Skip to main content

Privacy at Shademont Consultancy

Shademont Consultancy and its affiliated entities (“Shademont”) are dedicated to protecting the confidentiality of your Personal Information (“PI”) and handling it in compliance with all applicable privacy and data protection regulations.

Our Privacy Notices explain what categories of PI we collect, how and why that information is used, the circumstances under which it may be shared, and the rights available to individuals regarding their data. For details specific to your relationship with Shademont, please review the relevant Privacy Notice provided.

Additionally, our Cookie Notice applies to all visitors to Shademont websites, outlining how cookies and similar technologies are used to enhance your browsing experience.

Shademont Consultancy Privacy Notice

Last updated: 1 March 2025

Introduction

Shademont Consultancy is committed to protecting the privacy and security of personal information (“PI”), including where applicable, sensitive personal information (“SPI”), in accordance with applicable privacy and data protection laws. Because we operate in multiple jurisdictions, some with strict rules governing how PI can be processed, we ensure compliance across all relevant regions.

In this Notice, references to “Shademont,” “we,” “our,” or “us” mean Shademont Consultancy, its subsidiaries, affiliates, and, where relevant, Shademont-managed products or functions. The specific Shademont entity you engage with will generally be the controller of your PI. Where PI is processed outside the scope of a contract, the controller will be the Shademont entity responsible for providing this Notice.

References to “you” or “your” in this document apply to individuals whose PI is collected and processed by Shademont. This includes, but is not limited to:

  • Direct investors and clients.
  • Representatives of client organizations (such as employees, officers, or agents).
  • Beneficial owners of corporate entities or investment vehicles.
  • Vendors, service providers, or third parties engaged with Shademont.

Your relationship with us may involve:

  • The delivery of services to current or potential clients.
  • Participation in transactions, including those we carry out on behalf of clients.
  • The provision of services to us by third-party vendors.

If your agreement is with a Shademont entity, that entity will act as the controller of your PI. If you are an investor in a Shademont-managed product, both the management entity and the product itself (if recognized as a separate legal entity) may also act as controllers. This Privacy Notice governs such relationships.

This Notice explains the purposes for which we collect, use, and share PI, the protections in place, and the rights available to you. Additional terms or contractual provisions may apply, which should be read alongside this Notice.

Personal Information We Collect

Personal Information (“PI”) refers to information relating to an identifiable individual. It may be used independently, or in combination with other data, to establish identity. PI does not include anonymized or de-identified data. Depending on jurisdiction, Sensitive Personal Information (“SPI”) may include subcategories of PI such as health data, biometric data, or information relating to political, religious, or demographic characteristics.

The type of PI we collect depends on the services provided, regulatory requirements, and the nature of our relationship with you. Categories of PI we may process include, but are not limited to:

Identification Data

Examples: full name, date of birth, gender, marital status, passport or national ID number, driver’s license, official identification codes, signature.

Contact Data

Examples: residential and business addresses, personal and work telephone numbers, email addresses.

Electronic Monitoring Data

Where permitted by law, we may monitor or record communications with Shademont, including telephone calls, emails, instant messages, and other electronic exchanges.

Financial Data

Examples: bank account numbers, investment account details, transaction records, payment history, investment history.

Marketing, Behavioral & Communications Data

Examples: your stated preferences for communications, responses to surveys or campaigns, details about your interactions with Shademont websites or portals (as further explained in our Cookie Notice).

Professional Information Data

Examples: employment details such as company name, job title, business contact details, work history, educational background, and professional social media identifiers (e.g., LinkedIn profiles).

Profile & Interaction Data

Examples: login credentials for digital platforms, records of services you’ve used or requested, investment participation details, responses to campaigns, and data from chatbot or digital interactions.

Services Data

Examples: payment instructions, invoicing details, or records of services provided to or received from Shademont.

Security & Access Data

Examples: visitor records, building entry logs, and CCTV recordings for facilities we operate.

Technical Data

Examples: IP address, device and browser details, location information, operating system, access logs, and online interaction patterns with Shademont systems.

Sensitive Personal Information (SPI)

In limited situations and only where permitted by law, we may collect or process SPI. Examples include:

  • Criminal conviction data, when legally required.
  • Health information (e.g., to accommodate accessibility needs or dietary requirements).
  • Political exposure status for regulatory screening.
  • Other data deemed sensitive under relevant law.

