Privacy Policy

1. GENERAL PROVISIONS

1.1. This Privacy Policy (hereinafter referred to as the “Policy”) is developed and adopted by TAI Capital FZE LLC (hereinafter referred to as the “Company”, “we”, “us”, or “our”) in accordance with applicable data protection laws and regulations of the United Arab Emirates, including but not limited to the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, as well as internationally recognized standards of personal data protection.

1.2. This Policy defines the principles, purposes, legal grounds, and procedures for the processing of personal data, as well as measures implemented to ensure the security and confidentiality of such data.

1.3. The Policy applies to all personal data processed by the Company in the course of its activities, including but not limited to:

1.3.1. provision of IoT (Internet of Things) solutions;

1.3.2. telematics services and vehicle monitoring systems;

1.3.3. logistics and fleet management platforms;

1.3.4. software development, technical support, and related services;

1.3.5. operation of websites, mobile applications, and digital platforms.

1.4. This Policy applies to all individuals whose personal data is processed by the Company, including but not limited to:

1.4.1. clients and prospective clients;

1.4.2. users of the Company’s platforms, systems, and services;

1.4.3. business partners and contractors;

1.4.4. representatives of legal entities;

1.4.5. website visitors and application users.

1.5. By accessing or using the Company’s services, websites, software, or platforms, the data subject acknowledges that they have read, understood, and agree to the terms of this Policy, unless otherwise required by applicable law.

1.6. The Company processes personal data lawfully, fairly, and transparently, ensuring that such processing is limited to what is necessary in relation to the purposes of processing.

1.7. The Company ensures that personal data is:

1.7.1. collected for specified, explicit, and legitimate purposes;

1.7.2. processed only to the extent necessary to achieve such purposes;

1.7.3. accurate and, where necessary, kept up to date;

1.7.4. retained only for as long as required for the purposes of processing or as mandated by applicable law;

1.7.5. protected against unauthorized or unlawful processing, accidental loss, destruction, or damage.

1.8. The Company implements appropriate technical and organizational measures to ensure a level of security appropriate to the risks associated with personal data processing.

1.9. The Company reserves the right to amend this Policy at any time. The updated version shall be published on the Company’s official website and/or made available through other appropriate communication channels. Where required by law, the Company will notify data subjects of material changes.

1.10. This Policy shall be governed by and interpreted in accordance with the laws of the United Arab Emirates. Where applicable, consideration may also be given to internationally recognized data protection standards and best practices.

2. DEFINITIONS

2.1. For the purposes of this Policy, the following terms shall have the meanings set forth below:

2.2. “Personal Data” means any data relating to an identified or identifiable natural person, including but not limited to name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, economic, cultural, or social identity of that person.

2.3. “Data Subject” means a natural person whose Personal Data is processed by the Company.

2.4. “Processing” means any operation or set of operations performed on Personal Data, whether by automated means or not, including:

2.4.1. collection;

2.4.2. recording;

2.4.3. organization;

2.4.4. structuring;

2.4.5. storage;

2.4.6. adaptation or alteration;

2.4.7. retrieval;

2.4.8. consultation;

2.4.9. use;

2.4.10. disclosure by transmission, dissemination, or otherwise making available;

2.4.11. alignment or combination;

2.4.12. restriction;

2.4.13. erasure or destruction.

2.5. “Controller” means the entity that determines the purposes and means of the Processing of Personal Data. For the purposes of this Policy, the Company acts as the Controller unless otherwise specified.

2.6. “Processor” means any natural or legal person who processes Personal Data on behalf of the Controller.

2.7. “Recipient” means any natural or legal person, public authority, agency, or other body to whom Personal Data is disclosed, whether a third party or not.

2.8. “Third Party” means any natural or legal person, public authority, agency, or body other than the Data Subject, the Controller, the Processor, and persons authorized to process Personal Data under the direct authority of the Controller or Processor.

2.9. “Consent” means any freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the Processing of their Personal Data.

