Privacy Policy

Welcome to TWIG (TWIG), operated by “TWIG Solutions Ltd.” registered under registration number CL4484, having its address at Unit 201, Level 1 – Gate Avenue, South Zone, Dubai International Financial Centre, United Arab Emirates.

Your privacy is important to us. This online privacy policy (Privacy Policy) explains how we collect, share, use, and protect information when You use Our mobile application (App) and website (Website, and collectively the App and Website are referred to Products) or use of Our online services (Services).

As part of its commitment to privacy, TWIG respects all rules and provisions stated in the DIFC New Data Protection Law (DIFC Law).

This Privacy Policy should be read in conjunction with TWIG’s Terms of Use (Terms). All defined terms used in this Privacy Policy shall have the same meaning ascribed to them in the Terms, unless expressly otherwise provided for.

We reserve the right to revise this Privacy Policy at any time. If We change the Privacy Policy, we’ll provide notice by posting the new Privacy Policy here and changing the date on the top

1- Type of Personal Data We Collect.

When You visit the Website or use Our Services, We may collect personal information from or about You. In particular, We collect information You provide when you: (a) fill in any registration form to use Our Products, (b) register to use the App, (c) open an account or use any of Our Services, or (d) contact Us for any other reason. We may collect Your personal information that You have left with Us by visiting Our Website, or subscribing to Our Services, or attending an event, or any other medium linked to Us (Personal Data). The Personal Data may include, but is not limited to, the following: (a) Your first name and Your family name, (b) Your email address, (c) Your mobile number, (d) Your passport (e) your Government issued ID, (f) Your address and other registration information including but not limited to Your bank account information including the name of the financial institution, account name, account type, account ownership, IBAN number, Your Swift Code and financial transactions.

TWIG, uses OAuth2 and OpenID connect to identify, verify and protect the Products and Users against fraud.

Unregistered users: If you are a passive user of the App and do not register for any services, you may still be subject to certain passive data collection (Passive Data Collection). Such Passive Data Collection may include through cookies, as described below, IP address information, location information, and certain browser data, such as history and/or session information.

2- Cookies and Similar Technologies.

  1. Like most online services and websites, We may use Cookies and other technologies, such as web beacons, web storage, and unique advertising identifiers, to collect information about Your activity, browser, and device.
  2. A browser cookie is a small piece of data that is stored on Your device to help websites remember things about you. Other technologies, including web storage and identifiers associated with Your device, may be used for similar purposes. In this Privacy Policy, We use Cookies (Cookies) to refer to all of these technologies.
  3. We may also use these Cookies to collect information when You interact with the services We offer through Our partners, such as advertising and commerce features. Most web browsers are set to accept Cookies by default. You can choose to remove or reject browser Cookies through the settings on Your browser or device. Keep in mind, though, that removing or rejecting Cookies could affect the availability and functionality of Our Services.
  4. Like most providers of online services, TWIG uses Cookies for a number of reasons, such as protecting Your data, helping Us see which features are most popular, counting visitors to a page, improving Our users’ experience, keeping Our Services secure, and generally providing You with a better, more intuitive, and satisfying experience. The Cookies We use generally fall into one of the following categories: (i) preferences: We use these Cookies to remember Your settings and preferences (For example: language); (ii) security: We use these Cookies to help identify and prevent security risks (For example: to store Your session information to prevent others from changing Your password without Your username and password); (iii) performance: We use these Cookies to collect information about how You interact with Our Services and to help Us improve them (For example: to determine if You have interacted with a certain page); (iv) analytics: We use these Cookies to help Us improve Our Services (For example: to learn more about which features are the most popular with Our users and which ones might need some tweaks); and, (v) advertising: We use these Cookies to deliver advertisements, to make them more relevant and meaningful to consumers, and to track the efficiency of Our advertising campaigns, both on Our Services and on other websites.

3- Why do we collect your information?

