RAA Auditing - Audit & advisory for ambitious UAE businesses

Data Protection Statement

RAA Limited and RAA Auditing of Accounts, together termed as RAA respects data privacy and is committed to protecting the individual and personal data collected through its website, offices, events, and/or provision of services. 

This Data Protection Statement, as amended from time to time (the “Data Protection Statement”), explains the manner in which RAA collects, uses, maintains, and discloses personal data obtained through its website and through the provision of its services. 

RAA adopts ADGM Data Protection Regulations, which set out similar levels of protection of Personal Data and other requirements and general principles as under the European General Data Protection Regulations (“GDPR”). 

RAA, being a Data Controller, ensures that Personal Data processed by RAA is:

  • Processed fairly, lawfully, and securely.
  • Processed for specified, explicit, and legitimate purposes in accordance with the Data Subject’s rights and not further Processed in a way incompatible with those purposes or rights.
  • Adequate, relevant, and not excessive in relation to the purposes for which they are collected or further Processed.
  • Accurate and, where necessary, kept up to date; and
  • Kept in a form that permits identification of Data Subjects no longer than is necessary for the purposes for which the Personal Data was collected or further Processed. 

RAA has a policy in place in relation to Data Protection and Information Security (“Policy”), which establishes the core concepts and principles for the systematic handling, review, storage, safety, retention, and management of data processed and documents received and/or created by RAA in the course of business, which accordingly forms its records

RAA maintains systems and controls to retain records of matters and dealings in order to fulfil its legal and regulatory obligations with respect to adequacy, access, period of retention, and security of records

Data Subject: 

The Client, the Client’s Employees as may be required per the agreement, the Client’s Directors and Beneficial Owners as may be required for RAA to comply with AML/CFT legislation, the prospective candidates under recruitment process, the user of RAA’s website, any person contacting RAA’s offices/employees, or visiting RAA’s offices or attending webinars or seminars conducted by RAA or its affiliates. 

Method of Collection of Personal Data: 

Provided by the Data Subject (where Personal Data is Processed) or by a Third Party, as applicable, via website enquiry, email, in hard copy, or over a phone conversation. 

Types of Personal Data (including Sensitive Personal Data) to be Processed: 

Typically, RAA may process the following Personal Data as part of provision of services including recruitment, accounting, VAT, compliance and authorization support, processing of visas, marketing of its services, sending information about events or publications, discussing proposed services, etc.: 

  • Name
  • Place and date of birth
  • Nationality and citizenship
  • Passport number, dates of issue and expiry, issuing authority/place
  • Other ids numbers, dates of issue and expiry, issuing authority/place
  • Address, mobile and other phone numbers, email ids
  • Religion (if voluntarily mentioned in the cv – this information is not requested by RAA, except for visa processing services)
  • Bank name and account number (for recruitment services, hiring staff for RAA)
  • Marital status (for recruitment services, hiring staff for RAA)
  • Employer, designation, and salary (for recruitment services, hiring staff for RAA) 

Processing of Personal Data: 

RAA may receive Personal Data (including Sensitive Personal Data) via email or in hard copy, or over a phone conversation; store this information on RAA’s server including email server; transfer this information within RAA entities for marketing of its services, sending information about events or publications, discussing proposed services; to banks (when processing payroll payments); to authorities (in compliance with regulations including AML/CFT regulations; or as part of regulatory and compliance services in authorization and other services for financial services providers and DNFBPs and for VAT services), where applicable and relevant to any transfers of data; to third parties (e.g. as part of recruitment services or referral/introduction to other service providers); delete this information after the due record-keeping term of 6 years is completed post termination of the relationship with RAA; and for other legitimate Processing. 

Right to Access and Rectify Personal Data: 

A Data Subject (i.e. a person whose Personal Data is being Processed) has the right to approach RAA via email at ask@raa-auditing.com and request a copy of the Data Subject’s Personal Data Processed by RAA, review it, and as necessary, rectify or erase, restrict processing, or object to processing of the Personal Data records as stored by RAA.

Cookies:

We use cookies to analyse how visitors use our website. The table below explains the cookies we use and why.

Cookie Provider Purpose Type Expiry
_ga Google Analytics Distinguishes unique users by assigning a randomly generated number. Used to calculate visitor, session, and campaign data. Analytics 2 years
_ga_T8S10TZJ67 Google Analytics Used by GA4 to persist session state and track pageviews within a session. Analytics 2 years
_gid Google Analytics Registers a unique ID used to generate statistical data on how the visitor uses the website. Analytics 24 hours
_gat Google Analytics Used to throttle request rate to Google Analytics, limiting data collection on high-traffic sites. Analytics 1 minute

We use analytics cookies to understand how visitors use our website. For more information, see our Privacy Policy.