Privacy Policy

Passportis is part of Private Financial Services, an international group of companies specializing in corporate, residence, and citizenship planning services for clients, as well as advisory services for governments worldwide. Private Financial Services operates through various legal entities, details of which are available here.

This Privacy Policy is issued on behalf of Passportis. When this document refers to «Passportis,» «PFSER Consulting,» «Private Financial Services,» «We,» «Us,» or «Our,» it is referencing the specific entity within Private Financial Services responsible for processing your data. We will inform you of the relevant entity acting as the data controller when you engage any of our services.

Your personal data may be collected, stored, and processed in different countries where we operate, subject to the local data protection laws applicable in those jurisdictions. For information about the relevant local data protection laws, please refer to the sections below.

For this Website, PFSER Consulting FZCO, based in the United Arab Emirates, acts as the data controller. You can find our full contact details in Section 16, ‘How to Contact Us’.

Our Website is structured to allow you to browse and access information without needing to identify yourself or provide personal information.

If you choose to share personal information with us, we will protect that information and use it only as described in this Privacy Policy.

We are dedicated to safeguarding your privacy and protecting your personal data. Passportis will not sell, rent, transfer, or share your information with third parties, except as outlined in this Privacy Policy.

The goals of this Privacy Policy are to:

• Explain the types of personal data Passportis collects and how we use this information (see Section 1, ‘The Personal Data We Collect From You’).
• Describe the legal basis on which your personal data is processed (see Sections 2, ‘How We Use Your Information’, and 3, ‘Legal Basis for Processing Your Personal Data’).
• Inform you of how we manage and protect your personal data.
• Clarify our legal obligations under data protection regulations, including ensuring that your personal data is processed lawfully and responsibly.
• Make you aware of your rights as a data subject (see Section 11, ‘Your Rights as a Data Subject’).

We adhere to all applicable data protection laws, including the General Data Protection Regulation (GDPR), which has been in effect since May 25, 2018. Additionally, we comply with local data protection regulations in all jurisdictions where we operate.

To ensure lawful and responsible handling of your personal data, we adhere to the following principles:

• Your data will be processed lawfully, fairly, and transparently.
• We will collect data only for valid purposes that are clearly explained and not use it in ways incompatible with those purposes.
• We will collect only relevant and limited data necessary for the stated purposes.
• We will ensure your data is accurate and kept up to date.
• We will retain your data only as long as necessary for the stated purposes.
• We will secure your data appropriately.

This Privacy Policy should be read alongside our Cookie Policy and any additional privacy notices provided at the time of specific data collection or processing. These supplementary documents will provide further details to ensure you understand how and why we use your personal data.

This Privacy Policy was last updated in January 2025.

When using our Website, you may contact us for various reasons, such as to learn more about our residence and citizenship programs, inquire about our services, pursue career opportunities, request support for press or media work, make general inquiries, or explore opportunities to become a supplier.

In the course of these interactions, we may collect and process the following types of personal data:

a. Information You Provide to Us

This includes personal information you voluntarily share, such as:

• Basic details: First name, last name, nationality, country of residence, email address, and phone number.
• Inquiry-specific details: Information about the services you are interested in or the nature of your inquiry.
• Marketing preferences: Information about your preferences for receiving marketing communications.

You may provide this information in the following scenarios:

• Filling out an inquiry form on the Website.
• Communicating with us via post, phone, email, or other methods.
• Subscribing to our services or publications.
• Requesting marketing communications from us.
• Providing feedback.
• Negotiating or entering into a contract for the supply of goods or services to us.

If you engage our services, apply for a job opportunity, or conduct business with us, we may request additional details, such as:

• Payment details: Banking information, VAT numbers, or tax IDs to process payments.
• Identification documents: Copies of your passport or national ID card for verification purposes.
• For job applicants: An up-to-date CV.

We will provide you with separate privacy notices to explain how and why such additional information will be used if it is collected. Failure to Provide Required Data:

If you are required by law or contract to provide certain personal data and fail to do so, we may be unable to provide the requested services or enter into an agreement with you. In such cases, we will notify you and, if necessary, terminate any related contract.

b. Information We Collect Automatically From the Website

When you visit our Website, we may automatically collect:

• Technical data:
  • IP address.
  • Log-in details.
  • Browser type and version.
  • URLs and clickstream data (e.g., paths to, through, and from our Website, including dates and times).
  • Information about your experience on our Website, such as page response times, download errors, visit duration, interaction data (e.g., scrolling, clicks, mouse movements), and methods used to leave pages.
• Location data:
  • General location determined from your IP address.
  • Data from your mobile device, including nearby wireless networks or cell towers when accessing the Website via mobile.