We collect your information in order to:

  1. provide you with information and services that you request from Us;
  2. allow You to register for TWIG Services;
  3. register and maintain Your TWIG account. When you sign up to use our app, We will use the details provided on Your account registration form to create and administer Your account;
  4. provide You with access to the TWIG site and App in a manner convenient and optimal for You and with personalized content relevant to You, including enabling you to create a profile;
  5. connect You with third party financial services providers at Your request;
  6. allow You to participate in interactive features of Our app when You choose to do so;
  7. provide You with email marketing information about other services or products We offer that are similar to those that You have already requested or purchased, or about the services or products You have consented to receiving email marketing about;
  8. manage Our relationship with You, including notifying You about changes to Our services and/or products;
  9. provide customer support;
  10. gather information and insights on how users are using Our service in order to deliver improvements and new features;
  11. administer Our site and app and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  12. deliver (whether directly or indirectly via third parties) effective and personalized marketing material and content of TWIG and where you have consented and to assist us in the improvement and optimization of advertising, marketing material and content, our services and the sites; and
  13. comply with Our legal obligations, policies, and procedures.

4- Use of Personal Data.

We use the information discussed above in a number of ways, such as: (a) processing applications and transactions, (b) verifying Your identity (such as when You access Your account information), (c) preventing fraud and enhancing the security of Your account or Our Services, (d) responding to Your requests and communicating with you, (e) managing Your preferences, (f) performing analytics concerning Your use of Our Services, including Your responses to Our emails and the pages and advertisements You view, (g) providing You tailored content and marketing messages, (h) operating, evaluating and improving Our business (including developing new products and services; improving existing products and services; performing data analytics; and performing accounting, auditing and other internal functions), (i) to send You information about Our Services, or promotional marketing communication, (j) to administer Your account, or to service Your account, or to contact You when necessary, (k) complying with and enforcing applicable legal requirements, relevant industry standards, contractual obligations and Our policies and (l) for any other purposes that We may specifically disclose at the time You provide or We collect Your information.

We may also use data that We collect on an aggregate or anonymous basis (such that it does not identify any individual customers) for various business purposes, where permissible under applicable laws and regulations.

If You no longer wish to receive any communications from TWIG, you can opt out by following the instructions contained in the e-mails You receive or by contacting Us at [email protected].

5- Sharing of Your Information.

We will not rent or sell Your information to third parties outside TWIG without Your consent, except as noted in this Privacy Policy.

Parties with whom We may share Your information:

  1. With Our corporate entities including any holding company, group company and subsidiary (Group Company): We may share information with entities within TWIG family companies.
  2. With third parties: We may share Your information with the following third parties: (i) with service providers and partners. We may share information about You with service providers who perform services on Our behalf and business partners that provide services and functionality; (ii) with third parties for legal reasons. We may share information about You if We reasonably believe that disclosing the information is needed to: (1) comply with any valid legal process, governmental request, or applicable law, rule, or regulation; (2) investigate, remedy, or enforce potential violations of the terms and conditions; (3) protect the rights, property, and safety of us, our users, or others; (4) detect and resolve any fraud or security concerns.
  3. With third parties as part of a merger or acquisition. If TWIG gets involved in a merger, asset sale, financing, liquidation or bankruptcy, or acquisition of all or some portion of Our business to another company, We may share Your information with that company before and after the transaction closes.
  4. third party financial service providers including but not limited to Our regulated third party open banking provider “Lean Technologies” and regulators partnered bank.
  5. other users in your jurisdiction when You post a comment on our app.
  6. Our professional advisors (including without limitation tax, legal or other corporate advisors who provide professional services to us).
  7. third parties that You approve (including without limitation, social media sites, and third-party payment providers), such as Facebook, Instagram, YouTube and Twitter.
  8. Our regulators, law enforcement or fraud prevention agencies, as well as Our legal advisers, courts, the police, and any other authorized bodies, for the purposes of investigating any actual or suspected criminal activity or other regulatory or legal matters including but not limited to: Government authorities.
  9. tax bodies or agencies to comply with Our legal and regulatory obligations.

Responding to legal requests and preventing harm:

We may access, preserve and share Your information in response to a legal request if We have a good faith belief that the law requires Us to do so. This may include responding to legal requests from jurisdictions outside of the United Arab Emirates where We have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when We have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, You and others, including as part of investigations; and to prevent death or imminent bodily harm. Information We receive about You may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of Our terms or policies, or otherwise to prevent harm.

6- Storage and Processing.

Your information collected through the Services may be stored and processed in any country in which TWIG and any Group Company maintain facilities.

We will retain Your information in accordance with Our internal records retention and management policies and procedures, including as necessary to provide You with the Services or administer Your TWIG account, or as long as necessary to comply with Our legal obligations, resolve disputes, reserve Our legal rights, and enforce Our agreements.

