Welcome to TWIG (TWIG), operated by “TWIG Solutions Ltd.” registered under registration number CL4484, having its address at Unit 201, Level 1 – Gate Avenue, South Zone, Dubai International Financial Centre, United Arab Emirates.
As part of its commitment to privacy, TWIG respects all rules and provisions stated in the DIFC New Data Protection Law (DIFC Law).
When You visit the Website or use Our Services, We may collect personal information from or about You. In particular, We collect information You provide when you: (a) fill in any registration form to use Our Products, (b) register to use the App, (c) open an account or use any of Our Services, or (d) contact Us for any other reason. We may collect Your personal information that You have left with Us by visiting Our Website, or subscribing to Our Services, or attending an event, or any other medium linked to Us (Personal Data). The Personal Data may include, but is not limited to, the following: (a) Your first name and Your family name, (b) Your email address, (c) Your mobile number, (d) Your passport (e) your Government issued ID, (f) Your address and other registration information including but not limited to Your bank account information including the name of the financial institution, account name, account type, account ownership, IBAN number, Your Swift Code and financial transactions.
TWIG, uses OAuth2 and OpenID connect to identify, verify and protect the Products and Users against fraud.
Unregistered users: If you are a passive user of the App and do not register for any services, you may still be subject to certain passive data collection (Passive Data Collection). Such Passive Data Collection may include through cookies, as described below, IP address information, location information, and certain browser data, such as history and/or session information.
We collect your information in order to:
We use the information discussed above in a number of ways, such as: (a) processing applications and transactions, (b) verifying Your identity (such as when You access Your account information), (c) preventing fraud and enhancing the security of Your account or Our Services, (d) responding to Your requests and communicating with you, (e) managing Your preferences, (f) performing analytics concerning Your use of Our Services, including Your responses to Our emails and the pages and advertisements You view, (g) providing You tailored content and marketing messages, (h) operating, evaluating and improving Our business (including developing new products and services; improving existing products and services; performing data analytics; and performing accounting, auditing and other internal functions), (i) to send You information about Our Services, or promotional marketing communication, (j) to administer Your account, or to service Your account, or to contact You when necessary, (k) complying with and enforcing applicable legal requirements, relevant industry standards, contractual obligations and Our policies and (l) for any other purposes that We may specifically disclose at the time You provide or We collect Your information.
We may also use data that We collect on an aggregate or anonymous basis (such that it does not identify any individual customers) for various business purposes, where permissible under applicable laws and regulations.
If You no longer wish to receive any communications from TWIG, you can opt out by following the instructions contained in the e-mails You receive or by contacting Us at [email protected].
Parties with whom We may share Your information:
Responding to legal requests and preventing harm:
We may access, preserve and share Your information in response to a legal request if We have a good faith belief that the law requires Us to do so. This may include responding to legal requests from jurisdictions outside of the United Arab Emirates where We have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when We have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, You and others, including as part of investigations; and to prevent death or imminent bodily harm. Information We receive about You may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of Our terms or policies, or otherwise to prevent harm.
Your information collected through the Services may be stored and processed in any country in which TWIG and any Group Company maintain facilities.
We will retain Your information in accordance with Our internal records retention and management policies and procedures, including as necessary to provide You with the Services or administer Your TWIG account, or as long as necessary to comply with Our legal obligations, resolve disputes, reserve Our legal rights, and enforce Our agreements.
We aim to collect only what We need, keep it up-to-date and remove it when We no longer need it. We will only retain your Personal Data for so long as we reasonably need to offer You Our Products and Services unless a longer retention period is required by law (for example for regulatory purposes).
TWIG, its Group Company, or service providers may transfer information that We collect about you, including personal information across borders and from Your country or jurisdiction to other countries or jurisdictions around the world. We endeavor to ensure that people to whom we provide Personal Data hold it subject to appropriate safeguards and controls.
We use commercially reasonable safeguards to help keep the information collected through the Services secure and take reasonable steps (such as requesting a One Time Password (OTP) connected to Your registered mobile number to verify Your identity before granting You access to Your account). However, TWIG cannot ensure the security of any information You transmit to TWIG or guarantee that information on the Services may not be accessed, disclosed, altered, or destroyed.
Please do Your part to help us. You are responsible for maintaining the secrecy of Your account information, and for controlling access to emails between You and TWIG, at all times
7.1. According to the DIFC Law, you have the right to:
7.2. How to exercise your rights:
If you want to exercise any of the rights described above, please contact us using the contact details shown in clause 11 below. Typically, you will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, except in relation to Consent Withdrawal, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or, we may refuse to comply with your request in these circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
TWIG does not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow such persons to register for the Services. The Services and its content are not directed at children under the age of 18.
TWIG offers You different security layers such as Biometrics, Two Factor Authentications, and One Time Passwords and maintain a secure server infrastructure that protects Your Personal Data.
We, at TWIG, are guided by top security standards such as The Open Web Application Security Project to improve the security of Our Products and APIs, every three to four years, OWASP revises and publishes its list of the top 10 web application vulnerabilities. The list includes but is not limited to the OWASP top ten threats but also the potential impact of each vulnerability and how to avoid them.
Should You wish to retrieve Your Personal Data, please get in touch by emailing Us on [email protected].
Our Website might contain links to other websites. We are not responsible for the privacy practices or the content of such websites. Please understand that any information that is disclosed in these areas becomes subject to the privacy policies and practices of those sites. We have no control over its use and You should exercise caution when deciding to disclose Your Personal Data.
We have appointed a DPO to oversee Our data privacy and protection practice. If You have any questions or concerns about this policy or Our privacy practice, You may contact them directly at: [email protected].