2.10. “Sensitive Personal Data” means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, criminal records, biometric data, health data, or any other data classified as sensitive under applicable law, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

2.11. “Biometric Data” means Personal Data resulting from specific technical processing relating to the physical, physiological, or behavioral characteristics of a natural person, which allow or confirm the unique identification of that person.

2.12. “Data Breach” means any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored, or otherwise processed.

2.13. “Cross-Border Transfer” means the transfer of Personal Data to a country outside the United Arab Emirates.

2.14. “IoT Data” means data collected through Internet of Things devices, including but not limited to sensors, GPS trackers, telematics equipment, and other connected devices used in monitoring and analytics systems.

2.15. “Telematics Data” means data related to vehicle location, movement, performance, driver behavior, and other operational parameters collected through telematics systems.

2.16. Terms not defined in this Policy shall be interpreted in accordance with the applicable laws of the United Arab Emirates and internationally recognized data protection practices.

3. PURPOSES OF PROCESSING PERSONAL INFORMATION

3.1. The Company processes Personal Data solely for specific, explicit, and legitimate purposes in accordance with applicable laws of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

3.2. The purposes of processing Personal Data by the Company include, but are not limited to:

3.2.1. provision, operation, and maintenance of IoT (Internet of Things) solutions, telematics systems, and vehicle monitoring services;

3.2.2. delivery of logistics, fleet management, and transportation monitoring services;

3.2.3. development, customization, testing, and improvement of software, platforms, and digital services;

3.2.4. processing and management of client requests, orders, and service agreements;

3.2.5. identification and authentication of users within the Company’s systems and platforms;

3.2.6. ensuring information security, prevention of unauthorized access, fraud detection, and system integrity;

3.2.7. technical support, maintenance, and troubleshooting of services and systems;

3.2.8. communication with clients, users, and partners, including sending service-related notifications and updates;

3.2.9. compliance with contractual obligations, including performance, administration, and enforcement of agreements;

3.2.10. compliance with legal and regulatory requirements applicable in the United Arab Emirates;

3.2.11. internal administrative purposes, reporting, auditing, and business analysis;

3.2.12. improvement of service quality, user experience, and development of new products and functionalities;

3.2.13. processing of telematics and IoT data for analytics, monitoring, optimization of routes, and operational efficiency;

3.2.14. ensuring safety, security, and proper functioning of vehicles, equipment, and infrastructure;

3.2.15. management of relationships with business partners, contractors, and suppliers;

3.2.16. protection of the Company’s legitimate interests, including legal claims, dispute resolution, and enforcement of rights.

3.3. The Company shall not process Personal Data for purposes that are incompatible with those specified above unless required or permitted by applicable law or with the prior consent of the Data Subject.

3.4. Where required by applicable law, the Company shall obtain the Data Subject’s consent for specific processing activities, particularly in relation to Sensitive Personal Data or additional purposes not originally specified.

4. LAWFUL BASIS FOR PROCESSING PERSONAL INFORMATION

4.1. The Company processes Personal Data only where there is a valid lawful basis in accordance with applicable laws of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

4.2. The lawful bases for processing Personal Data by the Company include, but are not limited to:

4.2.1. the Data Subject has given consent to the processing of their Personal Data for one or more specific purposes;

4.2.2. processing is necessary for the performance of a contract to which the Data Subject is a party or in order to take steps at the request of the Data Subject prior to entering into a contract;

4.2.3. processing is necessary for compliance with a legal obligation to which the Company is subject under applicable laws and regulations;

4.2.4. processing is necessary to protect the vital interests of the Data Subject or another natural person;

4.2.5. processing is necessary for the performance of a task carried out in the public interest, where applicable under UAE law;

4.2.6. processing is necessary for the purposes of the legitimate interests pursued by the Company or a third party, provided that such interests are not overridden by the rights and freedoms of the Data Subject.

4.3. Where processing is based on consent, the Company shall ensure that such consent is:

4.3.1. freely given;

4.3.2. specific and informed;

4.3.3. unambiguous and provided through a clear affirmative action;

4.3.4. documented and capable of being demonstrated if required.

4.4. The Data Subject shall have the right to withdraw consent at any time. Withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

4.5. In cases involving Sensitive Personal Data, the Company shall obtain explicit consent from the Data Subject or rely on other lawful grounds as permitted under applicable law.

