Employees - Dubai Holding Entertainment LLC

Privacy Notice for Dubai Holding Entertainment LLC (Employees and Contractors)

Last updated
 
August 16, 2024
Introduction
Who we are

The Dubai Holding Entertainment LLC entity (“we” or “us”) that you work for is committed to protecting the privacy and security of the personal data of our employees (“you”). By employees, we mean current and former employees, staff, workers and contractors (full-time or part-time, directly employed or outsourced). Whilst we use the term “employee” throughout this notice to apply to all such people, the use of this term does not confer any employment rights. If you belong to any of these groups, this Employee Privacy Notice (“this Notice”) applies to you. We have prepared this Notice to outline your rights in accordance with the applicable data protection laws, in relation to how and why we collect and process your personal data, how we use it, how long we store it for, as well as whom we share it with.  However, you should be aware that this Notice does not form part of any contract of employment or services agreement.

You can access a ‘Data Controller List’ here, which sets out all of our different entities and their contact details. This will enable you to identify the relevant entity that holds, processes, and secures your personal data and is the data controller in relation to your personal data.

The Data Controller list refers to the entities or individuals who are responsible for determining the purposes and means of data processing.

Information covered by this notice
Our use of cookies
What personal data do we collect from you?

Personal data is any information relating to you from which you can be identified. We may collect personal data either directly from you, third parties or public sources. We may process different categories of personal data whilst adhering to the data minimization and purpose limitation principles in accordance with the applicable data protection law. As described below:

  • Identification data:
    Includes but is not limited to name, employee ID, your photo, payroll ID, business email address, business address, business landline, citizenship, nationality, passport data, Visa information, drivers' licence information, the resident country`s ID, marriage certificate, birth certificate and education certificates, national/social insurance number (if applicable), health insurance, government retirement plan information and tax reference/ID (if applicable);
  • Other personal data:
    Includes but is not limited to date and place of birth, emergency contact details (if applicable), and gender; marital status, electronic signature, device information (including operating system/version, hardware model and unique device identifiers such as MAC address);
  • Sensitive data:
    This includes data that reveals the following about a data subject: racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health;
  • Contact details:
    Home address, home / personal mobile number and personal email address, emergency contact number;
  • Dependents’ information:
    Includes but is not limited to  name, telephone number, date of birth, email address;
  • Employment history and education:
    Includes but is not limited to your position, business title, employee type, management level, time type (full or part time and percentage), default weekly working hours, scheduled weekly working hours, working time information, work location, division, department, position level, manager (name and employee ID), support roles, start and end date, CV details, contract status reference, job history (including position history, title history, effective dates and past pay groups), worker history (including log-files of changes in our Human Resources databases) and reason/s for leaving, reference information, qualifications, formal certifications and Grades;
  • Information about your salary and benefits/fees:
    Includes but is not limited to basic salary, bonus and commission entitlements, raise amounts and percentages, insurance benefits (including information about you and your dependants that we provide to the insurer), pension plans, fees paid to you in return for your services, your bank account details and payment dates, and accrued salary and fee information;
  • Time, and systems/buildings access monitoring information:
    Includes but is not limited to CCTV, swipe card access, time recording software, internet, email and telephone usage data, personal vehicle information, like number plate, car registration, and colour details;
  • Performance and disciplinary information:
    Includes but is not limited to performance reviews, evaluations and ratings, reviews of alignment to policies and procedures, information about disciplinary allegations, the disciplinary process and any disciplinary warnings, details of grievances and any outcome, termination of services agreements;
  • Absence information:
    Includes but is not limited to dates of leave of absence/vacation, maternity/paternity/shared parental leave, training/educational leave, national/reserve leave, family care leave/ compassionate leave, medical leave; and
  • Organisational data:
    Includes but is not limited to training records, IDs for IT systems, system permissions, web browsing history, company details, cost centre allocations, and organisations.
How do we use your personal data?

We collect, use and process your personal data for a variety of reasons linked to your employment or engagement. To help clarify these the below is a list of why personal data is collected, used and processed (the "Processing Purposes") along with examples where personal data is used for each of the Processing Purposes. Your personal data will not be kept longer than necessary to meet the purposes outlined below. The criteria that we use to determine how long we will keep your personal data includes the period of time during which we have an ongoing relationship with you, and whether we have a legal obligation to store it beyond our working relationship (for example, for accounting purposes or for litigation, or regulatory investigations purposes).

