Privacy Policy

Please read this Privacy Policy (hereinafter referred to as this Policy) carefully before using this website (

The protection of privacy and the safeguarding of your personal information including Personal Data is our highest priority. We respect your privacy rights and are strongly committed to protecting your privacy. In this Policy “we”, “us” and “our” means GTN Group Holding Ltd. [GTN] and “you”, “your”, “the user” means the individual or an authorised representative of a legal entity who accesses or uses this Site from anywhere in the world. In the course of providing financial Products and Services, we collect and maintain certain Personal Data when you use our Site, in order to enter into a transaction or open an account with us.

This Policy explains how we collect and protect your Personal Data. We ensure that any Personal Data obtained from you is not used or disclosed unless we have obtained your consent for such disclosure. By opening an account or by using our Site, you give your consent to the collection, use and the disclosure of Personal Data by us in accordance with this Policy and other agreements (if any) you have entered with GTN.


  • Definitions

    means a legal entity that controls, is controlled by or is under common control with another legal entity, but only while that control relationship exists. To “control” means the direct or indirect ownership or power to control more than 50% of the issued shares or other securities of an entity or of the voting rights attached to the issued shares or other securities of such entity; or the power to control, directly or indirectly, the appointment of more than 50% of any board of directors or governing body of such entity.

    means any person who alone or jointly with others determines the purposes and means of the Processing of Personal Data.

    Data Subject
    means an identified or identifiable natural person to whom Personal Data relates.DPL
    means the Data Protection Law No. 5 of 2020 of the DIFC

    Personal Data
    means any information referring to an identified or identifiable natural person” i.e. a Data Subject.

    means the entity/any person that processes Personal Data on behalf of a Controller.

    means the financial products made available to you by GTN and/ or its Affiliates.

    means the services made available to you through our Site.


  • Collection of personal data

    We collect your Personal Data through our Site when you log in to the Site. You may also provide Personal Data to us when you subscribe to any Products or Services or when you fill in account opening applications (whether written or electronic) or when we conduct Know Your Client (‘KYC’) and Customer Due Diligence checks upon you or when you provide Personal Data in any other form.

    Personal Data we collect may include information required to communicate with you and would generally consist of the following information:​

    • Your name,

    • Mailing address,

    • Telephone number,

    • E-mail address

    • Identification information (passport, identity card or other form of Identification information),

    • Demographic information,

    • Birth date,

    • Education,

    • Occupation,

    • Work Experience,

    • Information about your intended transactions with us and other related information,

    • Information about transactions you enter into through our Site in order to assess your trading experience,

    • Your approximate annual income and approximate net worth to assess your financial position and suitability for entering into transactions with us,

    • Bank details or details of your investments with other financial services providers


  • Purpose of collecting personal data

    We may use the information collected from you for the following purposes:

    • To establish and verify your identity and contact information,
    • To establish and set up your trading account,
    • Issue an account number and a secure password,
    • To monitor your account activity and contact you with account information,
    • To personalise and continually improve the Services,
    • To customise your browsing experience and inform you about additional Products, Services or promotions that may be of interest to you.
  • How long we keep your Personal Data

    We keep your Personal Data only so long as we need it to provide services to you and fulfill the purposes described in this policy. This is also the case for anyone with whom we share your information and who carries out services on our behalf.

    We may also retain your Personal Data after the closure of the account or if your application is declined or abandoned for as long as we require in order to comply with legal and regulatory requirements and for our legitimate business purposes. We will ordinarily retain your information for six (6) years or as otherwise required by the Dubai International Financial Center (‘the DIFC’) and the Dubai Financial Services Authority (‘the DFSA’) Law, Rules and Regulations.


  • Disclosure of Personal Data

    We may share your Personal Data with our Affiliates and third parties for the purposes of providing you with Products and Services. For example, we may share your Personal Data in order to process transactions for your account, execute your trades on an exchange, and manage and administer your account or we may share your Personal Data with any of our service providers as required by them enabling them to provide their services to you. Furthermore, these service providers may only use your Personal Data in accordance with our mandate.

    Our Affiliates will deal with your Personal Data in the same way as described in this privacy statement. GTN may disclose the information to GTN’s agents, counterparties such as bankers, custodians, broker-dealers, exchanges, and sub- contractors as necessary in order to provide the Services to you.

    We may be obliged to disclose your Personal Data in certain circumstances for legal or regulatory reasons, including but not limited to instances where we are required to disclose the information in accordance with the laws and regulations of the DIFC and the DFSA or any other applicable regulations.