4.6. The Company shall assess and document the applicable lawful basis prior to processing Personal Data and ensure that such basis remains valid throughout the processing lifecycle.

5. CATEGORIES OF PERSONAL INFORMATION PROCESSED

5.1. The Company processes various categories of Personal Data depending on the nature of its services, including IoT solutions, telematics, vehicle monitoring, and related digital platforms.

5.2. The categories of Personal Data processed by the Company include, but are not limited to:

5.2.1. Identification data, including name, surname, username, and other identifiers;

5.2.2. Contact data, including email address, phone number, and other communication details;

5.2.3. Account and authentication data, including login credentials, account identifiers, and access rights information;

5.2.4. Contractual and transactional data, including information related to agreements, orders, billing, and payment records;

5.2.5. Technical data, including IP address, device identifiers, browser type, operating system, and log data;

5.2.6. Location data, including GPS coordinates, geolocation data, routes, and movement history collected through telematics and IoT devices;

5.2.7. Telematics data, including vehicle performance, speed, fuel consumption, mileage, driver behavior, and other operational parameters;

5.2.8. IoT data, including data collected from sensors, trackers, and connected devices used in monitoring and analytics systems;

5.2.9. Communication data, including correspondence, requests, feedback, and support interactions with the Company;

5.2.10. Usage data, including information about how users interact with the Company’s platforms, applications, and services;

5.2.11. Business-related data, including information about representatives of legal entities, partners, and contractors;

5.2.12. Audio and visual data, where applicable, including recordings from monitoring systems, cameras, or communication tools;

5.2.13. Compliance-related data, including information required to comply with legal and regulatory obligations;

5.2.14. Any other Personal Data voluntarily provided by the Data Subject in the course of using the Company’s services.

5.3. The Company may process Sensitive Personal Data only where strictly necessary and in accordance with applicable law, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

5.4. The Company does not intentionally collect Personal Data beyond what is necessary to achieve the purposes specified in this Policy.

5.5. Where the Company processes anonymized or aggregated data that does not identify a Data Subject, such data shall not be considered Personal Data under this Policy.

6. RIGHTS OF DATA SUBJECTS

6.1. The Company recognizes and respects the rights of Data Subjects in relation to their Personal Data in accordance with applicable laws of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

6.2. The Data Subject has the following rights, subject to applicable legal limitations and conditions:

6.2.1. the right to obtain confirmation as to whether the Company processes their Personal Data and to access such data;

6.2.2. the right to request correction, rectification, or updating of inaccurate or incomplete Personal Data;

6.2.3. the right to request erasure of Personal Data where such data is no longer necessary for the purposes for which it was collected or where processing is unlawful;

6.2.4. the right to restrict or suspend the processing of Personal Data in certain circumstances provided by law;

6.2.5. the right to object to the processing of Personal Data where such processing is based on legitimate interests;

6.2.6. the right to withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing prior to withdrawal;

6.2.7. the right to receive Personal Data in a structured and machine-readable format, where technically feasible, and to request transfer of such data to another controller, where applicable;

6.2.8. the right not to be subject to decisions based solely on automated processing, including profiling, where such decisions produce legal or similarly significant effects, except as permitted by law;

6.2.9. the right to lodge a complaint with the competent supervisory authority in the United Arab Emirates.

6.3. The Company shall implement appropriate procedures to enable Data Subjects to exercise their rights in a timely and transparent manner.

6.4. The Company may request verification of the Data Subject’s identity prior to processing any request related to the exercise of rights in order to ensure the security of Personal Data.

6.5. Requests from Data Subjects shall be processed within the timeframes established by applicable law. Where permitted, the Company may refuse or limit the fulfillment of a request if it is manifestly unfounded, excessive, or conflicts with legal obligations.

6.6. The exercise of Data Subject rights shall generally be free of charge. However, the Company reserves the right to charge a reasonable fee where permitted by law, particularly in cases of repetitive or excessive requests.