Personal data usage
Employees
Contractors
Categories of personal data What types of personal data is processed for this purpose? Lawful basis What is the legal basis that we rely on to process your information in this way? Storage Period
1. Perform Talent Acquisition activities:
Talent Acquisition - Pre-On-Boarding & Pre-Hire obtain final documentation to on-board the candidate: We obtain the required starting documentation to initiate the on boarding process to move the candidate to an employee. Identification data Contact details Other personal data Sensitive data Dependents' information Employment history and educations Information about your salary and benefits Performance and disciplinary information Time, and systems/buildings access monitoring information Reference information Complying with the contractual obligation related to employement. 6 years from the end of the employment relationship
Talent Acquisition - Pre-On-Boarding Travel and Relocation: To obtain appropriate Government approval and issuance of entry. Make all necessary travel / accommodation arrangements. Identification data Contact details Sensitive data Dependents information Where this processing is required by law, we do so for compliance with our legal obligations. 6 years from the end of the employment relationship
Talent acquisition - Aptitude Testing: We undertake psychometric and ability tests (including assessment centres, technical or trade evaluations, ability testing in regard to verbal, numerical and logical reasoning that may be required) to align candidates against our core competencies and technical requirements of a job. Identification data Other personal data Identification data Contact details Employment history and education Information about your salary and benefits Performance and disciplinary information Individual test results, including preferred style of working, verbal, logical and numerical reasoning abilities; and situational judgment scenarios Legitimate interest: assessing your suitability for the position. 6 years from the end of the employment relationship
Talent acquisition - Background checks: Conduct background checks (including criminal, right to work and, reference checks and identification of applicants), that are required either by law, or are necessary to assess applicants' suitability for a role. Identification data including passport and visa. Other peronal data Contact details Employment history and education Information about your salary and benefits Sensitive data Dependents' information Performance and disciplinary information Curriculum Vitae Legitimate interest: assessing your suitability for the position, and identifying you appropriately. Complying with our legal obligations: For checks required by law. Where we process sensitive data as part of these checks, we do so only because it is necessary to meet obligations and rights in the field of employment and social security and social protection law. 2 years
Talent acquisition - Job applications: Interact with applicants, including interviewing (as well as any necessary adjustments due to health reasons), providing information on the application, providing feedback and responding to queries or complaints. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Contact details Performance and disciplinary information Interview responses Interview notes Passport information (for interviews requiring international travel) Legitimate interest: assessing your suitability for the position; administering your job application. 6 years from the end of the employment relationship
Talent Acquisition - Pre-Hire: Assess our strategic direction and resourcing needs through feedback and monitoring to improve the recruitment process. Identification data Other personal data Employment history and education Contact details Sensitive data Information about your salary and benefits Time, and systems/buildings access monitoring information Feedback Legitimate interest: reviewing and improving the recruitment process. 6 years from the end of the employment relationship
Talent acquisition - Facilitating interviews: Make necessary adjustments to carry out the interview process (including disability or dietary requirements). Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Where this processing is required by law, we do so for compliance with our legal obligations. Where we process sensitive data, as required by law, we do so because it is necessary to meet obligations and rights in the field of employment and social security and social protection law. Where such adjustments are not required by law, we process your persona data because in our legitimate interests to do so. Such as this relates to sensitive data which we are not required to process by law, we do so because we have obtained your explicit consent. 6 years from the end of the employment relationship
Talent Acquisition - Security: Maintaining Dubai Holding Entertainment's security including people identification and authentication, premises, assets, systems, website and platforms. Identification data for instance your passport and visa Other personal data Employment history and education Contact details Legitimate interest: To maintain security and allow only authorized access to individuals. 6 years from the end of the employment relationship
Talent Acquisition - On-Boarding to systems Including Security: Registering the candidate in relevant systems and creating a 'Pending Worker' status to initiate the collection of joiner documentation. Identification data Other personal data Employment history and education Dependents' information Information about your salary and benefits Complying with the contractual obligation related to employement. 6 years from the end of the employment relationship
On-Boarding Travel and Relocation: Relocating the candidate to the required location of the job and provide flights so the candidate is able to relocate with ease. Identification data Contact details Sensitive data Employment history and education Other personal information Information about your salary and benefits Performance and disciplinary information Complying with the contractual obligation related to employement. 6 years from the end of the employment relationship
On-boarding employees: Issuing job offers, entering employment contracts and making necessary work adjustments. To undertake general employee on boarding, we process data such as your: Identification data, for instance your passport and visa details Contact details Family details Emergency contact number Information about your salary and benefits Information about your job, such as your employment history, and your CV Formal qualifications including certifications/ course results from tertiary institutions Signed letter of intent and contract of employment Hire date Sensitive data Performance of our contract of employment with you Legitimate interest: processing your personal data to pay you and to issue individual and family benefits, including medical insurance coverage, flights, and Visa sponsorship For sensitive data: explicit consent 6 years from the end of the employment relationship
2. Perform Talent Development activities:
Training: To provide training and development opportunities to ensure employees have the correct skill level and training to effectively perform the job role. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Performance and disciplinary information Information about your job, such as your position, grade and department Legitimate interest: to plan, design and deliver training to you to meet our business needs. 6 years from the end of the employment relationship
