ADIA LAB WEBSITE PRIVACY POLICY

 THE PURPOSE OF THIS POLICY

This ADIA LAB Website Privacy Policy (“Policy”) is to make you aware of what personal data we, the ADIA Lab RSC Limited (“ADIA LAB”), collect from our website, how and why your personal data will be used, how to access and update that personal data, and for how long it will usually be retained.

ADIA LAB is owned by the Abu Dhabi Investment Authority (“ADIA”). When we mention “ADIA LAB”, “we”, “us” or “our” in this Policy, we are also referring to ADIA who may also be responsible for processing your personal data.

The ADGM Data Protection Regulations 2021 (DP Regulations) apply to how we approach data privacy. In certain circumstances, other laws may apply to personal data we process. .

TYPES OF PERSONAL DATA WE HOLD ABOUT YOU  

In connection with your use of our website we may receive, collect, store, and use the following categories of personal data about you:

  • Identity data including your name, address, email address, affiliation (employer, university, institute etc.) telephone/mobile number and contact information and, if we make you an offer to work with ADIA Lab, a copy of your passport and your date of birth;

  • Career data such as details about your education and qualifications, your skills and your experience/career;

  • The personal data you provide to us in connection with any calls for papers, competitions or awards provided by ADIA LAB;

  • The personal data you provide to us using the contact function of the ADIA LAB website;

  • Usage data about how you use our website;

  • Technical data relating to internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website; Any personal data you provide to us during a seminar, meeting, webinar, conference call or other method of communication.

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

This website is not intended for children and we do not knowingly collect data relating to children.

HOW IS YOUR PERSONAL DATA COLLECTED  

We collect personal data about you from the following sources:

  • from your use of the website, including online forms;

  • when you submit an entry to a competition run by ADIA LAB;

  • when you sign up to and attend a seminar, meeting, webinar, conference call or other communication with us;

  • if you receive an award for submitting a paper in response to a call for papers, or in connection with another event organised by ADIA LAB such as a competition;

  • in connection with our recruitment activities including from recruitment agents; and

  • from email and telephone contact with us.

HOW WE WILL USE YOUR PERSONAL DATA  

Your personal data will be used by us for the purposes of operating the website and activities related to the website and ADIA LAB such as: recruitment and assessing candidates and those seeking to collaborate with ADIA Lab, seeking submissions following a call for papers, organising competitions, arranging seminars, webinars or events (including providing advance notice to previous participants of up-coming events) and also:

  • where it is necessary for ADIA LAB’s legitimate interests (or those of  ADIA) and your interests and fundamental rights do not override those interests;

  • where it is necessary for ADIA LAB to perform a contract which we are about to enter into, or have entered into, with you; and

  • complying with applicable legal or regulatory requirements.

BASIS FOR PROCESSING

Your personal data will be processed, if:

  • the processing is necessary to perform our obligations towards you, or in connection with a contract we are about to enter with you;

  • the processing is necessary to comply with our legal or regulatory obligations;

  • the processing is necessary to protect the vital interests of the relevant individual or of another natural person;

  • the processing is necessary for our legitimate interests (see further explanation below);

  • the processing is necessary for the performance of a task carried out in the public interest; or

  • in some cases, and if requested from you from time to time, we have obtained prior consent.

A “legitimate interest” means the interest of our business in conducting and managing our business and our website. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

If you fail to provide personal DATA

If you fail to provide personal data when requested, which is necessary for us to carry out our activities relating to the website or ADIA LAB, we will not be able to complete those activities. For example, if you fail to provide contact information in relation to a competition, we will not be able to accept your competition entry.

AUTOMATED DECISION-MAKING 

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

DATA SHARING  

Who has access to your personal data and with whom are they shared?

Within ADIA LAB

We will share your personal data internally with our employees, consultants, researchers and agents on a need-to-know basis, only to the extent required to fulfil the purposes listed above.

Outside ADIA LAB

We may transfer your personal data to our parent company, ADIA, or to third parties to fulfil the purposes listed above. If you have any questions or requests to ADIA, you can contact them by email to ADIAData.PrivacyManager@adia.ae.

