What personal data does Sphere IT Global collect?

We collect personal data including your name, email address, phone number, and any messages you submit through our contact forms. We also collect usage data such as IP address, browser type, and pages visited.

How does Sphere IT Global use my personal data?

We use your personal data to respond to your inquiries, provide information about our IT solutions and services, and improve our customer service quality. Your information is never sold or shared for marketing purposes.

How long does Sphere IT Global retain my data?

We retain personal data only for as long as necessary to respond to your inquiry or fulfill the purpose for which it was collected. After that period, your data is securely deleted or anonymized.

What are my rights regarding my personal data?

You have the right to request access to your personal data, request correction or deletion of your data, and withdraw consent for data processing at any time. Contact us at info@sphereitglobal.com to exercise these rights.

Does Sphere IT Global use cookies?

Yes, we use cookies to enable basic website functionality and analyze website performance. These cookies do not collect personal data or track your identity. You can disable cookies in your browser settings.

Data Protection Policy - Sphere IT Global

Aim of the Data Protection Policy

Sphere IT Consultants DWC-LLC (Sphere IT) acknowledges that information technology must serve individuals, protect privacy, and uphold the principles of human dignity and fundamental rights. Our Data Protection Policy aligns with the UAE Personal Data Protection Law (PDPL) and reflects internationally recognized best practices for the protection of personal data.

Data protection forms the foundation of trust between Sphere IT and its clients, partners, suppliers, employees, and other stakeholders. This policy aims to ensure that Sphere IT maintains a consistent and lawful approach to handling personal data across its operations.

Scope

This policy applies to all entities, operations, and personnel of Sphere IT Consultants DWC-LLC (Sphere IT), including:

Employees, contractors, and governance members
Implementing partners, vendors, suppliers, and service providers
All personal data processed in digital or physical form

Definitions and Covered Data Sets

This policy applies to all personal data managed or processed by Sphere IT, including but not limited to:

Employee records (national/international staff, interns, volunteers)
Customer and client data (individuals, organizations)
Beneficiaries of services
Contractors, suppliers, and partners

Personal data includes, but is not limited to:

Name, address, phone number, email, Bank details
Passport, ID details
Biometric data (e.g., fingerprints)
Employment or contractual information
Geo-location data

Processing includes collection, storage, access, transfer, analysis, and deletion.

Compliance with UAE National Law

Sphere IT is headquartered in the UAE and strictly follows the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data. Where stricter internal standards apply, Sphere IT may implement additional safeguards.

In any event where national legal obligations conflict with internal policy, legal obligations under UAE PDPL shall prevail.

Principles for Processing Personal Data

Sphere IT adheres to key principles outlined in the UAE PDPL when handling personal data. All personal data is processed lawfully and fairly, ensuring that individuals’ rights are protected and their information is handled with integrity and transparency. Data is collected for specific, clear, and legitimate purposes and not used in ways that conflict with those original purposes. We ensure that only the minimum amount of personal data necessary is collected and retained, and we take all reasonable steps to ensure the data is accurate and kept up to date. Data is stored only for as long as needed to fulfil its intended purpose, and strong security controls are implemented to protect it from unauthorized access or loss. Finally, we are committed to transparency, ensuring individuals are informed about how their data is used and protected.

Data Security and Confidentiality

Access to personal data is restricted to authorized personnel based on role and necessity.
Data is encrypted during storage and transmission.
Staff members receive training in data confidentiality and are bound by confidentiality agreements.
Security incidents and access to sensitive data are logged and reviewed regularly.

Data Subject Rights

Right to access personal data held by Sphere IT.
Right to request correction of inaccurate or outdated information.
Right to request deletion of data under applicable legal conditions.
Right to restrict or object to certain types of data processing.
All rights requests must be made in writing and are subject to identity verification.

Retention and Deletion

Personal data is retained only for as long as necessary to fulfil its purpose or meet legal obligations. Once expired, data is securely deleted unless justified by historical, statistical, or legal grounds.

Data Transfers

Data is transferred outside the UAE only to jurisdictions with adequate data protection or under contractual safeguards.
Transfers require prior consent from the data subject unless legally justified.
Transfers are recorded and reviewed for compliance.

Telecommunications, Email, and Internet Use

Company-provided communication tools are for official use. Any monitoring will be limited to protecting IT infrastructure and require justified suspicion. Data is evaluated only in documented and authorized cases.