Talent Development - Managing & Reporting: Manage employee talent development & succession planning. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Performance and disciplinary information Information about your job, such as your position, grade and department; Legitimate interest: conducting effective talent development processes. Suitability for other roles in the company including promotions or vertical movements. 6 years from the end of the employment relationship
Talent Development - Equal Opportunities Reporting: Reporting and monitoring equal opportunities. Identification data Other personal data including gender. Employment history and education Sensitive data Information about your salary and benefits Dependents' information Performance and disciplinary information Complying with our legal obligation (where we are under an obligation to report and monitor equal opportunities). For sensitive data: explicit consent. 6 years from the end of the employment relationship
3. Perform HR Operations activities:
Employee File: Creating the employee file to retain and manage all required employment documentation during the lifetime of employment. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Performance and disciplinary information It is in our legitimate interests to maintain employee records during their lifetime of employment. 6 years from the end of the employment relationship
Employee Relations - Compliance: Comply with applicable laws, policies and procedures including responding to regulators, to binding and non-binding requests, adhere to industry guidance and best practices and monitor compliance. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Performance and disciplinary information Information about your job Organisational data Legitimate interest: Where such requests are non-binding Depending upon the nature of the request, we may also process sensitive data either in the substantial public interest or for the establishment, exercise or defence of legal claims. Complying with our legal obligations 6 years from the end of the employment relationship
Employee Relations - Employee Transfer: Communicate HR related matters with employees and relevant third parties. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Performance and disciplinary information Organisational data Legitimate interest: communicating important information to our employees and conducting engagement activities. 6 years from the end of the employment relationship
Employee Relations - Due Diligence: Process employees' personal data in relation to the sale, transfer, acquisition or merger our assets. Identification data Other personal data Employment history and education Absence information Information about your salary and benefits Dependents' information Contact details Performance and disciplinary information Sensitive data Legitimate interest: planning and managing proposed mergers and acquisitions, implementation and operation of a group-wide organisational structure and group-wide information sharing. 2 years
Employee Relations - Auditing & Employee Relations - Employee Management: Process employees' personal data for audit purposes and to manage business operations, including accounting requirements. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Performance and disciplinary information Organisational data Legitimate interests: implementation and operation of a group-wide organisational structure and group-wide information sharing, as well as conducting audits to demonstrate compliance to procedures. 6 years from the end of the employment relationship
Employee relations - Gifts and Hospitality: To identify any gifts or hospitality received by employees from customers or guests which are over the threshold of AED 500 face value. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefitsDependents' information Contact details Performance and disciplinary information Legitimate interests: ensuring ethical gifting practices. 6 years from the end of the employment relationship
Employee relations - Declaration of Interest: Identifying shares or interest held in Dubai Holding Group or any of its subsidiaries. Identification data Employment history and education Performance and disciplinary information Legitimate interests: maintaining accurate declaration of interest records. 6 years from the end of the employment relationship
Physical Access Management: Processing employees or freelancers' personal data to manage physical access to buildings and issuing any access cards or parking permits as needed. Identification data Contact details Systems/buildings access monitoring information, including CCTV Biometric data - fingerprints and retina scans Legitimate interests: allowing only authorised access of individuals on the Company's premises 6 years from the end of the employment relationship
Corporate Communications: Sending communications or major announcement to all staff and personnel. Identification data Contact details Legitimate interests: ensuring staff are informed on all matters concerning them 6 years from the end of the employment relationship
Corporate Communications: Process employees' personal data in relation to the usage of Wi-Fi (applicable for employees or applicants asked to attend offices, hotels or resorts for interviews/meetings). Device information (including operating system/version, hardware model and unique device identifiers such as MAC address) Legitimate interest: providing a Wi-Fi service at our properties. 6 years from the end of the employment relationship
4. Perform activities related to Employee Relations:
Employee Relations - Employee Safety: Establishing and potentially contacting an emergency contact for individuals in case of emergency. Contact details Sensitive data Other personal information Time, and systems/buildings access monitoring information Identification data Emergency contact information Legitimate interests: ensuring that we are able to communicate with your emergency contact in case of emergency. It may also be necessary to process this data in order to protect your vital interests. 6 years from the end of the employment relationship
Rewards and Performance - Employee Benefits: Administer and provide employee benefits and allowances. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Organisational Data Performance of our contract of employment with you. Legitimate interests: ensuring that you can access and use employee benefits, applying changes to your benefits and allowances and communicating these to you. 6 years from the end of the employment relationship
Rewards and Performance - Payroll and Rewards: Administer payroll including employee compensations, salary, incentives, and trade union subscriptions. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Performance and disciplinary information Organisational data sensitive data Performance of our contract of employment with you. For sensitive data: explicit consent. 6 years from the end of the employment relationship
Rewards and Performance - Manage employees' performance evaluation, including talent review and colleagues' feedback Information relating to your job, such as your position and grade. Performance information, including 360 feedback. Performance of our contract of employment with you Legitimate interest: ensuring that, where appropriate, we have sufficient information to conduct performance reviews. 6 years from the end of the employment relationship
Employee Relations - Leave: Administer and manage the employment relationship, including leave (sick, paternity, absence, etc.), disability accommodation and dietary requirements. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Disciplinary information Absence information sensitive data Performance of our contract of employment with you. Complying with our legal obligations. Legitimate interest: administering and managing the employment relationship. For sensitive data: explicit consent 6 years from the end of the employment relationship