We use cookies to enhance your browsing experience and improve our Website. For more details about the cookies we use and their purposes, please refer to our Cookie Policy.

c. Information We Receive From Other Sources

We may also collect personal data about you from third parties and publicly available sources, including:

• Technical data: Collected through tools like Google Analytics, Google AdWords, Facebook Pixel, Google Tag Manager, Microsoft, LinkedIn, Gmail, and other paid media partnerships.
• Identity and background data: From publicly available records, compliance databases, or due diligence service providers (both within and outside the EU) to confirm your suitability as a client or supplier.

a. Information You Provide to Us

We use the information you provide to us for the following purposes:

• To deliver requested services: This includes facilitating and fulfilling the services you request or executing the contract we have entered into or are preparing to enter into with you.
• For legitimate interests: Where it is necessary to pursue our legitimate business interests (or those of a third party) and your fundamental rights do not override those interests.
• To comply with legal obligations: We may process your information to meet legal or regulatory requirements.
• To address issues and provide support: This includes resolving any problems you report and delivering related support services.
• To manage supplier relationships: We use this information to maintain and manage our professional relationships with suppliers.

b. Information Collected Automatically From the Website

We use the information collected automatically from your interaction with the Website to:

• Administer and maintain the Website: This includes troubleshooting issues, ensuring the security of the Website, and supporting its internal operations.
• Improve your experience: We aim to enhance the Website’s functionality and ensure content is displayed in the most user-friendly and effective manner.

c. Information Received From Other Sources

We may combine the information received from third parties with the data you provide or that we collect directly from you. This combined data will be used solely for the purposes described above in this section.

We process your personal data only as necessary to:

• Provide the services we offer and carry out the purposes described in this Privacy Policy (see Section 2, ‘How We Use Your Information’).
• Fulfill our legitimate business interests or comply with legal obligations, such as:
  • Defending or exercising legal claims.
  • Complying with court orders, legal processes, or regulatory requirements.
  • Disclosing information to government or regulatory entities when legally obligated to do so.

We generally do not rely on your consent as a legal basis for processing your personal data. However, in cases where consent is required, we will provide you with a form requesting your explicit agreement.

How We Use Your Data for Marketing

You will receive marketing communications from us if you have:

• Requested such information by providing your details through our Website and opted in to receive marketing materials, or
• Entered into a business relationship with us (e.g., through a contract), where it is within our legitimate interests to inform you about our activities, offers, or other relevant information.

We centralize marketing communications through Passportis to ensure you receive only the materials you consented to and avoid duplication. In some cases, this centralization may involve transferring your personal data outside the European Economic Area (EEA). For details on how we handle such transfers and ensure their security, refer to Section 6, ‘Transfers of Data to Third Countries’. Additionally, the Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data applies to our marketing activities because our marketing team operates in the United Arab Emirates.

Sharing Data With Third Parties for Marketing

We share your personal data with third parties for marketing purposes only with your explicit consent. This may include sharing hashed data (using the SHA256 algorithm) with marketing service providers. Third parties may use this data for:

• Storing and accessing tracking technologies,
• Conversion tracking,
• Delivering targeted advertisements,
• Improving their products to optimize our marketing campaigns.

Collected information may include details such as URLs, device types, browser information, operating systems, and IP addresses. For more details on specific service providers and their policies, refer to the Cookie Policy, which lists cookies and links to the providers’ privacy policies.

Your Rights and Consent

You have the right to:

• Access, correct, erase, or transfer your personal data held by third-party service providers.
• Object to or request restrictions on certain processing activities.

To exercise these rights, contact the respective service provider directly. You may also withdraw consent or opt out of marketing communications at any time by contacting us or clicking the unsubscribe link in our communications. Once you withdraw consent, we will stop sending marketing materials. Please note that while opting out will not affect our ability to provide services, it may limit the range or efficiency of services we can offer.

Sharing Within the Private Financial Services Group

We may share your personal data with our international offices or companies within the Private Financial Services Group of Companies. These entities may act as joint data controllers or processors, depending on the services provided. They may handle your data for administration, control, and reporting purposes, ensuring compliance with applicable laws (e.g., GDPR) and applying appropriate security measures as outlined in Section 8, ‘Data Security.’

Sharing With Government Agencies and Local Agents

To fulfill our contractual obligations and assist with residence or citizenship applications, we may share your data with:

• Government agencies and authorities: Only the necessary information will be provided for the purpose of processing your application.
• Local agents or service suppliers: These entities act as data processors and handle your information under strict confidentiality, with appropriate security measures in place as described in Section 8, ‘Data Security’.

Sharing With Third-Party Service Providers

We may also share your data with third parties acting as data controllers, including:

• Advisors and consultants: Legal, tax, real estate, immigration, or other specialists.
• Banks: For payment processing.
• Real estate entities: Agencies, owners, or developers involved in transactions you wish to pursue.

These third parties operate as independent data controllers, and their own privacy policies will govern their handling of your data.

Legal and Regulatory Disclosures

We may disclose your personal data:

• To comply with legal obligations, judgments, or orders issued by courts, tribunals, or authorities.
• To enforce our terms of use or protect our rights, property, or safety, as well as those of our partners or other Website users.
• For anti-money laundering (AML), know-your-customer (KYC), anti-bribery or corruption compliance, and fraud prevention purposes. This may include sharing data with relevant companies or organizations.

When we share your personal data with internal or external third parties, it may involve transferring your data outside the European Economic Area (EEA). We ensure that such transfers comply with applicable laws, including the GDPR, by using Standard Contractual Clauses (SCCs) issued by the European Commission. These clauses ensure that your data is securely and lawfully transferred and remains adequately protected.