Subject Access Requests (SARs)

SARs may be submitted by individuals wishing to review, correct, or delete their personal data.
Requests are handled by authorized personnel following identity verification.
Sphere IT maintains logs of SARs and responds within the timeframes set by UAE PDPL.

Breach Reporting and Sanctions

All staff and third parties must report suspected data breaches immediately.
Investigations will be conducted and documented.
Sanctions for violations may include disciplinary action, termination, or legal reporting.

Security of Processing

Sphere IT uses up-to-date technical and organizational measures to ensure data security.
Risk assessments are conducted before deploying new processing systems.
Security policies are reviewed periodically and adapted to evolving threats.

Review and Audit

This policy is reviewed annually. Regular internal audits are conducted to ensure compliance with PDPL and internal standards. External audits may be conducted when required.

Communication

For any clarification or request, the user can contact LPR by emailing: Info-SecSphereIT@sphereitglobal.com

Aim of the Data Protection Policy

Scope

This policy applies to all entities, operations, and personnel of Sphere IT Consultants DWC-LLC (Sphere IT), including:

Employees, contractors, and governance members
Implementing partners, vendors, suppliers, and service providers
All personal data processed in digital or physical form

Definitions and Covered Data Sets

This policy applies to all personal data managed or processed by Sphere IT, including but not limited to:

Employee records (national/international staff, interns, volunteers)
Customer and client data (individuals, organizations)
Beneficiaries of services
Contractors, suppliers, and partners

Personal data includes, but is not limited to:

Name, address, phone number, email, Bank details
Passport, ID details
Biometric data (e.g., fingerprints)
Employment or contractual information
Geo-location data

Processing includes collection, storage, access, transfer, analysis, and deletion.

Access to personal data is restricted to authorized personnel based on role and necessity.
Data is encrypted during storage and transmission.
Staff members receive training in data confidentiality and are bound by confidentiality agreements.
Security incidents and access to sensitive data are logged and reviewed regularly.

Data Subject Rights

Right to access personal data held by Sphere IT.
Right to request correction of inaccurate or outdated information.
Right to request deletion of data under applicable legal conditions.
Right to restrict or object to certain types of data processing.
All rights requests must be made in writing and are subject to identity verification.

Retention and Deletion

Data Transfers

Data is transferred outside the UAE only to jurisdictions with adequate data protection or under contractual safeguards.
Transfers require prior consent from the data subject unless legally justified.
Transfers are recorded and reviewed for compliance.

Telecommunications, Email, and Internet Use

Subject Access Requests (SARs)

SARs may be submitted by individuals wishing to review, correct, or delete their personal data.
Requests are handled by authorized personnel following identity verification.
Sphere IT maintains logs of SARs and responds within the timeframes set by UAE PDPL.

Breach Reporting and Sanctions

All staff and third parties must report suspected data breaches immediately.
Investigations will be conducted and documented.
Sanctions for violations may include disciplinary action, termination, or legal reporting.

Security of Processing

Sphere IT uses up-to-date technical and organizational measures to ensure data security.
Risk assessments are conducted before deploying new processing systems.
Security policies are reviewed periodically and adapted to evolving threats.

Review and Audit

This policy is reviewed annually. Regular internal audits are conducted to ensure compliance with PDPL and internal standards. External audits may be conducted when required.

Communication

For any clarification or request, the user can contact LPR by emailing: Info-SecSphereIT@sphereitglobal.com

Data protection policy

Aim of the Data Protection Policy

Scope

Definitions and Covered Data Sets

Compliance with UAE National Law

Principles for Processing Personal Data

Data Security and Confidentiality

Data Subject Rights

Retention and Deletion

Data Transfers

Telecommunications, Email, and Internet Use

Subject Access Requests (SARs)

Breach Reporting and Sanctions

Security of Processing

Review and Audit

Communication

Let's build your next IT success story together.

Data protection policy

Aim of the Data Protection Policy

Scope

Definitions and Covered Data Sets

Compliance with UAE National Law

Principles for Processing Personal Data

Data Security and Confidentiality

Data Subject Rights

Retention and Deletion

Data Transfers

Telecommunications, Email, and Internet Use

Subject Access Requests (SARs)

Breach Reporting and Sanctions

Security of Processing

Review and Audit

Communication

Let's build your next IT success story together.