Privacy Policy of Argentum Law
Argentum Law (“we”, “our”, “us”) is committed toprotecting the personal data entrusted to us. This Privacy Policy explains howwe collect, use, disclose, transfer and retain personal data, the lawful baseson which we do so, the safeguards we apply—particularly when data istransferred outside the Abu Dhabi Global Market (“ADGM”)—and the rightsavailable to every data subject under the ADGM Data Protection Regulations 2021(“ADGM DPR 2021”).
1. Who We Are – Data Controller
Argentum Law Ltd (registered in the ADGM under licence number 000004196)Level 15, Al Khatem Tower, ADGM Square, Al Maryah Island, Abu Dhabi, United Arab Emirates.
Argentum Law is the data controller in respect of all personal data described in this Policy unless we notify you otherwise in writing.
2. How to Contact Us
General privacy queries: contact@argentumlaw.com
• Postal: ArgentumLaw Ltd Level15, Al Khatem Tower, ADGM Square,
Al Maryah Island, Abu Dhabi, United Arab Emirates.
3. Personal Data We Collect
Depending on your relationship with us, we may collect:
1. Identification data – name, title, employer, job function, date of birth, nationality, passport or national ID details.
2. Contact data – business and/or personal postal address, email, telephone number.
3. Compliance data – results of anti-money-laundering, conflict, sanctions and reputational checks.
4. Financial data – bank account details, payment card details, invoicing information.
5. Matter-related data – information you provide to us or that we generate in the course of providing legal services.
6. Usage data – IP address, device identifiers, browser type, operating system, pages visited, time and date of access, click-stream information and cookie identifiers.
7. Marketing preferences – consents, opt-in/opt-out details, areas of interest.
8. Any other personal data you voluntarily provide, including special category data (e.g., health data) where strictly necessary for a specific matter and processed in accordance with clause 6 below.
We do not knowingly collect personal data relating to children under the age of 13. If you believe a child has provided us with personal data without appropriate consent, please contact us immediately
4. How We Obtain Personal Data
4. How We Obtain Personal Data
Depending on your relationship with us, we may collect:
1. Identification data – name, title, employer, job function, date of birth, nationality, passport or national ID details.
2. Contact data – business and/or personal postal address, email, telephone number.
3. Compliance data – results of anti-money-laundering, conflict, sanctions and reputational checks.
4. Financial data – bank account details, payment card details, invoicing information.
5. Matter-related data – information you provide to us or that we generate in the course of providing legal services.
6. Usage data – IP address, device identifiers, browser type, operating system, pages visited, time and date of access, click-stream information and cookie identifiers.
7. Marketing preferences – consents, opt-in/opt-out details, areas of interest.
8. Any other personal data you voluntarily provide, including special category data (e.g., health data) where strictly necessary for a specific matter and processed in accordance with clause 6 below.
We do not knowingly collect personal data relating to children under the age of 13. If you believe a child has provided us with personal data without appropriate consent, please contact us immediately
5. Purposes of Processing &Lawful Bases
| Purposes | Examples of Processing Activities | Lawful Basis (ADGM DPR 2021) |
| Client onboarding & conflict checks | Identity verification, sanctions screening | 1. Performance of a contract (Art 5(1)(b)); 2. Legal obligation (Art 5(1)(c)); 3. Legitimate interests (Art 5(1)(f)) |
| Provision of legal services | Drafting documents, conducting correspondence, filing pleadings | Performance of a contract |
| Finance & billing | Issuing invoices, processing payments, debt recovery | 1. Performance of a contract; 2. Legitimate interests; 3. Legal obligation (tax laws) |
| Marketing & business development | Sending newsletters, event invitations | Consent (Art 5(1)(a)) or Legitimate interests where permitted |
| Website operation & analytics | Monitoring traffic, improving user experience | Legitimate interests |
| Compliance & risk management | AML audits, regulatory filings, responding to lawful requests | Legal obligation |
| Establishment, exercise or defence of legal claims | Maintaining matter files, evidentiary preservation | Legitimate interests |
| Recruitment | Evaluating candidates, background checks | 1. Steps prior to entering into a contract; 2. Legitimate interests |
If we intend to rely on consent as the lawful basis, we will seek your clear, affirmative consent in advance and you may withdraw it at any time.
6. Special Category Data
Where it is necessary to process data revealing racial or ethnic origin, political opinions, religious beliefs, trade-union membership, health or biometric data (“special category data”), we will do so only:
• with your explicit consent; or
• where required for the establishment, exercise or defence of legal claims; or
• where another specific exemption under ADGM DPR 2021 applies.
7. Sharing Your Data
Where it is necessary to process data revealing racial or ethnic origin, political opinions, religious beliefs, trade-union membership, health or biometric data (“special category data”), we will do so only:
• with your explicit consent; or
• where required for the establishment, exercise or defence of legal claims; or
• where another specific exemption under ADGM DPR 2021 applies.
8. Cookies & Similar Technologies
Our website uses strictly necessary, functionaland analytical cookies. Where required, we obtain your consent fornon-essential cookies when you first visit the site. You may disable cookiesvia your browser settings, although some site features may not functioncorrectly.
10. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction or damage. Measures include role-based access controls, encryption, secure data-centre hosting, multi-factor authentication, staff training and regular testing of our security controls.
11. Data Retention
We retain personal data only for as long as necessary for the purpose for which it was collected and to comply with legal, regulatory and professional obligations. Typical retention periods are:• Client-matter files – 7 years from matter closure (longer if litigation or regulatory retention obligations require).
• Anti-money-laundering records – 5 years from the end of the client relationship.
• Marketing data – 3 years from the last affirmative interaction, unless you withdraw consent earlier.
• Recruitment records – 12 months from the date a position is filled unless you consent to a longer period.
We securely delete or anonymise data once the applicable retention period expires.
12. Your Rights
Subject to certain conditions and exemptions under ADGM DPR 2021, you may exercise the following rights at any time by contacting us:
1. Right of access – obtain confirmation whether we process your personal data and receive a copy.
2. Right to rectification – have inaccurate or incomplete data corrected.
3. Right to erasure – request deletion of your data (“right to be forgotten”).
4. Right to restriction – limit the processing of your data in certain circumstances.
5. Right to data portability – receive your data in a structured, commonly used, machine-readable format and have it transmitted to another controller.
6. Right to object – object to processing based on legitimate interests or for direct marketing.
7. Right to withdraw consent – where we rely on consent, withdraw it at any time.
8. Right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.
9. Right to complain – lodge a complaint with the ADGM Office of Data Protection if you believe your rights have been infringed.We will respond to all legitimate requests within one month or notify you if additional time is required.
13. Automated Decision-Making
Argentum Law does not use personal data for automated decision-making or profiling that produces legal or similarly significant effects. If this changes, we will notify you and provide the safeguards required by ADGM DPR 2021.
14. Data Breach Notification
If we become aware of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify the ADGM Commissioner of Data Protection without undue delay and, where the risk is high, we will also inform you as soon as practicable, describing the nature of the breach, likely consequences and the measures taken or proposed to address it.
15. Updates to This Policy
We may amend this Policy from time to time to reflect changes in law, our practices or the services we offer. Any material changes will be communicated on our website and, where appropriate, notified to you directly. Please review this Policy periodically to stay informed.
