Política de Privacidad
Última actualización: 5 July 2026
This Privacy Policy explains how Elite Consulting Club, the trading name of Elite Consulting FZC-LLC (TRN 104062296900003), registered at Sharjah Publishing City (SPC) Free Zone, Sheikh Mohammed Bin Zayed Rd, Sharjah, United Arab Emirates ("we", "us", "our"), collects, uses, shares, retains and protects your personal data when you engage us for international company formation, banking, residency and regulatory-compliance services. It applies to all clients, prospective clients and website visitors. English is the governing language of this Policy.
1. Data We Collect
To fulfil our obligations under AML/KYC regulations and to provide company setup services, we collect the following types of personal information:
- Personal Identifiable Information (PII): Full name, date of birth, nationality, address, and contact details.
- Identification Documents: Passports, national ID cards, driver's licences, and proof of address documents.
- Financial Information: Bank statements and other documentation required for KYC compliance.
- Verification Data: Data obtained through verification systems such as AidKYC, Onfido, and SumSub.
2. Purpose of Data Collection
We collect and process your data strictly for the following purposes:
- Company Setup Services: To facilitate the setup of your company in jurisdictions such as Hong Kong, Seychelles, Panama, USA, Singapore, and the United Arab Emirates.
- AML/KYC Compliance: To verify your identity and ensure compliance with applicable anti-money-laundering regulations.
- Regulatory Requirements: To transmit necessary information to competent government authorities or regulatory bodies to ensure smooth and compliant business processes.
3. Lawful Basis for Processing
We only process your personal data where we have a lawful basis to do so. Depending on the activity, we rely on one or more of the following bases:
- Performance of a contract: Processing that is necessary to provide the services you have engaged us for, to take steps at your request before entering into a contract, and to administer our relationship with you.
- Legal and regulatory obligation: Processing required to meet our anti-money-laundering (AML), counter-terrorist-financing, know-your-customer (KYC) and other statutory obligations, and to respond to lawful requests from competent authorities.
- Legitimate interests: Processing necessary for our legitimate interests in operating, securing and improving our services, preventing fraud and abuse, and maintaining records, provided such interests are not overridden by your rights and freedoms.
- Consent: Where processing is not covered by another basis (for example, certain optional communications), we rely on your consent, which you may withdraw at any time without affecting the lawfulness of prior processing.
4. How We Use Your Data
Your data is used solely for the purposes outlined above and is handled in strict accordance with regulatory standards:
- AML/KYC Verification: Using trusted systems such as AidKYC, Onfido, and SumSub to verify your identity and financial documentation.
- Company Setup Processing: To submit required documentation to relevant authorities or entities for company registration.
- Regulatory Compliance: To provide necessary data to competent governments or entities to meet AML compliance standards.
5. Automated Decision-Making
Certain verification tools we use (including identity- and document-verification providers) apply automated checks to help detect fraud and confirm identity. We do not make decisions that produce legal or similarly significant effects concerning you based solely on automated processing without meaningful human review. Where an automated check flags an issue, a qualified member of our team will review the matter before any decision to decline, suspend or terminate a service is finalised.
6. Data Sharing and Disclosure
We may share your data only with the following parties:
- Government Authorities: Relevant regulatory bodies and government entities in the jurisdictions where you are setting up a company.
- Third-Party Verification Systems: AidKYC, Onfido, and SumSub for identity verification and compliance.
- Service Providers: Trusted entities assisting with company registration and legal compliance processes.
We do not sell, rent, or disclose your data to unauthorised third parties.
7. Sub-Processors
We engage carefully selected third parties ("sub-processors") to process personal data on our behalf. Each sub-processor is bound by contractual obligations to process data only on our instructions, to keep it confidential, and to apply appropriate security measures. Our current sub-processors include:
| Sub-processor | Purpose |
|---|---|
| AidKYC | Identity and KYC verification |
| Onfido | Identity and document verification |
| SumSub | Identity verification and AML screening |
| Hosting providers | Secure hosting and storage of the website and client records |
| Analytics providers | Aggregated website usage and performance analytics |
We may add, replace or remove sub-processors from time to time as our operations evolve. Where we do so, we will update this Policy and, where required by law, provide notice. Your continued use of our services after such an update constitutes acknowledgement of the change.
8. International Data Transfers
Because we assist with company formation across multiple jurisdictions, your personal data may be transferred to, stored in, or accessed from countries outside your country of residence, including outside the United Arab Emirates. Some of these countries may not provide the same level of data-protection law as your home jurisdiction.
Where we transfer personal data internationally, we take appropriate safeguards to protect it, which may include: transferring only to jurisdictions recognised as providing an adequate level of protection; putting in place contractual data-protection clauses with recipients and sub-processors; and limiting transfers to what is necessary to deliver the services you have requested or to meet a legal or regulatory obligation.
9. Data Security
We implement stringent security measures to protect your personal data, including:
- Encryption of sensitive data both in transit and at rest.
- Access controls to limit data handling to authorised personnel only, on a need-to-know basis.
- Audit logging and regular audits and compliance checks to ensure adherence to AML/KYC standards.