7. OBLIGATIONS OF THE RESPONSIBLE PARTY

7.1. The Company, acting as the Controller (hereinafter referred to as the “Responsible Party”), shall comply with applicable data protection laws and regulations of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

7.2. The Responsible Party shall implement appropriate technical and organizational measures to ensure and be able to demonstrate that Personal Data is processed in accordance with applicable law.

7.3. The Responsible Party shall ensure that Personal Data is processed in a lawful, fair, and transparent manner.

7.4. The Responsible Party shall ensure that Personal Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.

7.5. The Responsible Party shall ensure that Personal Data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

7.6. The Responsible Party shall ensure that Personal Data is accurate and, where necessary, kept up to date, and shall take reasonable steps to rectify or erase inaccurate data without delay.

7.7. The Responsible Party shall ensure that Personal Data is retained only for as long as necessary for the purposes of processing or as required by applicable law.

7.8. The Responsible Party shall ensure the integrity and confidentiality of Personal Data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

7.9. The Responsible Party shall maintain internal policies, procedures, and records of processing activities, where required by applicable law.

7.10. The Responsible Party shall ensure that access to Personal Data is limited to authorized personnel who require such access for the performance of their duties.

7.11. The Responsible Party shall ensure that employees and contractors handling Personal Data are bound by confidentiality obligations.

7.12. The Responsible Party shall conduct risk assessments and, where required, data protection impact assessments prior to implementing processing activities that may pose high risks to Data Subjects.

7.13. The Responsible Party shall ensure that any Processor engaged to process Personal Data on its behalf provides sufficient guarantees to implement appropriate technical and organizational measures and complies with applicable data protection requirements.

7.14. The Responsible Party shall notify competent authorities and, where required, Data Subjects of any Personal Data Breach in accordance with applicable legal requirements.

7.15. The Responsible Party shall cooperate with competent supervisory authorities and comply with lawful requests, investigations, and orders.

8. APPOINTMENT AND REGISTRATION OF THE INFORMATION OFFICER

8.1. The Company shall appoint a person responsible for overseeing compliance with applicable data protection laws and this Policy (hereinafter referred to as the “Information Officer” or “Data Protection Officer”, where applicable).

8.2. The Information Officer shall be appointed based on professional qualities, expert knowledge of data protection laws and practices, and the ability to fulfill the tasks assigned.

8.3. The Information Officer may be an employee of the Company or an external service provider engaged under a contractual arrangement.

8.4. The Company shall ensure that the Information Officer is properly authorized and provided with sufficient resources to perform their duties effectively and independently.

8.5. Where required by applicable law, the Company shall register or notify the appointment of the Information Officer with the competent supervisory authority in the United Arab Emirates.

8.6. The responsibilities of the Information Officer include, but are not limited to:

8.6.1. monitoring compliance with applicable data protection laws, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, and internal policies of the Company;

8.6.2. advising the Company and its employees on obligations related to Personal Data protection;

8.6.3. overseeing the implementation of data protection policies, procedures, and controls;

8.6.4. conducting or coordinating data protection impact assessments where required;

8.6.5. serving as a point of contact for Data Subjects in relation to their rights and requests;

8.6.6. cooperating with and acting as a contact point for competent supervisory authorities;

8.6.7. maintaining records related to Personal Data processing activities, where applicable;

8.6.8. monitoring data security measures and incident response procedures.

8.7. The Company shall ensure that the Information Officer operates independently and is not subject to conflicts of interest in the performance of their duties.

8.8. Contact details of the Information Officer shall be made available to Data Subjects through appropriate communication channels, including the Company’s official website.

9. SECURITY SAFEGUARDS

9.1. The Company implements appropriate technical and organizational measures to ensure a level of security appropriate to the risks associated with the processing of Personal Data, in accordance with applicable laws of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

9.2. The Company adopts a risk-based approach to information security, taking into account the nature, scope, context, and purposes of processing, as well as the likelihood and severity of risks to the rights and freedoms of Data Subjects.

