Privacy Policy

Basic information on data protection
Responsible for the treatmentSIMFINE FZCO / DEFIBET.HOUSE
Dubai (United Arab Emirates)
License number 10786
Registration number DSO-FZCO-9541
E-mail address:
Purpose of treatmentNot limited to: contracting our services, answering your request, managing CVs received.
LegitimationTo respond to requests and inquiries, the legal basis will be the legitimate interest in answering the inquiries.
In all other cases, the legitimate basis will be the user's own consent.
RightsAccess, rectify, delete, limit the processing, opposition and portability of data, as explained in the additional information.
Source of dataData obtained from users themselves, social networks, and automatically collected data (cookies).
Additional informationAdditional detailed information on Data Protection can be found below.

1. General information, purpose of the data, exercise of rights and consent to data processing.

In compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation – hereinafter, GDPR) and the Organic Law 3/2018 of 5 December on the Protection of Personal Data and guarantee of digital rights (hereinafter, LOPDGDD), the entity communicates that by accepting this Privacy Policy the user gives informed, express, free and unequivocal consent for the data provided through the website, as well as those provided voluntarily by other means, to be managed in order to process the service or information requested, answer your request and/or process your request.


Who is responsible for the processing of your personal data?

SIMFINE / DEFIBET.HOUSE domiciled at SILICON OASIS, DDP, BUILDING A2 – Dubai (United Arab Emirates) and e-mail is responsible for the processing of personal data collected in the course of its activities. 

As the data controller, we guarantee the security and confidentiality of your data in accordance with the RGPD, LOPDGDD, and any other applicable regulations.


For what purposes do we process your personal data?

In compliance with the provisions of articles 5 and 12 of the RGPD we inform you of:

  • The purpose of the data collection will be to attend the possible relationships that may arise between the user and the owner, specifically and without limitation, to answer your request and manage the CVs received..
  • In the completion of the forms, there may be sections with mandatory nature, which will be those fields marked with an asterisk (*), as they are considered necessary for the purpose pursued, so the omission of any of them may result in the impossibility of sending the query..
  • To send advertising: when you have voluntarily requested to receive the newsletter, we will send you advertising.. 
  • Also, as a consequence of the contractual relationship, we may send you commercial communications by e-mail related to our services.
  • To improve our services, receive personalized information and analyze your behavior on the website: the information will be collected through cookies or similar mechanisms stored on your device, always with your consent. You can obtain more information in the Cookies Policy present on the website. In any case, these data will be anonymized and it is not possible to identify their owners.



What kind of personal data do we collect?

Generally, the categories of data processed are: 

  • Identification data: among others, name, surname, telephone, email and IP addresses.
  • Bank details, in case of contracting our services.


What are your rights when you provide us with your data?  

Regarding the exercise of the rights of the interested parties, the RGPD in its articles 15 and following establishes specific conditions on the procedure to follow to assist the interested parties in the exercise of their rights. Such rights are as follows:

  • Right to request access to personal data relating to the interested party: The interested party shall have the right to obtain confirmation from the data controller as to whether or not personal data concerning him or her is being processed and, in such a case, the right of access to the personal data. In the same way, the right to obtain a copy of the personal data object of the treatment is recognized..
  • Right to request rectification or deletion: The interested party shall have the right to obtain, without undue delay, from the data controller the rectification of inaccurate personal data concerning him. In addition, the interested party will have the right to obtain, without undue delay, the deletion of the personal data that concerns him or her from the data controller, who will be obliged to delete the personal data without undue delay..
  • Right to request the limitation of your treatment: assumes that, at the request of the interested party, the treatment operations that correspond in each case will not be applied to their personal data. 
  • Right to object to treatment: The interested party shall have the right to object at any time to the processing of personal data concerning him.
  • Right to data portability: the copy provided to the person concerned must be in a structured, commonly used, and machine-readable format.


This may be done by writing to the following e-mail address If you have contacted the data controller by a means that allows you to prove it, and if the data controller has not responded to you within the established period or if you consider that the response is not adequate, you may contact the Supervisory Authority (Spanish Data Protection Agency).


How long will we keep your data?

Personal data will be kept as follows:

  • Anonymized data will be retained without a deletion period.
  • User data will be kept according to the service contracted and, in any case, for the shortest possible time. In any case and in compliance with the respective legal obligations, they will be kept according to the following deadlines:
  • 5 years, according to art. 1964 of the Civil Code;
  • 6 years, according to art. 30 of the Commercial Code.
  • 10 years, according to money laundering regulations.


How did we obtain your data?

The personal data that we process in the entity is always obtained by three ways: 1) that collected automatically, 2) that which you voluntarily provide us, and 3) that provided by third parties:


  1. Automatically collected data

This information will consist of:

  • Collected through cookies or similar mechanisms stored on your device, always with your consent..
  • The IP from which the connection is made, the type of device used and its characteristics, the operating system version, the type of browser, the language, the date, the country, the time of the request, the referrer URL or the mobile network used, among others.
  • Data of use and interaction with the website and possible errors detected during its use, such as pages not found or erroneous visualizations. In any case, these data will be anonymized and it is not possible to identify their owners.