Employee Relations - Research: Conduct market benchmark surveys on employee positions. Identification data Salary and benefits Contact details Employment history and education Other personal information Legitimate interest: ensuring that, where appropriate, we have sufficient information to conduct market benchmarking. 6 years from the end of the employment relationship
Employee Relations - Engagement Survey: Conduct employee engagement surveys. Identification data Other personal data Employment history and education Contact details Legitimate interest: ensuring that we can identify themes or issues relating to employee engagement, on an aggregated, anonymised basis. 6 years from the end of the employment relationship
Employee Relations - Complaints Handling: Manage employees' complaints or grievance procedure. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Legitimate interest: managing any grievance and complaints process, following the applicable Human Resources Policy in the respective region. 6 years from the end of the employment relationship
Employee Relations - Off-Boarding & Employee Relations - Leavers: Off-board employees, including managing ex-employee personal data if required. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Time, and systems/buildings access monitoring information Specific details relating to UAE departure where relevant Performance of our contract of employment with you. Legitimate interest: assisting you in your departure, including family repatriation and benefits. 6 years from the end of the employment relationship
Processing purpose We will use your personal data to: Categories of personal data What types of personal data is processed for this purpose? Lawful basis What is the legal basis that we rely on to process your information in this way? Storage Period
1. Perform consultant engagement activities:
Engagement - obtain final documentation to enter into a services agreement with the consultant: We obtain the required starting documentation to initiate the process to engage the consultant. Identification data Contact details Other personal data Complying with the legal obligation related to engagement. 6 years from the end of the employment relationship
Engagement - Visa application (if required): To obtain appropriate Government approval and issuance of entry. Identification data Where this processing is required by law, we do so for compliance with our legal obligations. 6 years from the end of the employment relationship
Talent acquisition - Background checks: Conduct background checks (including criminal, right to work and, reference checks and identification of applicants), that are required either by law, or are necessary to assess consultant's suitability for a role. Identification data Other peronal data Contact details Employment history and education Information about your fees and benefits Legitimate interest: assessing your suitability for the position, and identifying you appropriately. Complying with our legal obligations: For checks required by law. 2 years
Talent acquisition - consultant applications: Interact with applicants, including interviewing, providing information on the application, providing feedback and responding to queries or complaints. Identification data Other personal data Employment history and education Sensitive data Information about your fees Contact details Legitimate interest: assessing your suitability for the position; administering your application. 6 years from the end of the employment relationship
Talent Acquisition - Pre-Hire: Assess our strategic direction and resourcing needs through feedback and monitoring to improve the recruitment process. Identification data Other personal data Employment history and education Legitimate interest: reviewing and improving the hiring process. 6 years from the end of the employment relationship
Talent acquisition - Facilitating interviews: Make necessary adjustments to carry out the interview process (including disability or dietary requirements). Identification data Other personal data Employment history and education Sensitive data Information about your fees Contact details Where this processing is required by law, we do so for compliance with our legal obligations. Where such adjustments are not required by law, we process your persona data because in our legitimate interests to do so. For sensitive data which we are not required to process by law, we do so because we have obtained your explicit consent. 6 years from the end of the employment relationship
Talent Acquisition - Security: Maintaining Dubai Holding Entertainment's security including people identification and authentication, premises, assets, systems, website and platforms. Identification data Other personal data Employment history and education Contact details Legitimate interest: To maintain security and allow only authorized access to individuals. 6 years from the end of the employment relationship
Talent Acquisition - On-Boarding to systems Including Security: Registering the candidate in relevant systems and creating a 'Pending Worker' status to initiate the collection of joiner documentation. Identification data Other personal data Employment history and education Dependents' information Complying with the legal obligation related to contract. 6 years from the end of the employment relationship
2. Perform contract operations activities:
Contract Operations Relations - Auditing and Fee management: Process consultants' personal data for audit purposes and to manage business operations, including accounting requirements. Identification data Other personal data Employment history and education Sensitive data Information about your salary and benefits Dependents' information Contact details Legitimate interests: implementation and operation of a group-wide organisational structure and group-wide information sharing, as well as conducting audits to demonstrate compliance to procedures 6 years from the end of the employment relationship
Rewards and Performance - Payroll and Rewards: Administer payroll including fees, benefits, incentives, and trade union subscriptions where applicable. Identification data Other personal data Employment history and education Sensitive data Information about your fees Dependents' information Contact details Performance of our contract with you. For sensitive data (e.g. trade union membership): explicit consent. 6 years from the end of the employment relationship
Contract Operations Relations - Leave: Administer and manage the contractual relationship, including leave (sick, paternity, absence, etc.), disability accommodation and dietary requirements. Identification data Other personal data Employment history and education Sensitive data Information about your fees Dependents' information Contact details Performance of our contract with you. 6 years from the end of the employment relationship
Contract Operations Relations - Complaints Handling: Manage consultants' complaints or grievance procedure. Identification data Other personal data Employment history and education Sensitive data Information about your fees Dependents' information Contact details Legitimate interest: managing any grievance and complaints process, following the applicable Human Resources Policy in the respective region. 6 years from the end of the employment relationship
How long do we keep your personal data?
Who do we share your personal data with?