We aim to collect only what We need, keep it up-to-date and remove it when We no longer need it. We will only retain your Personal Data for so long as we reasonably need to offer You Our Products and Services unless a longer retention period is required by law (for example for regulatory purposes).

We take reasonable steps to ensure that the personal information We process is limited to what We require in connection with the purposes set out in this Privacy Policy; it is accurate and, where necessary, kept up to date; and it is erased or rectified without delay if it is inaccurate. From time to time, We may ask You to confirm the accuracy of Your personal information.

TWIG, its Group Company, or service providers may transfer information that We collect about you, including personal information across borders and from Your country or jurisdiction to other countries or jurisdictions around the world. We endeavor to ensure that people to whom we provide Personal Data hold it subject to appropriate safeguards and controls.

We use commercially reasonable safeguards to help keep the information collected through the Services secure and take reasonable steps (such as requesting a One Time Password (OTP) connected to Your registered mobile number to verify Your identity before granting You access to Your account). However, TWIG cannot ensure the security of any information You transmit to TWIG or guarantee that information on the Services may not be accessed, disclosed, altered, or destroyed.

We will retain copies in a form that permits identification for as long as We deem necessary in connection with the purposes set out in this Privacy Policy, unless applicable law requires a longer retention period. In particular, We will retain personal information for as long as it is needed to establish, exercise or defend any legal rights.

Please do Your part to help us. You are responsible for maintaining the secrecy of Your account information, and for controlling access to emails between You and TWIG, at all times

7- Other Websites and Services.

We are not responsible for the practices employed by any websites or services linked to or from Our Services, including the information or content contained within them. Please remember that when You use a link to go from Our Services to another website or service, Our Privacy Policy does not apply to those third-party websites or services. Your browsing and interaction on any third-party website or service, including those that have a link on Our website, are subject to that third party's own rules and policies. In addition, You agree that We are not responsible and do not have control over any third-parties that You authorize to access Your account. If You are using a third-party website or service and You allow them to access Your TWIG account, You do so at Your own risk.

8- Your rights related to your Personal Data.

7.1. According to the DIFC Law, you have the right to:

  • Request access to your Personal Data. This enables you to receive a copy, upon your request, of the Personal Data we hold about you and to check that we are lawfully processing it.
  • Request correction of the Personal Data that we hold about you. Upon your request, this enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no legal requirement for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing.
  • Object to processing of your Personal Data. This right exists where we are relying on a Legitimate Interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing on this ground.
  • Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your Personal Data. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Consent Withdrawal. This right only exists where we are relying on consent to process your Personal Data. If you withdraw your consent, we may not be able to provide you with access to the certain specific functionalities of our Platform. We will advise you if this is the case at the time you withdraw your consent.

7.2. How to exercise your rights:


If you want to exercise any of the rights described above, please contact us using the contact details shown in clause 11 below. Typically, you will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, except in relation to Consent Withdrawal, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or, we may refuse to comply with your request in these circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

9- Children Privacy.

TWIG does not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow such persons to register for the Services. The Services and its content are not directed at children under the age of 18.

10- Confidentiality and Security of Personal Data.

Except as otherwise provided in this Privacy Policy We will keep Your Personal Data private and will not share it with third parties, unless such disclosure is necessary to:

  • Comply with a court order or other legal process; or
  • Protect Our rights or property.

TWIG offers You different security layers such as Biometrics, Two Factor Authentications, and One Time Passwords and maintain a secure server infrastructure that protects Your Personal Data.

We, at TWIG, are guided by top security standards such as The Open Web Application Security Project to improve the security of Our Products and APIs, every three to four years, OWASP revises and publishes its list of the top 10 web application vulnerabilities. The list includes but is not limited to the OWASP top ten threats but also the potential impact of each vulnerability and how to avoid them.

Should You wish to retrieve Your Personal Data, please get in touch by emailing Us on [email protected].

11- Limitation to Our Privacy Policy.

Our Website might contain links to other websites. We are not responsible for the privacy practices or the content of such websites. Please understand that any information that is disclosed in these areas becomes subject to the privacy policies and practices of those sites. We have no control over its use and You should exercise caution when deciding to disclose Your Personal Data.

12- Data Protection Officer (DPO) Contact.

We have appointed a DPO to oversee Our data privacy and protection practice. If You have any questions or concerns about this policy or Our privacy practice, You may contact them directly at: [email protected].

13- How to Contact Us.

If You have any questions about this Privacy Policy or the Services, You may contact Us through the following email address [email protected].