Scope and applicability of this policy
Types of sensitive personal data or information we collect
The term sensitive personal data or information in this policy refers to personal information which does and/or is capable of identifying you as an individual. The types of sensitive personal data or information that we may collect consist of following personal information relating to you: name, gender, home address, telephone number, date of birth, marital status, email address, emergency contacts or other contact information, financial information such as credit card and other payment instrument details, voicemails, emails, passwords, correspondence and communications about the pages you visit, the links you click on our website, information required to comply with the laws, statutory obligations, the requests and directions of law enforcement authorities or court orders, acknowledgements regarding Milano policies, including ethics and/or conflicts on interest of policies and computer and other corporate resource usage policies, any detail relating to the above clauses as provided to Milano; and any of the information received under above clauses by Milano for collecting, receiving, possessing, using, processing, recording, storing, transferring, dealing, handling and disclosing under lawful contract or otherwise.
Most of the sensitive personal data or information we collect is the data or information that is willfully and knowingly provided to us by you. However, in some instances, we collect sensitive personal data or information about you, based on our inferences about you, from other information provided to us by you or on our interactions with you or on such personal information about you that we receive from a third party with your knowledge.
By accepting the terms and conditions of the website you will be providing you will be providing your consent. If you give your consent, it means you have done so freely and voluntarily and agree to this policy. You always have the right to refuse or withdraw your consent for the sensitive personal data or information sought to be collected or withdraw your consent given earlier to us. We will always respect such a refusal or withdrawal, but it might mean that we are unable to perform all services, arrangements or contracts with you and will have the option to discontinue the same. We will inform you of these inabilities, if they occur. However, we reserve the right to retain such sensitive personal data or information as may be necessary for providing our pending services to you and in accordance with this policy.
While collecting sensitive personal data or information directly from, we will take reasonable steps to ensure that you are aware of the fact that the sensitive personal data or information is being collected, purpose for which the sensitive personal data or information is being collected, purpose for which the sensitive personal data or information is being collected, intended recipients of the sensitive personal data or information and retaining the same. We respect your privacy rights, therefore, Milano will observe the following guidelines when collecting, receiving, possessing, using, processing, recording, storing, transferring, dealing, handling and disclosing sensitive personal data or information will be collected, received, processed, used, processes, recorded, stored, transferred, dealt, handled and disclosed in compliance with the local laws/regulations in the territory where those activities occur. Sensitive personal data or information will be relevant/ necessary to/for the purpose for which it is collected and used, sensitive personal data or information will be current and accurate with reasonable with reasonable steps taken to rectify or delete inaccurate sensitive personal data or information, sensitive personal data or information will be kept only as long as necessary for the purposes for which it was collected and processed, and appropriate measures will be taken to prevent unauthorised access or use, unlawful processing and unauthorised or accidental loss destruction, or damage to such sensitive personal data or information.
Purposes for collection, storage and/or use of sensitive personal data or information
The primary purposes for collection, storage and/or use of sensitive personal data or information is for our business, operation of the services, entering into or performing any contract, maintaining quality of the services, providing support to the products or services you have obtained from us, fulfilling your transaction requests and delivering the programs, products, information and services requested by you or other services related inquiries, managing client contacts, administering and developing our business relationship with you, providing you with information, providing you with information, products or services that you request from us or which we feel may interest you, record keeping and other general administrative and services related processes, ensuring the safety and protection of the rights or property of Milano or its business, complying with applicable legal requirements including but not limited to governmental reporting, etc. and fulfilling statutory/legal obligations as a service provider under applicable laws, adhering to judicial or administrative orders, compliance with laws, contacting you via surveys to conduct research about your opinion of current services or of potential new services that may be offered by us, monitoring or recording of certain calls, chats and other interactions relating to the online transactions which may involve you calling us or us calling you and online chats for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction, while conducting daily business/operations such sensitive personal data or information may be provided to affiliates and associate companies, employees/staff of Milano and third party’s for the purpose of processing such sensitive personal data or information for or on our behalf including but not limited to helping us to perform statistical analysis, send you email or postal mail, provide customer support/support services, arrange for deliveries of programs, products, information and services etc., direct marketing and promotional purposes, operating website, improving the content of our website to offer you better products and/or services to ensure that content from our website is presented in the most effective manner for you and in connection with the business of Milano.