To ensure that the Processing Purposes are completed, your personal data may be shared with any of the entities within the Dubai Holding Group (the “Company Group”) or to third party entities outside of the Company Group. When we share your personal data in this way, it is our policy to limit the categories of individuals who have access to your personal data.

We may share and transfer your personal data to third party entities for Processing Purposes. This includes entities within and outside our own Company Group entities, or affiliated entities located in any jurisdictions where those third party entities are located, as follows:

  • Within the Company Group. As your employing/engaging entity is part of a wider group with offices and locations across the globe, we may transfer your personal and sensitive data to, or otherwise allow access to such data, by other Company Group entities, which may use, transfer, and process the data. The following circumstances may require personal data sharing:
    • To maintain and improve effective administration of the employees and/or staff
    • To facilitate movement of staff into other Company Group entities, including secondments
    • To communicate information about the Company Group; to maintain a corporate directory
    • To maintain IT systems
    • To monitor and assure compliance with applicable policies and procedures, and applicable laws
    • To respond to requests and legal demands from regulators and other authorities.
  • With Third Parties. As necessary in connection with business operations, work contact details and contact details may need to be transferred to existing or potential business partners, suppliers (e.g. suppliers providing employee benefits), customers, end-customers (for instance, where customer issues have been escalated to you) or government officials and other third parties (e.g. our external advisors) for communication purposes.
  • Regulators, authorities, and other third parties. As necessary for Processing Purposes described above, personal data may be transferred to regulators, courts, and other authorities (e.g., tax and law enforcement authorities), independent external advisors (e.g., auditors), Directors within the Company Group, insurance providers, pensions and benefits providers, internal compliance and investigation teams (including external advisers appointed to conduct internal investigations).
  • Acquiring entities. If the Company Group business for which you work is sold or transferred in whole or in part (or such a sale or transfer is being contemplated), your personal data may be transferred to the new employer or potential new employer as part of the transfer itself or as part of an initial review for such transfer (i.e. due diligence), subject to any rights provided by applicable law, including jurisdictions where the new employer or potential new employer are located.
  • Data processors. As necessary for the Processing Purposes described above, personal data may be shared with one or more third parties, whether affiliated or unaffiliated, to process personal data under appropriate instructions ("Data Processors"). The Data Processors that we engage with fall into the following categories: suppliers who support us in relation to employee and staff administration, IT system support, payroll and compensation, training, compliance, and other activities. Data Processors will be subject to contractual obligations to implement appropriate technical and organisational security measures to safeguard the personal data and to process the personal data only as instructed.
How do we protect your personal data?
Artificial Intelligence and Machine Learning
Profiling
Specific details about profiling and automated decisions involving candidates
Where we store/transfer your personal data?

