS PROCESSING YOUR PERSONAL DATA LAWFUL:

We are allowed to Process your Personal Data and any Special Categories of Personal Data based on the following legal bases for the purposes explained in this Privacy Policy. 

 

You can object to Processing that we carry out on the grounds of legitimate interests. See the section headed "Your Rights" to find out how.

 

 

 

ORGANISATIONS THAT WE MAY SHARE YOUR DATA WITH:

We use processors to support our IT systems and operate our website, such as website hosting and our IT services providers. Some of these service providers may Process your Personal Data as part of the services they offer to us. We take steps to ensure that our service providers treat your Personal Data in accordance with the law, only use it in accordance with our contract with them and keep it secure. If you would like to know the names of our other service providers, please contact us (see section "How to Contact Us"). 

 

Your Personal Data is transferred outside of the DIFC and the UAE for us to provide you with our services : 

 

Any transfer of your Personal Data outside the DIFC and the UAE will be carried out in accordance with the law to safeguard your privacy rights and give you remedies in the unlikely event of a security breach or to any other similar approved mechanisms.]

 

RETENTION AND DELETION OF YOUR PERSONAL DATA:

We only retain your Personal Data for as long as we need it by law. The following categories of Personal Data will be kept for the following periods and will be securely deleted/ destroyed after the expiry of the retention period: 

Data we Process 

How long this will be held for

Device Information (cookies/analytics data)

Thirty (30) days. 

Contract Information

Six (6) years after the last of the following: 

  1. an application is withdrawn or declined;

  2. a claim is settled;

  3. a policy is surrendered or cancelled;

  4. the policy service obligations are transferred to another distributor or service provider. 

Information from enquiry forms

Until the enquiry has been completed and no further responses are received for a reasonable period. If you are an existing customer, the enquiry may be added to the other contract information that we hold about you as a customer.

Complaints data

For a period of up to 6 years after resolution of the complaint. If you are an existing customer, the complaint and its resolution may be added to the other contract information that we hold about you as a customer.

 

YOUR RIGHTS:

You have the following legal rights under the Data Protection Law in relation to your Personal Data. You can exercise these rights free of charge, by contacting us (please see "How to contact us"). We will respond to any rights that you exercise within a month of receiving the request unless the request is particularly complex, in which case we will respond within three months (in accordance with Article 33 (7) of the Data Protection Law). 

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

 

Please be aware that there are exceptions and exemptions that apply to some of these rights, which we will apply in accordance with the Data Protection Law.

 

YOUR DATA PROTECTION RIGHTS

WHAT DOES THIS MEAN?

  1. Right to be informed

You have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Data and what your rights are. This is why we are providing you this Privacy Notice.

  1. Right of access

You have the right to obtain access to your personal data we Process and certain other information (similar to that provided in this Privacy Notice).

This is so you are aware and can check that we are using your information in accordance with Data Protection Law. 

You may ask for:

  • A copy of your information;

  • Details of the purpose for which it is being Processed;

  • Details of the recipients or classes of recipients to whom it is or could be disclosed, including if they are overseas and what protections they have in place;

  • The period for which it is held (or the criteria which determines this);

  • Any information available about the source of the data; and

  • Whether we carry out any automated decision-making or profiling, and where we do information about the logic involved and the outcome or consequences of that decision or profiling. 

To help us find the information, please give us as much information as possible about the type of Personal Data you would like to see. 

  1. Right to rectification

You are entitled to have your information corrected if it is inaccurate or incomplete. If you would like us to do this, please contact us (see section "How to Contact Us").  

  1. Rights to ask us to stop contact you with direct marketing 

You can ask us to stop contacting you for direct marketing purposes. If you would like to do so, please contact us. Alternatively, you can also click the 'unsubscribe' button at the bottom of the email newsletter. It may take up to 7 days for this to take place. 

  1. Right to erasure

This is also known as the 'right to be forgotten' and, in simple terms, enables you to request the deletion or removal of your information where: 

  • You do not believe that we need your data in order to Process it for the purposes set out in this Privacy Notice;

  • If you had given us consent to Process your Personal Data, you withdraw that consent and we cannot otherwise legally Process your Personal Data;

  • You object to our Processing and we do not have any legitimate interests that mean we can continue to Process your Personal Data; or

  • Your Personal Data has been Processed unlawfully or have not been erased when it should have been. 

  1. Right to restrict Processing

You have rights to 'block' or suppress further use of your information. When Processing is restricted, we can still store your information, but may not use it further. You may request that we stop Processing your Personal Data temporarily if: 

  • You do not think your Personal Data is accurate. We will start Processing again once we have checked whether or not the Personal Data is accurate;

  • The Processing is unlawful but you do not want to erase your Personal Data;

  • We no longer need the Personal Data for our Processing, but you need the data to establish, exercise or defend legal claims; or 

  • You have objected to the Processing because you believe that your interests should override RE Lee International's legitimate interests. 

  1. Right to data portability 

You have rights in certain circumstances to obtain and reuse your Personal Data for your own purposes across different services. 

  1. Right to object to Processing

You have the right to object to certain types of Processing, including Processing based on our legitimate interests only. 

  1. Right to withdraw consent

If you have given your consent to anything we do with your Personal Data, you have the right to withdraw your consent at any time (although if you do so, that does not mean anything we have done with your Personal Data with your consent up to that point is unlawful.)

We will contact you via electronic means (SMS or email) to allow you to assess the consent, which you have given us. 

  1. Non-Discrimination 

You have the right not to be discriminated against if you decide to exercise any of the rights mentioned above, including being:

  1. denied any products or services; 

  2. charged different prices or rates for goods or services;

  3. provided with a less favourable level or quality of products or services; or

  4. suggested that you will receive a less favourable price or rate for products or services because of your exercising of your rights. 

 

Notification to the Commissioner

It is important that you ensure you have read this Privacy Notice. If you do not think that we have Processed your Personal Data in accordance with this Privacy Notice, you should let us know as soon as possible. You also have the right to notify the Commissioner's Office of our breach by phone: +971 4 362 2222 or by email: commissioner@dp.difc.ae