    We may also disclose your Personal Data as necessary to perform credit checks, collect debts, enforce our legal rights or protect our interests and property.


  • Data Security, Safety of Personal Data

    We have taken appropriate steps to ensure the security of any Personal Data that we collect and held by us, including limiting the number of people who have physical or network access to our database servers.

    A secure http/ communication channel ensures the security of data communications made through our Site. Your Personal Data is protected during transmission by using Secure Sockets Layer (SSL) software, which encrypts Personal Data transmitted to us. Furthermore, a 128-bit key, the most secure form of commercially available encryption, is used to ensure the security of your transactions. We also provide you with a unique username and password to access your account information online. You are responsible for keeping this password confidential.

    Transmission of information via the internet is not completely secure. Although, we have implemented systems and processes to protect your Personal Information, no data transmission over the Internet can be guaranteed to be completely secure. Accordingly, transmission of data should be done at your own risk.

    We assume no responsibility for loss of whatever nature, howsoever arising and/or resulting from computer viruses, trojans, worms or equivalent or similar items which are beyond our control.


  • Data Subject rights under DPL

    We are committed to fulfilling our obligations concerning the exercise of your rights under DPL as a Controller or sometimes as a Processor. As a Data Subject, you will have the following rights under DPL):

    • The right to request access to personal data or restriction of processing or to object to processing and rectification.

    • The Right to erasure (i.e. the right to be forgotten): means that the Data Subject has the right to erasure of his/her personal data without undue delay, as well as the cease of further data dissemination. To the extent that it is required by the regulatory bodies or under the applicable laws, we may continue to store the personal data despite Account Holder/ Client’s request to erasure.

    • The right to data portability – i.e. the Data Subject has the right to receive their personal data from the Controller and the right to transmit that data to another Controller where technically feasible.

    • The right to lodge a complaint with the Commissioner of Data Protection, of the Dubai International Financial Center.

  • Processing, Storage and transfer of Personal Data

    We will take all steps reasonably necessary to ensure your Personal Data is processed in accordance with the DP Law, other applicable laws and this Policy. By submitting your Personal Data, you agree to such transfer, storing or processing in accordance with this Privacy Policy. You agree that we have the right to transfer the Personal Data and process and store it in the DIFC and if required with processors in other countries, some of which may have less protective privacy laws than those of DIFC. In the event of such transfer in accordance with the provisions under DPL, we will take appropriate security measures to protect your Personal Data in accordance with this Policy. GTN is ISO 27001 certified and all information security policies are strictly enforced.


  • Rights under General Data Protection Regulations (GDPR)

    If you are a Data Subject in a European Union country, subject to the other terms already specified in this policy, we are committed to fulfilling our obligations concerning the exercise of your rights under GDPR as a Data Controller or sometimes as a Data Processor as applicable.


  • Use of cookies

    Cookies are small text files sent from the web server to your computer. We use cookies to assist us in securing your trading activities and to enhance the performance of our site. Cookies used by us do not contain any Personal Data nor do they contain account or password information. We do not control or take any responsibility for the use of cookies by third parties in the other third-party websites linked to our site.


  • Calls

    We may record and monitor any telephone calls made to us or received by us to maintain our service standards, to check instructions, for compliance purposes and otherwise for your protection and ours.


  • Links to other websites

    Our Site may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other websites.

    If the use of the websites of other third parties/service providers is associated with the collecting, processing and use of Personal Data, please refer to the data protection notes of the respective third-party websites.


  • Modifications

    We reserve the right to change this Policy at any-time by posting revisions on this site. Such changes will be effective upon posting. We advise you to check our site frequently to review any changes to this Policy.


  • Contact Point for Data Protection enquiries or exercising Data Subject Rights

    If you have any queries about this Privacy Policy or Data Protection provisions or need to change and modify any information previously provided to us, please contact the DPO via email or phone;

                                                    Name of DPO: Mr Mevan Balalle
                                                    Email address:
                                                    Contact Number: +971 50 199 5582


  • Notification of Personal Data Breaches

    We will notify you as soon as practicable in the circumstances, when a Personal Data Breach is likely to result in a high risk to your security or your rights. We shall promptly communicate with you if there is an immediate risk of damage to you.


  • Governing Law and Jurisdiction

    Parties agree that the Governing Law of this Policy or other agreements entered with GTN is the DIFC law and the Parties submit to the jurisdiction of the DIFC courts, in Dubai, U.A.E.