To deliver the services you request, we collaborate with third parties such as cloud storage providers, analytics providers, and search engine operators. We only engage with third-party providers who:

• Comply with applicable laws in the jurisdictions where we operate.
• Adhere to GDPR standards.
• Where applicable, agree to be bound by SCCs (as described in Section 6, ‘Transfers of Data to Third Countries’), ensuring the protection and security of your personal data.

We take robust measures to safeguard your personal data against unauthorized or unlawful processing and accidental loss, damage, or destruction. These measures include:

• Secure Transmission: The transfer of information between your device and our Website is protected by Transport Layer Security (TLS) certificates. When accessed through compatible browsers, this technology provides server authentication and encrypts data, ensuring its security during transmission. Compatible browsers include Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari.
• Secure Storage: All personal data is stored in secure server environments protected by firewalls and advanced technology designed to prevent interference or unauthorized access.

While we strive to use industry-standard security measures, no method of data transmission or storage is entirely secure, and we cannot guarantee absolute security.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. This includes providing you with our services and meeting legal, accounting, or reporting obligations.

The maximum retention period is 10 years from the date of termination or completion of services. This timeframe accounts for:

• Legal claims: Retaining data for defending potential claims, considering applicable limitation periods.
• Compliance requirements: Adhering to anti-money laundering, know-your-customer, anti-bribery, corruption, accounting, and tax regulations applicable to the jurisdictions where we operate.

After the retention period expires, your data will be securely deleted or anonymized in compliance with applicable laws.

We strive to minimize the personal data we hold about you. Whenever possible, and when your data is no longer needed to identify you, we anonymize it to ensure your privacy is further protected.

Under the General Data Protection Regulation (GDPR), you are entitled to the following rights regarding your personal data:

a. Right of Access

You can request confirmation on whether Passportis is processing your personal data and obtain details on how and why it is being processed.

• To make such a request, email us.
• We will provide one electronic copy of your data free of charge. If your request is clearly unfounded, repetitive, or excessive, we may charge a reasonable fee or refuse to comply.

b. Right to Object

You can object to the processing of your personal data at any time by contacting us via email if the processing is based on:

• Legitimate interests pursued by us or a third party.
• Marketing purposes (e.g., newsletters, event updates).

Upon receiving your written objection, we will stop processing your data for these purposes.

c. Right to Correction

You have the right to request:

• Correction of any inaccurate personal data we process.
• Updating of outdated data.
• Completion of incomplete personal data, including through a supplementary statement.

d. Right to Erasure

You may request that we delete your personal data if any of the following conditions apply:

• You withdraw your consent, and no other legal basis exists for processing.
• The data is no longer necessary for the purpose for which it was collected.
• You object to processing for marketing purposes, and no overriding legitimate grounds exist.
• Your data has been processed unlawfully.
• Erasure is necessary to comply with legal obligations.

e. Right to Restriction of Processing

You can request a restriction on the processing of your personal data under the following circumstances:

• You contest the accuracy of the data, pending verification by Passportis.
• Processing is unlawful, but you prefer restriction over erasure.
• Passportis no longer needs the data for stated purposes, but you require it to establish, exercise, or defend legal claims.
• You have objected to processing, pending verification of whether our legitimate grounds override your rights.

f. Right to Data Portability

You are entitled to receive your personal data in a structured, machine-readable format and transmit it to another data controller. This right has been in effect since May 25, 2018.

If you have provided consent for the collection, processing, or transfer of your personal information for a specific purpose (e.g., marketing), you have the right to withdraw that consent at any time. You may also withdraw your consent to this Privacy Policy as a whole. To withdraw your consent, please contact us.

• Effect of Withdrawal
  Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal.
  Upon receiving your notification, we will stop processing your personal information for the specified purpose unless we have a legitimate legal basis to continue.
  If you withdraw your consent to this Privacy Policy, we may need to terminate our services with you immediately.

To improve the quality of our Website and enhance the overall user experience, we use Google Analytics advertising features. This helps facilitate event bookings and client event registrations.

• Opt-Out Options
  • You can opt out of Google Analytics for display advertising through the Google Ads Preference Manager.
  • Alternatively, download the Google Analytics opt-out browser add-on at tools.google.com.
• Withdrawal of Consent You may withdraw your consent for any of the above purposes at any time by emailing us and specifying which processing activities you wish to stop. Withdrawal does not affect the legality of data processing conducted before your withdrawal.

We welcome your feedback, including comments, complaints, or inquiries regarding data protection. Please contact us using the details provided in Section 16, ‘How to Contact Us’. We are committed to addressing your concerns promptly and thoroughly.

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and where appropriate, we will notify you via email. Please check this page regularly to stay informed of any updates.

If you have any questions, comments, or concerns about this Privacy Policy, please contact us using the details below:

PFSER Consulting FZCO
Dubai Silicon Oasis, DDP, Building A1, Dubai
Phone: +971 800 032 0886

We are here to assist with any inquiries or feedback you may have.