Data collection devices
We will make best efforts to do so but do not warrant that any of the websites or any affiliates site or network system linked to our website is free of any operational errors nor do we warrant that our website will be free of any virus, computer contaminant, worm or other harmful components. Our website contains links to other sites which are not owned or operated by Milano. Milano is not responsible and makes no guarantee for the privacy practices or the content of such websites. These links are provided only as a convenience to you. Neither Milano nor any of its affiliates are responsible for the availability of such third party websites or their contents. Milano will not be liable for your sensitive personal data or information transmitted over networks accessed by you of liable sites or otherwise connected with your use of the service. You understand, acknowledge and agree that neither Milano nor any of its affiliates are responsible or liable, directly or indirectly, for any damage or loss of any sort caused in connection with your use of or reliance on any content of any such site or service available through any such site.
You acknowledge that the services, content, site and/or any software are provided on an “as is” and “as available” basis, without warranties of any kind, either express or implied, including, without limitation, implied warranties of any kind, either express or implied, including without limitation: (i) the services and/or software will be free of all viruses and hacking. (ii) the software will work on all mobile phones, will be compatible with all mobile phone networks and/or will be available in all geographical areas. (iii) any service will be uninterrupted, timely, secure or error-free for any reasons whatsoever including but not limited to overboard/breakdown of receiving network, servers or applications; system failures out of the Milano’s control or due to heavy traffic on network.
Disclosure or transfer of your sensitive personal data or information
If Milano wishes or os required to disclose the sensitive personal data or information collected from you to any third party, we will ask for your prior consent except when such disclosure has been agreed in the contract between Milano and you or it is necessary to comply with a legal obligation or it is to be shared with government agencies or to be disclosed to any third party by an order under law. Milano will transfer, with your consent, the sensitive personal data or information to any other third party in UAE or overseas, that ensures the same level of data protection that is adhered to by Milano as set out here in for fulfilling any contractual obligation.
We will disclose or transfer your sensitive personal data or information in accordance with this policy and all applicable legal requirements. Your sensitive personal data or information will be disclosed or transferred, as may be required from time to time, as follows for business purposes to: (i) the appropriate employees/staff/persons in our offices (ii) our affiliates and associates companies (iii) from one office within Milano to another office in UAE or overseas (iv) to any third party, in the event of a proposed or actual business transfer; and (v) in connection with our business and services provided by Milano to third party’s working with us or on our behalf in different industries and categories of business. We will disclose, share, transfer your sensitive personal data or information to any third party or provide your sensitive personal data or information to any third party or provide your sensitive personal data or information to any third party in connection with our business requirements for the purpose indicated herein. Such third parties are required to process your sensitive personal data or information they receive from us in a lawful, safe and responsible manner in accordance with this policy and the prevailing laws and take all appropriate security and confidentiality measures such that they do not use your sensitive personal data or information for their own purposes or disclose your sensitive personal data or information to others. Neither Milano nor any third party will publish your sensitive personal data or information. For legal requirement, to any court of law and/or government agencies/entity as may be required under law and/or statutory authority, central bank in UAE or in response to a legal process, for the purpose of verification of identity, or for prevention, detention, investigation including cyber incidents, prosecution and punishment of offences and/or to any third party by an order under the applicable law or if we determine it is necessary or desirable to comply with any applicable law regulation, legal processes or enforceable governmental requests or to protect or defend our rights or property including compliance with accounting and various rules and regulations or to investigate detect, prevent, or to take action regarding illegal activities, suspected fraud, security or technical issues or situations involving potential threats to the physical safety of any person. For centralised data processing activities, we have centralised certain aspects of our data processing and administration in order to allow us to better manage our business. Such centralisation may result in the transfer of your sensitive personal data or information: (i) from one country to another; (ii) to our employees/staff of the affiliates/associate companies of Milano in other locations etc. however, whenever your sensitive personal data or information is transferred within Milano it will be processed in accordance with the terms and conditions of this policy.