We may transfer personal data to recipients in countries outside of the country you work in. In this case, we will put in place appropriate measure to protect the security and confidentiality of your data, to ensure your data is protected adequately. The majority of personal data we collect is stored in the United Arab Emirates, where the appropriate data protection measures are in place.

Security of your personal data
Third party websites and apps
Your rights

You may have certain rights relating to your personal data. However, these rights can differ depending upon the country in which you are located. That country’s law will determine which rights apply and in what instances.

Right to withdraw consent

Where you have provided your consent to us, you will always have the right to withdraw this at any time. You can do this by either by following the information provided at the time you provided your consent, or by contacting us using the following email address privacyoffice@dhentertainment.ae. The withdrawal of consent will not affect any processing that was based on consent before its withdrawal.

Right to request correction of your personal data

You will always have the right to request that we correct and update any personal data that we process about you that is inaccurate or incomplete. You can do this by contacting us at privacyoffice@dhentertainment.ae.

Additional Data Protection Rights

Certain Data Protection Regulation also provide you with additional rights which may allow you to:

- upon request, be provided access to, or copies of, your personal data that we process;

- upon request, restrict the processing of your personal data;

- upon request, delete your personal data which we process;

- object to our processing of your personal data; or

- upon request, obtain a copy of your personal data which we process in a commonly used and machine-readable format.

- lodge a complaint with the supervisory authority in your country of residence, place of work or the country in which an alleged infringement of data protection law has occurred

It is important to understand that these rights are not absolute (e.g. their application may depend upon the lawful basis we rely upon to process your personal data) and that we may require further information from you (e.g. to confirm your identity) to action your request. You can enquire whether these rights apply to you by contacting us using the following email address at privacyoffice@dhentertainment.ae.

AI Implications

Artificial Intelligence (AI) Systems:

Dubai Holding use AI Systems that process personal data to enable us to improve our services and user experiences. We remain vigilant when using AI to protect personal data, ensuring Employee and Contractor privacy, and preventing unauthorized or fraudulent activity. Our Employee, Contractors and stakeholders shall remain confident that personal data is adequately protected with us, especially in cases where AI is used to deliver the product or service, as this may infer heightened protection where AI is deployed.

How we use AI Systems

This notice gives you information on how we protect your personal data in our use of the AI System.

Personal data may be processed within our AI Systems. We remain the data controller for your personal data when it is processed while using our AI Systems. We process personal data in accordance with the relevant data protection laws. In the case where we have engaged a processor, we have mandated contracts that uphold our standards in compliance with the relevant data protection laws.

We will sometimes process Employee and Contractor personal data when using AI Systems. We have regulated the use of AI internally, weighed the opportunities and risks in advance of our use of AI and ensure appropriate human supervision where important matters are concerned. Where we offer dialogues with an AI, we will make this evident and, if necessary, point out potential errors.

Personal Data Processed by AI Systems

We process your personal data using AI Systems to improve the efficiency, quality, and speed of our business processes and for the purpose of providing services. In using AI Systems, we may process different types of personal data. For more information, please refer to the section "What personal data do we collect from you?” and “How do we use your personal data?". In limited circumstances, we may process sensitive data through the AI System, but we will ensure that we have the necessary lawful basis in place before doing so.

Where we process your existing personal data we will continue to rely on the appropriate lawful basis for that processing activity. In certain instances, we engage data processors; however, they are unable to access any of your personal data entered in the AI Systems. We have mandated contracts with data processors to ensure that your personal data is protected.

Contact us

If you have any questions regarding this Notice or if you would like to exercise any of your rights as a data subject, please contact the Data Protection Officer at privacyoffice@dhentertainment.ae.

Changes to this Notice