summary

Privacy Notice

purpose and scope

Mizzen FZE DMCC is a part of Ashon International DMCC

Ashon International DMCC (the ‘Company’ or ‘we’), a legally registered entity in the United Arab Emirates, operates in full compliance with both local regulatory requirements and the Group standards.

We are acting as the controller of personal data consider the protection of rights and freedoms of data subjects during processing of their personal data, and the implementation of data protection principles as an important condition for our personal data processing activities while achieving our business purposes.

The Notice describes the processing of personal data collected on the website ashon.ae.

All processes for processing personal data in the Company are described in the Privacy Policy.

The Privacy Notice (hereinafter referred to as “Notice”) refers to the provisions of the applicable local legislation, including:

  • Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (hereinafter referred to as “Law No. 45 PPD”).

Please read the Notice carefully so that you can understand how the Company collects and uses the personal information that you provide to us.

Any doubts on the Notice may be escalated to the personal data processing manager by email privacy@ashon.ae.

If you have any questions or need to clarify information related to processing of your personal data, please contact us using the contact details specified in the "Contact Information" section of this Notice.

In case any updates are made to the Notice, an updated version of the Notice will be posted on the Company's website ashon.ae/privacy-notice.

principles of personal data protection

We fulfil the basic principles of personal data processing by implementing the following measures to ensure the security of personal data:

Principles of the PD
processing		 Article of the
Law No. 45 PPD		 Exercise of the right
Lawfulness, fairness and transparency Article 5(1)
  • “Lawful” – we carry out processing PD only on the appropriate legal basis.
  • “Fair” – we fulfill the data subjects’ rights while processing their PD.
  • “Transparent” – before and during the PD processing, we provide the data subjects information about the PD processing, presented in clear and understandable manner.
Specific, clear and legitimate purpose Article 5(2)
  • “Specific” – we define and document all the purposes of processing PD in the company (including in this Notice);
  • “Clear” – we formulate the purpose clearly. We divide large processes into subprocesses so that data subjects clearly understand what is happening with their data.;
  • “Legitimate” – we don't process PD in a way incompatible with the purpose of processing.
Data minimization Article 5(3)
  • We process PD only if the volume of PD is consistent with the stated processing purposes.
  • For each purpose we identify the minimum volume of PD necessary to achieve these purposes of PD processing
Accuracy and relevance of PD Article 5(4, 5)
  • When processing PD, we ensure the accuracy, sufficiency and relevance of PD.
  • We assess the reliability of the source of PD, as well as respond to requests from the data subjects to rectify their PD
Data security Article 5(6)
  • When processing PD, we ensure the availability, authenticity, integrity and confidentiality of PD, and apply the necessary organizational and technical measures to protect PD
Storage limitation Article 5(7)
  • We store PD in a form that allows to identify the data subjects for no longer than it is required for the purpose of processing PD, unless the retention period is established by applicable law.
  • Upon achievement of the purposes of processing PD we delete the relevant PD

Third parties with whom your personal data may be shared
We may share your personal data with third parties when it is necessary to fulfill the purposes of the personal data processing.

Information about third parties
  • Web-site
  • Administrator
  • Services Provider
Country of establishment
  • USA
  • France
Purpose of transfer
  • Support in carrying out presales
  • Site analytics
  • Site administration
  • Processing of information from the forms on the site
Categories of personal data subjects
  • Representatives of prospective counterparties
  • Site visitors
  • Representatives of prospective counterparties
Role of the service provider Processor
Legal basis Contract

Cross-border transfer of personal data
We do not rely solely on automated processing of PD to make decisions that may have legal consequences for the data subject or impact their rights and legitimate interests.

We may transfer PD to third parties in other jurisdictions where there is special legislation in the field of PD protection in place. In cases when there is no special legislation in the field of PD protection in the destination jurisdiction, we conclude contracts with such third parties that include provisions obliging companies to comply with the requirements of the Law No. 45 PPD. The amount of PD the third parties process is strictly necessary and proportionate to the purposes of the data transfer.

When we transfer PD to third parties in other jurisdictions, we include provisions on protection and processing of PD in contracts with them. We monitor compliance with the principles of PD processing and application of the appropriate security measures by third parties.

How safe is my personal data with third parties?
We always ensure that the third party provides an appropriate level of personal data protection via concluding a contract stipulating their obligations regarding the processing and protection of personal data. When sharing your personal data with any third party with whom we have contractual relations, we request confirmation of the security measures these legal entities take to protect the personal data we provide. 

We do not share personal data with public authorities or other third parties without a proper lawful request of the authorities.

The access to the personal data by third parties is provided via specific procedures monitored by the Company.

How we shall use your data

Personal data retention
We keep your personal data only for as long as strictly necessary to fulfill the purposes that justify the processing activities. When determining the retention period of personal data, we consider in particular the amount, nature and sensibility of the personal data processed.

Categories of data subjects and purposes of processing
We do not process the following categories of personal data:

  • sensitive personal data on:
  • ideological, political or trade union-related views or activities;
  • ideological, political or trade union-related views or activities;
  • the intimate sphere or the racial origin;
  • administrative or criminal proceedings and sanctions.