Reasonable security practices and procedures and audits
We seek to ensure compliance with the requirements of the law to ensure the protection and preservation of your privacy, therefore we take appropriate security measures to protect your sensitive personal data or information against unauthorised access, alteration, disclosure or destruction. We have a number of physical, electronic and procedural safeguards/measures in place to actively protect the confidentiality, security and integrity of your sensitive personal data or information protection.
We limit access to your sensitive personal data or information to members of our team/employees of Milano/third parties who we believe reasonably need to come into contact with that information for the purpose of performing their duties. We have strict confidentiality obligations that apply to such members/employees of Milano/third parties. Failure to meet these obligations may result in disciplinary and other actions, including dissolution of a contract, termination of employment and criminal prosecution.
We conduct training to authorised users regarding the lawful and intended purposes of processing your sensitive personal data or information, the need to protect and keep information accurate and up to date and the need to maintain the confidentiality of the data or information to which such authorised users have access. Authorised users will comply with this policy, and we will take appropriate disciplinary actions, in accordance with applicable laws, if your sensitive personal data or information is accessed, processed, or used in any way that is inconsistent with the requirements of this policy.
Retention of your sensitive personal data or information
We are aware of the importance of timely destruction of sensitive personal data or information. We ensure that your sensitive personal data or information is not stored/retained for a longer period than necessary for the purpose for which it was collected, used or processed or as provided in our contracts except when there is a legal obligation to do so under any law. It is our practice to destroy your sensitive personal data or information as soon as possible after it is no longer necessary for the purpose of which it was collected, used or processed save and except as stated herein above.
All Milano affiliates/group companies will ensure that this policy is observed. All employees/staff of Milano and third parties who have access to sensitive personal data or information are required to comply with this policy. In some other countries, violations of data protection regulations may lead to penalties and/or claims for damages from the individuals who are adversely affected.
All third parties shall only process the Sensitive Personal Data or Information in accordance with Milano’s instructions or make decisions regarding such data or information as part of the delivery of their services. In either instance, Milano will select reliable third parties who undertake, by contract or other legally binding and permissible means, to put in place appropriate technical and organizational security measures to ensure an adequate level of protection of such data or information. Milano will require third parties to comply with this Policy or to guarantee the same levels of data protection that is adhered to by Milano when handling/processing such data or information. Such selected third parties will have access to such data or information solely for the purposes of performing the services specified in the applicable service contract and are legally and contractually bound to maintain the privacy of such data or information shared with them and will not disclose it further. If Milano concludes that a third party is not complying with these obligations, it will promptly take appropriate actions to remedy such non-compliance or implement necessary sanctions.
Additionally, our team members/employees/staff are bound by internal confidentiality policies. Any team member/employee/staff found to have violated this Policy or any other policies will be subject to disciplinary action, up to and including termination of employment including penalties under applicable laws.
All third parties and our team members/employees/staff do hereby specifically agree that he/she/it shall, at all times, comply with the requirements of the Law, while collecting, receiving, possessing, using, processing, recording, storing, transferring, dealing, handling and disclosing Sensitive Personal Data or Information. The said third parties’ and team members/employees/staff do further unequivocally declare that in case he/she/it violates any provisions of the Law, he/she/it shall alone be responsible for all his/her/its acts, deeds and things and that he/she/it alone shall be liable for civil and criminal liability there under or under any other law for the time being in force.
Modifications to the policy
Milano reserves the right to update, change or modify this Policy, from time to time, without prior notification. The policy shall come into effect from the date of such update, change or modification.
We will inform You regarding any such changes by updating this Policy and will post all changes to the Policy on relevant internal and external websites.
Effective with the implementation of this Policy, applicable Milano privacy guidelines or practices relating to the processing of Sensitive Personal Data or Information will be superseded by the terms of this Policy and modified accordingly. All parties to any such agreements will be notified of the effective date of implementation of the Policy.
If any of the terms or definitions used in this Policy are ambiguous, the definitions established under the Law shall apply.