Third Parties

In addition, we and/or ADIA may use service providers who supply, host and support the website and activities related to the website, such as competitions. These service providers may be located outside the country in which you live or ADGM and/or the United Arab Emirates. All our third-party service providers are required to take appropriate security measures to protect your personal data, and to put in place suitable safeguards to ensure that any transfers of personal data are carried out in compliance with applicable data protection rules. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

Additionally, we may be required to disclose your personal data to external third parties such as to local authorities, courts and tribunal, regulatory bodies and/or law enforcement agencies for the purpose of complying with applicable laws and regulations, or in response to legal process.

DATA SECURITY  

We regularly review and update the security measures that seek to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. These security measures have been implemented taking into account the state of the art of the technology, their cost of implementation, the risks presented by the processing and the nature of the personal data.

We and our affiliates have put in place procedures to deal with any suspected or actual personal data breach and will notify you of a breach where we are legally required to do so. Where a direct communication to you will involve disproportionate effort, we may instead inform you via a public communication or other similar measures that are equally effective. 

Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure. Therefore, ADIA LAB and ADIA cannot guarantee the security of any personal data you transmit to us over the internet, and you do so at your own risk. 

If at any point you suspect or become aware of a security incident (e.g., you receive a suspicious communication from someone holding themselves out to be our representative or from a unauthorised website claiming to be affiliated with us), please forward the communication to us or report the incident by email to ITSecurity@adia.ae . 

DATA RETENTION  

How long will you use my personal data for?

We process personal data for such periods as is necessary to fulfil our functions and for the purposes set out in this Policy, unless a longer period for the retention of personal data is required by law. After this period, we will securely destroy your personal data in accordance with our internal policies.

We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION  

Your rights in connection with personal data are as follows:

Right

What does this mean?

The right to object to processing

You have the right to object to certain types of processing.

The right to be informed

You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. This is why we’re providing you with the information in this Policy.

The right to access

You have the right to obtain access to your personal data that we process. This is so you are aware and can check that we are using your personal data in accordance with applicable law.

The right to rectification

You are entitled to have your personal data corrected if it is inaccurate or incomplete.

The right to erasure

This is also known as “the right to be forgotten” and, in simple terms, enables you to request the deletion or removal of your personal data where there are no compelling reasons for us to keep using it. This is not a general right to erasure; there are exceptions.

The right to restrict processing

You have the right to “block” or suppress further use of your personal data. When processing is restricted, we can still store your personal data but may not use it further. We keep lists of people who have asked no further use of their personal data to be “blocked” to make sure the restriction is respected in future.

The right to data portability

You have the right to transmit your personal data to another controller.

The right to lodge a complaint

If you feel that your personal data has been misused or disclosed without your permission, or that any of your data privacy rights have been violated by us, you have a right to file a complaint with the Office of Data Protection by sending an email to data.protection@adgm.com .

The right to withdraw consent

If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.

However, these rights are not absolute, they do not always apply and exemptions may be engaged. We will usually, in response to a request, ask you to verify your identity and/or provide information that helps us to better understand your request. If we do not comply with your request, we will explain why. If you want to exercise your rights, please contact the Data Privacy email address listed below in writing. We will respond to any requests in accordance with applicable law.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

THIRD PARTY LINKS 

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

COOKIES

ADIA LAB uses cookies to collect personal data from you. Please review ADIA LAB’s Cookie Policy for further information on how we handle your personal data through the use of cookies.

CONTACTING US AND RIGHT TO FILE A COMPLAINT

ADIA LAB has appointed a Data Protection Officer (“DPO”) who oversees data privacy and data protection compliance across ADIA LAB and informs and advises us on our data protection obligations. The DPO acts as our contact point with the ADGM Office of Data Protection. 

If you have any questions about this notice or how we handle your personal data or you have requests or wish to make a complaint, you can let us know by email to privacy.policy@adia.ae. 

If you want to file a complaint with or contact the data protection authority in ADGM, i.e., the ADGM Office of Data Protection, you may do so by email to data.protection@adgm.com  

UPDATES TO YOUR PERSONAL DATA AND THIS POLICY

In the interests of keeping personal data properly up to date and accurate, we ask you to inform us of any change in relation to your personal data (such as a change of contact details).

ADIA LAB may amend this Policy from time to time Any changes we make to this Policy will be posted on our website and date stamped so that you are always aware of the latest update. You should check this page from time to time to ensure you are happy with any changes. 

Last Updated: 26th January 2023