We process personal data of the indicated categories of data subjects for predefined purposes:

Data Subjects Purposes of PD processing List of processed PD Storage Period Legal basis
Representatives of prospective counterparties Communication with representatives of potential counterparties (presales) Full name, company's name, job position, work email, phone number, messenger user number/ name 2 years after the last contact Consent
Communication with prospective counterparties via site ashon.ae Full name, phone number, email 2 years after the last contact Consent
Site visitors Site analytics for ashon.ae Cookies 1 month after the end of session Consent

your rights regarding the data processing

We guarantee the fulfilment of your following rights as a data subject:

Rights Article of the
Law No. 45 PPD
You can withdraw your consent to the processing of your personal data at any time. If we receive a consent withdrawal from you the processing shall no longer occur unless there is a legal requirement allowing the personal data processing continue to happen Article 6(2)
We provide the following information about the processing of your personal data:
  • the types of your personal data that is processed;
  • purposes of processing;
  • decisions made based on automated processing, including profiling;
  • the list of the third parties with which your personal data is to be shared;
  • personal data processing period;
  • procedures for correcting, erasing or limiting the processing of your personal data and objection to the processing of your personal data;
  • protection measures for cross-border processing made in accordance with Articles (22) and (23) Law No. 45 PPD;
  • procedures to be taken in the event of a breach or infringement of your personal data;
  • the process of filing complaints with the regulator
 Articles 13
We provide a copy of your personal data in a structured and machine-readable format if processing is based on the consent or contract and is made by automated means. Also, we transmit the personal data to someone else where it’s technically possible Article 14
We correct or complete inaccurate personal data. Please contact us as soon as possible if you notice any inaccuracy or incompleteness Article 15
You can ask us erase some or all of your personal data from our systems without undue delay if you:
  • think that personal data is no longer required for the purposes for which it is collected or processed;
  • withdraw consent on which the processing is based;
  • object to the processing or if we have no legitimate reasons to continue the processing;
think that we have a lack of legal bases for personal data processing or your personal data is processed in violation of the provisions of Law No. 45 PPD
You can ask us to stop or restrict using your personal data for what we have been using it for, if you object to the:
  • accuracy of your personal data;
  • processing of your personal data in violation of the agreed purposes;
  • processing for direct marketing purposes, including profiling related to direct marketing;
  • processing is made in violation of the provisions of the Law No. 45 PPD.
In case of receiving such requests, we restrict processing to confirming these facts and, if necessary, we stop processing and delete the personal data 		Article 16, 17
You can object to decisions issued with respect to automated processing that have legal consequences or seriously affect you (including profiling).
We do not rely solely on automated processing of personal data to make decisions that may have legal consequences for the data subject or impact their rights and legitimate interests (see section 4.4) 		Article 18
You can receive information about personal data breach Article 9(2)
You can file a complaint with the regulator if you have grounds to believe that we process your personal data in violation of the requirements of the Law No. 45 PPD Article 24

To exercise these rights, you need to contact the personal data processing manager at: privacy@ashon.ae. We process and respond to requests from the data subjects within one month. Considering the complexity and the number of requests, the term for the preparation of an answer to the request can be extended by two months. In this case we will notify the data subject about the reasons for the delay within one month.

When we receive your request for the exercise of your rights, we may request more specific information to confirm the identity and grant the personal data access rights.

Measures to ensure the security of personal data processed

We ensure the security of the personal data under our control via implementation of the appropriate organizational and technical measures, which include: 

  • appointment of a person responsible for the organization of personal data processing;
  • implementation of data protection policies to ensure that our personal data processing activities comply with the Law No. 45 PPD (internal policies, internal allocation of responsibilities, trainings);
  • implementation of access control;
  • implementation of encryption;
  • implementation of antivirus protection;
  • keeping the records of processing activities;
  • organization of a process of receiving and controlling the processing of data subjects’ requests;
  • assessment of personal data protection impact for personal data processing activities that involve a systematic and comprehensive assessment of the personal aspects of the data subject based on automated processing, including profiling, which would have legal consequences or would seriously affect the data subject, or if the processing will be made on a large amount of sensitive personal data;
  • ensuring data protection by design and data protection by default;
  • ensuring security of personal data transferred to third parties (see section 4.1);
  • controlling the transfers of personal data outside UAE;
  • documenting personal data breaches (if any) and their consequences, investigating them, notifying the relevant parties about leaks immediately after discovering the personal data breach, and taking measures to eliminate the consequences of personal data breaches;
  • performing planned and unscheduled audits of personal data processing activities
  • Cookies and Web Analytics

We use cookies to enhance the performance characteristics of our Website, make it more user-friendly, collect information about visits and take measures to improve the Website. Most cookies do not collect information that identifies you, but collect general information (entry method, use of our website) instead. 
More information on Cookies is provided in our Cookie Policy.

Contact details of the personal data processing manager

Any doubts regarding this Notice shall be escalated to the personal data processing manager.

Contacts of the personal data processing manager 

Email: privacy@ashon.ae

Our site uses cookies and other technologies so that we, and our partners, can remember you and understand how you and other visitors use our site and to provide you with tailored advertisements. If you have any questions and for more information on our digital advertising practices, 'Cookies' sections of our privacy policy.