This statement describes Kaelo Global’s position under the European Union’s General Data Protection Regulation (GDPR) and equivalent data-protection laws in the jurisdictions where we operate. For our general privacy practice, see our Privacy Policy.
1. Scope
This statement applies where Kaelo Global processes personal data of individuals located in the European Economic Area, the United Kingdom, or in jurisdictions with equivalent data-protection regimes (for example, the UAE Federal Data Protection Law and the DIFC Data Protection Law).
2. Controller
For personal data submitted directly to Kaelo Global through this website, by email or in writing, Kaelo Global is the controller. The point of contact is privacy@kaeloglobal.com.
3. Categories of personal data we process
The categories of personal data we process are described in our Privacy Policy. We do not knowingly process special-category data through this website.
4. Legal bases
We rely on the following legal bases for processing personal data, depending on the activity:
- Consent. Where you have submitted information through the website, by email, or via a form.
- Legitimate interest. For the day-to-day operation of the enterprise, including security, audit and counterparty correspondence.
- Legal obligation. Where we are required by law to retain or disclose data — for example, in connection with audit, regulatory inspection, or court process.
- Performance of a contract. Where you have entered into an engagement with one of our operating divisions.
5. Transfers outside the EEA / UK
Kaelo Global is headquartered in the UAE and operates from five offices on four continents. Personal data submitted to us is processed in the jurisdiction of the relevant operating division, which may be outside the EEA or the United Kingdom. Where required by law, transfers of personal data outside the EEA or the United Kingdom are protected by appropriate safeguards (for example, standard contractual clauses), and information about those safeguards is available on request.
6. Your rights
Where GDPR or equivalent law applies, you have the rights of access, rectification, erasure, restriction of processing, data portability and objection to processing. You also have the right to withdraw consent at any time without affecting prior lawful processing, and the right to lodge a complaint with a supervisory authority.
7. Exercising your rights
To exercise any of the rights above: privacy@kaeloglobal.com. We respond in writing within thirty days, or sooner where the law requires. We may need to verify your identity before responding.
8. Retention
We retain personal data for as long as it is operationally relevant, and longer where legal, regulatory or audit obligations require. The detailed retention positions for the operating divisions are documented internally.
9. Updates
This statement is reviewed annually and when our data-protection practices change. The “Last updated” date at the top of this page reflects the most recent revision.
10. Contact & complaints
For any question about our handling of personal data, or to make a complaint: privacy@kaeloglobal.com. If you are not satisfied with our response, you may also lodge a complaint with your local data-protection supervisory authority.