  1. Data provided voluntarily

This information will consist of:

  • The information contained in the messages sent through the contact channels of the website or, if any, when you subscribe to our newsletter. For example, your email, first and last name, subject, contact phone number, or message.


  1. Those provided by third parties

This information will consist of:

  • That provided by social networks or similar services. You can communicate through the channels enabled on our official social networks (Youtube, Facebook, Twitter and Instagram).
  • That provided through other means of communication, such as in person, by phone, email, instant messaging applications, video call applications…


How do we use your data?

  • In emails and contact forms

The website has an SSL encryption that allows the user to send their personal data securely through standard contact forms. The personal data collected will be subject to automated processing. In that sense:

  • We will receive your IP, which will be used to verify the origin of the message in order to offer you adequate recommendations (for example, presenting the information in the correct language) and to detect possible irregularities (for example, possible cyberattack attempts on the service), as well as as data relating to your ISP.
  • Likewise, you can provide us with your data by telephone, email and other means of communication indicated.
  • In social networks

Contamos con perfiles en algunas de las principales redes sociales de Internet, siendo la entidad responsable del tratamiento en relación con los datos publicados en las mismas. Esos datos serán tratados según la red social permita a los perfiles corporativos. Por tanto, podremos informar, cuando la ley no lo prohíba, a nuestros seguidores por cualquier vía que la red social permita sobre sus actividades u ofertas, así como prestar un servicio personalizado de atención al cliente.

En ningún caso extraeremos datos de las redes sociales, a menos que se obtuviera puntual y expresamente el consentimiento del usuario para ello. Cuando debido a la propia naturaleza de las redes sociales, ejercer tus derechos dependa de la modificación de tu perfil, te ayudaremos y aconsejaremos en la medida de nuestras posibilidades.


How is their consent to be obtained?

The acceptance of the privacy policy shall be understood for all purposes as the provision of express and unequivocal consent (Article 7 of the RGPD) of the user to the processing of their personal data under the terms of this document. 

It is reported that consent will not be required when: the data are necessary for the performance of a contract to which the data subject is a party or for the implementation at the request of this of pre-contractual measures; or for the fulfillment of a legal obligation applicable to the data controller. 


Is there any communication of data to third parties?

 The data will be communicated, if necessary, for the fulfillment of certain legal obligations (Tax Administration, Social Security, State Security Forces, and Corps…). In the same way, such data will be transferred to anyone who is necessary for the execution of the work entrusted.. 

2. Compliance with applicable regulations

The entity seeks compliance with the guidelines of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) and other regulations in force and applicable at all times, ensuring the correct use and processing of the user’s personal data. In addition, it ensures compliance with Law 34/2002, of July 11, 2002, on Information Society Services and Electronic Commerce.

3. Communications via e-mail or instant messaging applications

Communications by e-mail or instant messaging will be those necessary to manage the request, petition or complaints from users or to respond to their comments.

4. Data provided by third parties

In the event that personal data are included in the request by persons who do not have such data, the user must, prior to their inclusion, inform such persons of the points contained in the preceding paragraphs, and the owners of the website shall be exempt from any liability for failure to comply with this requirement.

5. Minors

This website is not intended for minors, therefore it is not authorized to provide data of minors through this page. The entity is not responsible for failure to comply with this requirement.

6. Safety measures

The entity has implemented the necessary technical and organizational security measures to ensure the security of your personal data and prevent their alteration, loss and unauthorized processing and/or access, taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of the processing, as well as risks of varying likelihood and severity to the rights and freedoms of natural persons. In any case, mechanisms will be put in place to:


  1. a) Ensure the confidentiality, integrity, availability and resilience of the processing systems and services at all times.
  2. b) Restore availability and access to personal data promptly in the event of a physical or technical incident.
  3. c) Verify, evaluate and assess, on a regular basis, the effectiveness of the technical and organizational measures implemented to ensure the security of the processing.
  4. d) Pseudonymize and encrypt personal data, if necessary.


All this is in accordance with the provisions of Article 32 of the GDPR in relation to Recital 81 of the GDPR.

7. Confidentiality and duty of secrecy

The user counts on the confidentiality and the duty of secrecy of the employees and collaborators of the entity and of all those who process the data in the name and on behalf of the entity. Notwithstanding the foregoing, the user is warned that the security of communications over the Internet is not invulnerable.

8. Modification of the privacy policy

The owner of the website reserves the right to modify without prior notice its Privacy Policy, according to its own criteria, motivated by a legislative, jurisprudential or doctrinal change of the European Data Protection Authority. Any modification of the Privacy Policy will be published one day before its effective application.