How We Collect PI

We obtain PI from several sources, including but not limited to:

  • Directly from you: When you provide information in forms, applications, or correspondence.
  • Through client or vendor organizations: If you act as a representative of a Shademont client, counterparty, or vendor.
  • In the course of our relationship: When you update your details, request services, or otherwise interact with us.
  • Publicly available sources: Corporate websites, regulatory filings, professional networking sites (e.g., LinkedIn), and media reports.
  • Digital interactions: Website visits, cookies, chatbot sessions, survey responses, or campaign engagement.
  • Shademont affiliates and third parties: Such as background check providers, data brokers, or credit reference agencies.
  • Events and trainings: Information gathered when you attend events hosted or co-hosted by Shademont, whether virtual or in person.

We may also generate PI ourselves by maintaining internal records of your interactions with us, subject to applicable law.

Unless explicitly stated otherwise, providing PI is necessary for us to deliver services, meet regulatory obligations, or manage our relationship. Failure to provide requested PI may prevent us from delivering certain services or engaging in transactions.

Purposes and Legal Grounds for Processing Your Personal Information
The table below outlines why we process personal information and the legal grounds that allow us to do so.

Purpose / Activity What Personal Information We Might Process Why We Process It (Our Legal Basis)
To access our website or open accounts, establish and maintain banking/investment relationships with you Identification, contact, transaction, professional data, technical data, usage data, and related data where relevant Regulatory, compliance obligations, to comply with regulatory or legal requirements and to provide services under contract
To allow third-party service providers to access our platforms for transactions Identification, contact, transaction, professional data, financial and service data Performance, regulatory obligations, service delivery and fulfilling service commitments
To make payments, fees, and any amounts owed Identification, contact, professional data, financial and service data Contractual performance and legitimate business and regulatory interests
To respond to your inquiries, requests, or other customer support channels Identification, contact, professional data, communication data Legitimate interest and relationship management, compliance with regulatory requirements
To provide and improve our services including updates, new features, and performance monitoring Identification, contact, professional data, technical data, communication data Compliance, relationship management, legitimate interests in service improvement and quality management
To manage and maintain our relationship with you in government reporting, compliance, and regulatory obligations Identification, contact, communication data, transaction, professional data Legal or regulatory requirements, compliance, and obligations under data protection laws
To safeguard against fraud, unauthorized use, claims, and liabilities Identification, security data, monitoring technical data, contact, professional data Regulatory/legal obligations, public interest, and legitimate security and monitoring interests
To manage risks, business operations, such as improving data security, maintaining appropriate facilities, ensuring effective management of our networks and information systems, and usage data Identification, contact, financial/transaction, service data Efficient, secure, and reliable operations
To provide information about services, offers, events, and promotions, and updates Profile/preferences, professional/communication data, industry/communication details Consent in scenarios, legitimate interest in relationship management and service improvement, and compliance with obligations
To build, maintain, or manage relationships with clients, partners, or vendors Identification, contact, transaction, professional data, communication data Legitimate interests, contractual performance, and relationship management
To conduct compliance checks, fraud prevention, risk management Contact, identification, technical/transaction data Compliance, performance and legitimate interests, safeguarding regulatory requirements
To enhance your experience on our websites or other digital channels, or your interactions and presence with us Identification, contact, financial, transaction, technical, professional information Compliance, performance and legitimate interests, quality of service, and building/maintaining healthy business relationships

Disclosure of Your Personal Information

As outlined in the section “Purposes and Legal Grounds for Processing Your Personal Information,” Shademont Consultancy may share your information, where appropriate, with:

  • Other entities within the Shademont Group.
  • Professional advisers, agents, contractors, or third-party service providers supporting us (including IT, analytics, platforms, brokers, lawyers, accountants, and consultants).
  • Vendors supplying goods or services such as marketing, billing, payments, or debt collection, as well as intermediaries and partners who work with us.
  • Clients, investors, fund managers, service providers, or advisers subscribing to Shademont services.
  • Authorities, regulators, courts, tribunals, enforcement bodies, or tax agencies where required or permitted by law.
  • Potential buyers, sellers, or merger partners — and their advisers — in the context of corporate transactions.
  • Credit agencies and organizations assisting with anti-money laundering, counter-terrorism financing, fraud detection, or other compliance checks.
  • Any individual or entity permitted or required by applicable local or international law.

International Data Transfers

To deliver services globally, we may transfer your information outside of your country of residence, including to processing centers located in regions such as Europe, the U.S., India, the Philippines, and Singapore.
Even if privacy standards differ, we apply uniform security measures and require third-party processors to comply with Shademont’s standards through binding contractual commitments.

For transfers from the EEA, we rely on either adequacy decisions by the EU Commission or legally recognized safeguards such as standard contractual clauses.

International Data Transfers

In certain jurisdictions, we will only send marketing emails with your explicit consent.
If you are a registered user of our platforms, we may also tailor your experience based on how you interact with our services.

