Privacy Policy
Arkaan Advisory operates under a mandate of absolute discretion. This policy outlines our rigorous data hygiene and confidentiality standards.
Current Version
Effective Date: January 2026
Our Commitment to Discretion
Arkaan Advisory ("the Firm," "we," "us") operates under a mandate of absolute discretion. This policy outlines our rigorous data hygiene and confidentiality standards for all professional engagements, institutional mandates, and digital interactions.
1. Statement of Consent
We use your data to provide and refine the quality of our Advisory Services (the "Service"). By engaging with our platforms or services, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used herein have the same meanings as in our Terms of Engagement, governed by the laws of the Abu Dhabi Global Market (ADGM).
2. Types of Data Collected
We collect only the minimum data necessary to execute high-level advisory mandates:
- Identity & Professional Data: Name, professional title, institutional affiliation, and contact details.
- Strategic Context: Information provided voluntarily via the Strategic Scoping Brief or during consultations, including project objectives, stakeholder landscapes, and regulatory friction points.
- Technical Data: IP address, browser type, device information, and usage patterns collected automatically via our secure digital infrastructure for security and site optimisation.
3. Use of Data
Your data is utilised strictly for the following purposes:
- Advisory Execution: To perform the research, synthesis, and bridge-building required for your specific mandate.
- Service Optimisation: To maintain the security and technical integrity of our digital presence and to improve the efficiency of our advisory delivery.
- Institutional Communication: To manage engagement logistics, respond to inquiries, and manage professional correspondence.
- Legal Compliance: To fulfil any professional, tax, or regulatory obligations in the jurisdictions where we operate.
4. Information Architecture & Security
Arkaan Advisory utilises a "Security-First" tech stack designed for institutional-grade privacy:
- Processing Layers: We utilise GDPR-compliant processors such as Tally for initial context-gathering and Cal.com (ISO 27001 certified) for scheduling and orchestration.
- Financial Data & Payments: For digital transactions, we utilize Stripe (a PCI Level 1 Service Provider). Arkaan Advisory does not store sensitive cardholder data. For institutional mandates settled via bank transfer, financial data is limited to necessary wire instructions and is handled within our secured Google Workspace environment.
- Secure Environment: All active work product and client documentation are managed within a secured Google Workspace environment, protected by advanced encryption and multi-factor authentication.
- Confidentiality by Design: We do not utilise third-party advertising trackers, pixels, or behavioural analytics that compromise client anonymity.
5. Data Retention
Arkaan Advisory adheres to a "Minimal Retention" philosophy to ensure client data sovereignty:
Pre-Engagement Data
Information provided during the exploration phase (via Tally, Cal.com, or initial inquiry) is manually deleted within seven (7) days of the conclusion of the initial session or the decision not to proceed.
Mandate Data
Documentation related to active, long-term mandates is retained for the duration of the engagement. Upon conclusion, data is archived or deleted according to the specific terms of the individual Engagement Letter.
Communication Logs
Professional correspondence (email) is retained for as long as necessary for the fulfilment of the engagement or as required by UAE record-keeping standards for tax and legal compliance.
6. International Transfer of Data
Given the global nature of our digital infrastructure, your information may be transferred to and processed in servers located outside of your home country (including the EU and USA). By utilising our services, you consent to these transfers, which are governed by Standard Contractual Clauses (SCCs) to ensure equivalent data protection.
7. Cookie & Tracking Policy
Essential Cookies Only: Our digital presence utilises only Essential (Functional) Cookies. These are strictly necessary for site security, performance, and the operation of our digital intake tools. We do not utilise third-party advertising or marketing cookies.
8. Links to Third-Party Sites
Our work product or website may contain links to external resources (e.g., government portals, news outlets, or regulatory bodies). Arkaan Advisory is not responsible for the privacy practices or content of these external entities.
9. Data Sovereignty & Non-Disclosure
- Third-Party Sharing: We do not sell, trade, or share client data. Disclosure to third parties occurs only when explicitly authorised by the client or required by a court of competent jurisdiction.
- AI & Research: Client data and work product are never used for AI training or secondary research purposes.10. Changes to This Privacy Policy
10. Data Sovereignty & Non-Disclosure
We reserve the right to update this policy to reflect changes in our technical stack or global regulatory requirements. Any updates will be posted on this page with a revised "Effective Date."
11. Your Rights & Contact
Under applicable laws, you may have the right to access, correct, or request the "Hard Purge" of your data, subject to legal record-keeping requirements. To exercise these rights or to discuss a specific Non-Disclosure Agreement (NDA), please contact:
Contact Us
SPC Free Zone, Ground Floor,
Al Zahia, Sheikh Mohammed Bin Zayed Road,
Sharjah, United Arab Emirates
© 2026 Arkaan Advisory. All Rights Reserved.