9.3. The security measures implemented by the Company include, but are not limited to:

9.3.1. access control mechanisms to ensure that only authorized personnel have access to Personal Data;

9.3.2. authentication and authorization procedures for users of systems and platforms;

9.3.3. encryption and pseudonymization of Personal Data where appropriate;

9.3.4. protection of networks, servers, and infrastructure against unauthorized access, intrusion, and cyber threats;

9.3.5. regular monitoring, logging, and auditing of systems processing Personal Data;

9.3.6. secure storage and transmission of Personal Data;

9.3.7. implementation of backup and disaster recovery procedures;

9.3.8. regular testing, assessment, and evaluation of the effectiveness of security measures;

9.3.9. physical security measures to protect premises, equipment, and data storage facilities;

9.3.10. staff training and awareness programs on data protection and information security;

9.3.11. internal policies and procedures governing the handling and protection of Personal Data.

9.4. The Company shall take reasonable steps to ensure that any Processor or third party processing Personal Data on its behalf implements appropriate security measures consistent with this Policy and applicable law.

9.5. In the event of a Personal Data Breach, the Company shall:

9.5.1. promptly assess the nature and scope of the breach;

9.5.2. take appropriate measures to mitigate and remedy the breach;

9.5.3. notify the competent supervisory authority where required by law;

9.5.4. notify affected Data Subjects where required and where the breach is likely to result in a high risk to their rights and freedoms;

9.5.5. document the breach, including its causes, effects, and remedial actions taken.

9.6. The Company shall continuously review and improve its security measures to address evolving threats and technological developments.

10. TRANSFER OF PERSONAL INFORMATION TO THIRD PARTIES AND CROSS-BORDER TRANSFERS

10.1. The Company may transfer Personal Data to third parties only where such transfer is necessary, lawful, and consistent with the purposes set out in this Policy and applicable laws of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

10.2. Personal Data may be transferred to third parties in the following cases:

10.2.1. where the Data Subject has provided prior consent to such transfer;

10.2.2. where the transfer is necessary for the performance of a contract with the Data Subject or for the implementation of pre-contractual measures;

10.2.3. where the transfer is required to comply with legal obligations or lawful requests from competent authorities;

10.2.4. where the transfer is necessary to protect the legitimate interests of the Company, provided that such interests do not override the rights and freedoms of the Data Subject;

10.2.5. where the transfer is necessary for the establishment, exercise, or defense of legal claims;

10.2.6. where the transfer is made to service providers, contractors, or partners acting as Processors on behalf of the Company.

10.3. The Company shall ensure that all third parties receiving Personal Data:

10.3.1. process Personal Data only for specified purposes and in accordance with the Company’s instructions;

10.3.2. implement appropriate technical and organizational measures to protect Personal Data;

10.3.3. are bound by confidentiality and data protection obligations under applicable agreements;

10.3.4. comply with applicable data protection laws and regulations.

10.4. The Company may transfer Personal Data outside the United Arab Emirates (cross-border transfer) only where adequate safeguards are in place and in accordance with applicable legal requirements.

10.5. Cross-border transfers of Personal Data may be carried out under the following conditions:

10.5.1. the recipient jurisdiction ensures an adequate level of data protection as recognized by competent UAE authorities;

10.5.2. appropriate safeguards are implemented, including contractual clauses, binding corporate rules, or other legally recognized mechanisms;

10.5.3. the Data Subject has explicitly consented to the transfer after being informed of potential risks;

10.5.4. the transfer is necessary for the performance of a contract or implementation of pre-contractual measures;

10.5.5. the transfer is required for important reasons of public interest or to comply with legal obligations.

10.6. The Company shall take all reasonable steps to ensure that cross-border transfers do not undermine the level of protection afforded to Personal Data under applicable law.

10.7. Where required by law, the Company shall maintain records of cross-border transfers and make such information available to competent authorities upon request.

11. DATA RETENTION PERIODS

11.1. The Company retains Personal Data only for as long as necessary to fulfill the purposes for which it was collected and processed, in accordance with applicable laws of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

11.2. The retention period for Personal Data shall be determined based on the following criteria:

11.2.1. the nature and category of Personal Data;

11.2.2. the purposes for which the Personal Data is processed;

11.2.3. contractual obligations and duration of the relationship with the Data Subject;

11.2.4. applicable legal, regulatory, tax, accounting, or reporting requirements;

11.2.5. the necessity to establish, exercise, or defend legal claims;

11.2.6. legitimate business needs of the Company.