You may opt out of marketing at any time by:

  • Using the unsubscribe link in our emails.
  • Contacting your Shademont representative.
  • Using the details provided in the “Contacting Us” section.
  • Adjusting your cookie settings for specific advertising preferences.

Third-Party Marketing and Sale of Information

Certain Shademont entities may share or sell limited categories of information in specific contexts. For example:

  • Business intelligence platforms may distribute Identification, Contact, or Professional data as part of subscription-based services.
  • For advertising purposes, we may share interaction, technical, and behavioral data with advertising networks or social media platforms.

We do not knowingly sell or share information relating to individuals under the age of 16.
Where required by law (such as in the state of Texas), relevant Shademont entities are registered as data brokers.

You can learn more about how to opt out in the section “Your Rights.”

Retention of Personal Information

We retain personal information only as long as needed to:

  • Fulfil the purpose for which it was collected,
  • Meet regulatory, accounting, or reporting obligations,
  • Comply with internal governance policies, or
  • Establish or defend legal claims.

Security of Personal Information

We implement a layered security framework to protect your information, which may include:

  • Employee training on privacy, phishing, and cybersecurity awareness.
  • Strong access controls and administrative safeguards.
  • Encryption (including SSL), firewalls, and anti-virus protections.
  • Physical access controls at our premises.
  • Vendor due diligence, audits, and independent security reviews.
  • Disaster recovery and business continuity measures.
  • Real-time monitoring for threats and data loss prevention.

Please note that data transmitted over the internet (including via email) carries inherent risks, and while we work to secure it, absolute protection during transmission cannot be guaranteed.

Your Rights

Depending on applicable law, you may have the right to:

  • Access: Obtain details of the information we hold about you.
  • Object: Challenge processing based on legitimate interests or direct marketing.
  • Opt Out: Decline the sale or sharing of your information, including for targeted advertising.
  • Withdraw Consent: Revoke previously given consent at any time.
  • Correct: Request corrections or updates to inaccurate or incomplete data.
  • Erase: Request deletion of data where no valid reason for retention exists.
  • Restrict: Limit how your data is used in certain circumstances.
  • Portability: Request your data in a structured, machine-readable format.
  • Avoid Automated Decisions: Request human review of automated decisions that may significantly affect you.

To exercise these rights, please contact us at nasser@shademont.com or use the details provided in the “Contacting Us” section.

We may verify your identity before processing your request to prevent unauthorized disclosure. In some cases, additional information may be required to help locate the relevant records.

We will respond within the timeframes required by law. Authorized agents may act on your behalf if legally appointed, provided we receive sufficient proof of authorization.

In some jurisdictions, you may choose to have an authorized representative submit a privacy request on your behalf. This authorization may be granted in writing or through a valid power of attorney. To ensure the protection of your information, we will request supporting documentation from the representative and may also ask you to verify your identity directly.

Exercising your privacy rights will not place you at any disadvantage. Shademont is committed to ensuring that your rights are respected and handled fairly.

Where required by U.S. privacy laws, certain Shademont entities publish statistics on how requests related to individual privacy rights are managed. These transparency metrics are provided below:

Request Category Total Requests Received Requests Fulfilled (Full or Partial) Requests Denied Median Response Time (Days) Average Response Time (Days)
Deletion of personal information 0 0 0 0 0
Access or review of personal information 0 0 0 0 0
Disclosure of what personal information was sold or shared, and to whom 0 0 0 0 0
Opt-out of sale or sharing of personal information 0 0 0 0 0
Restriction on the use or disclosure of sensitive personal information 0 0 0 0 0

Contacting Us

Shademont’s Privacy and Data Protection Officer is responsible for ensuring compliance with applicable privacy and data protection standards. If you wish to exercise your rights or have any questions about this notice, you may reach us at:

Privacy and Data Protection Officer
Shademont Consultancy
Dubai,
Email: nasser@shademont.com

Complaints

If you have concerns about how your personal information is being handled, please contact our Privacy and Data Protection Officer at privacy@shademont.com. In addition, depending on your location, you may have the right to lodge a complaint with the data protection authority or other regulatory body in your country of residence, workplace, or where you believe a privacy issue has occurred.

In jurisdictions that provide an appeal process, you may also request a review of our decision regarding your rights request if you believe it was not adequately addressed. To do so, please email privacy@shademont.com with the subject line “Appeal.”

Cookie Notice

For information on how we use cookies, please refer to our Cookie Notice.

Linked Websites

This Privacy Notice applies solely to Shademont’s websites. It does not extend to third-party websites we do not own or control, including sites where Shademont content or advertisements may appear.

Updates to This Privacy Notice

We may update or revise this Privacy Notice from time to time. Any significant changes will be communicated through appropriate channels, and we encourage you to review this page periodically to stay informed about how we protect your information.