11.3. The Company may retain Personal Data for longer periods where required or permitted by applicable law or where necessary for legitimate business purposes, provided that appropriate safeguards are in place.

11.4. Upon expiration of the applicable retention period, the Company shall:

11.4.1. securely delete or destroy Personal Data;

11.4.2. anonymize Personal Data so that it can no longer be associated with a Data Subject;

11.4.3. ensure that deletion or anonymization is carried out in a manner that prevents unauthorized recovery or access.

11.5. In cases where it is not technically feasible to delete or anonymize Personal Data immediately, the Company shall ensure that such data is isolated and protected from further processing until deletion or anonymization can be completed.

11.6. The Company shall periodically review retained Personal Data to ensure that it is not kept longer than necessary.

11.7. Where required, the Company shall maintain records of retention schedules and provide such information to competent authorities upon request.

12. PROCEDURE FOR HANDLING DATA SUBJECT REQUESTS

12.1. The Company establishes and maintains procedures to ensure that Data Subjects may effectively exercise their rights in accordance with applicable laws of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

12.2. Data Subjects may submit requests regarding the processing of their Personal Data, including requests to exercise their rights, through the following channels:

12.2.1. by email to: mail@aitelcap.com;

12.2.2. via the Company’s website https://aitelcap.com/ or designated online forms;

12.2.3. by written request sent to the Company’s registered address;

12.2.4. through other communication channels designated by the Company.

12.3. Upon receipt of a request, the Company shall:

12.3.1. register and acknowledge the request;

12.3.2. verify the identity of the Data Subject submitting the request;

12.3.3. assess the scope and validity of the request;

12.3.4. process the request in accordance with applicable legal requirements.

12.4. The Company shall respond to Data Subject requests within the timeframes established by applicable law. Where permitted, such timeframes may be extended if the request is complex or involves multiple requests.

12.5. The Company may refuse to act on a request where:

12.5.1. the request is manifestly unfounded or excessive;

12.5.2. the Company is unable to verify the identity of the Data Subject;

12.5.3. compliance with the request would violate applicable laws or legal obligations;

12.5.4. the request adversely affects the rights and freedoms of others.

12.6. In case of refusal or limitation of a request, the Company shall inform the Data Subject of the reasons for such decision, unless prohibited by law.

12.7. The Company shall ensure that all requests and responses are documented and retained for audit and compliance purposes.

12.8. Requests from Data Subjects shall generally be processed free of charge. However, the Company reserves the right to charge a reasonable fee where permitted by law, particularly in cases of repetitive or excessive requests.

12.9. The Company shall take appropriate measures to ensure that communication with Data Subjects is clear, transparent, and easily accessible.

13. CONTACT INFORMATION

13.1. Data Subjects may contact the Company regarding any questions, requests, or concerns related to the processing of Personal Data, as well as for the exercise of their rights under this Policy.

13.2. The Company’s contact details are as follows:

13.2.1. Full Legal Name: TAI Capital FZE LLC;

13.2.2. Registered Address: CWS-1V-375371, 26th Floor, Amber Gem Tower, Sheikh Khalifa Street, P.O. Box 4848, Ajman, United Arab Emirates;

13.2.3. Email Address: mail@aitelcap.com;

13.2.4. Contact Phone Number: +971553064594.

13.3. Where applicable, Data Subjects may also contact the Company’s Information Officer (Data Protection Officer):

13.3.1. Name: Maksimov Evgenii Sergeevich;

13.3.2. Email Address: mail@aitelcap.com;

13.3.3. Contact Phone Number: +971553064594.

13.4. The Company shall respond to inquiries and requests within reasonable timeframes and in accordance with applicable laws of the United Arab Emirates, including the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

13.5. If a Data Subject believes that their rights have been violated, they have the right to lodge a complaint with the competent supervisory authority in the United Arab Emirates.