- Confidentiality obligations binding our staff and sub-processors, together with technical and organisational measures designed to prevent unauthorised access, alteration, disclosure or destruction of data.
While we take all reasonable steps to protect your data, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
10. Data Retention
We retain your data only for as long as necessary to fulfil the purposes for which it was collected, including:
- Meeting AML/KYC obligations.
- Complying with legal or regulatory requirements.
- Retaining records for company setup and operational purposes.
Specific retention periods: AML/KYC records and related identification, verification and transaction documentation are retained for a minimum of five (5) years after the end of our relationship with you, or longer where applicable law or a competent authority requires. Other records are retained for as long as needed for the purpose collected and to establish, exercise or defend legal claims. When data is no longer required, we securely delete or anonymise it.
11. Data-Breach Handling
We maintain procedures to detect, investigate and respond to suspected or actual personal-data breaches. In the event of a breach that is likely to affect your personal data, we will take prompt steps to contain and remediate the incident, assess the risk to affected individuals, and notify the relevant competent authority and affected individuals where and to the extent required by applicable law. We keep records of breaches and the actions taken in response.
12. Your Rights
Subject to applicable law and to our legal and regulatory obligations, you have the following rights regarding your personal data:
- Access and Correction: Request access to or correction of your personal data.
- Deletion: Request deletion of your data where legally permissible.
- Restriction of Processing: Restrict processing of your data under certain circumstances.
- Complaints: Lodge a complaint with a data-protection authority if you believe your rights have been violated.
How to exercise your rights: To exercise any of these rights, please submit a verified written request to us at [email protected]. To protect your data, we may need to verify your identity before acting on a request. We will respond within thirty (30) days of receiving a valid, verified request, or notify you within that period if we require more time or further information. Please note that certain rights are limited where we are required to retain data to comply with AML/KYC or other legal obligations.
13. No Service to Minors
Our services are intended solely for individuals who are at least 18 years of age. We do not knowingly provide services to, or knowingly collect personal data from, minors. If we become aware that we have collected personal data from a person under 18, we will take reasonable steps to delete such data unless we are required to retain it by law.
14. Accuracy of Information and Consequences of False Data
You are responsible for ensuring that the information you provide to us is true, accurate, complete and up to date, and for informing us promptly of any changes. Providing false, incomplete, misleading or fraudulent data may result in the suspension or termination of your services, refusal to onboard or continue the engagement, and forfeiture of fees where permitted. Where required by law, we may report such conduct, and any suspicious activity, to the competent authorities.
15. Marketing Communications and Opt-Out
Where you have provided your contact details in connection with an enquiry, a booking or an engagement, we may send you marketing and promotional communications — including by email, WhatsApp and other messaging channels — and may show you relevant advertising through retargeting on third-party platforms. We rely on your consent or, where permitted by applicable law, on our legitimate interest in promoting services similar to those you have enquired about or engaged us for.
You may opt out at any time by using the unsubscribe link in any marketing email, replying "STOP" (or an equivalent instruction) to a WhatsApp or other message, or writing to us at [email protected]. Please note:
- Opting out of marketing does not affect service, transactional or compliance communications (for example, booking confirmations, document requests, KYC follow-ups, invoices and legally required notices), which we will continue to send as necessary to deliver our services and meet our obligations.
- We will action opt-out requests within a reasonable processing window. You acknowledge that messages already dispatched, queued or scheduled before your opt-out takes effect may still be delivered, and Elite Consulting shall bear no liability for communications sent during that window.
- Opting out of retargeting on third-party platforms may additionally require adjusting your settings on those platforms or in your browser, which are outside our control.
16. Information You Provide About Others
In the course of company formation, banking-introduction and residency engagements, you may supply us with personal data relating to third parties — including directors, shareholders, ultimate beneficial owners (UBOs), officers, authorised signatories, employees and family members (for example, dependants included in a visa application).
By providing such data, you represent and warrant that you have the full legal authority, and have obtained all consents, authorisations and notices required under applicable law, to disclose that data to us and to permit us to process it for the purposes described in this Policy, including transmission to government authorities, verification providers and other recipients identified herein.
You agree to indemnify and hold harmless Elite Consulting, its officers, employees and agents from and against any claim, demand, complaint, penalty, loss or expense (including reasonable legal fees) brought by or in relation to any such third party arising out of your failure to obtain the required authority, consents or notices. It is your responsibility to bring this Policy to the attention of any individual whose data you provide to us.
17. Communications Recording and Monitoring
We may record, monitor and retain communications between you and us — including telephone calls, video calls (such as consultation and onboarding calls), emails, WhatsApp and other messaging conversations, and correspondence submitted through our website — for the following purposes:
- Compliance and KYC: Evidencing the information and instructions you provide, and meeting our AML/KYC, record-keeping and regulatory obligations.
- Dispute resolution: Establishing, exercising or defending legal claims, and resolving disagreements about instructions given or advice provided.
- Service quality and training: Reviewing and improving the quality, accuracy and consistency of our services.
Recordings and message records are retained in line with the retention periods set out in this Policy and are protected by the same security measures as other personal data. By continuing to communicate with us through any of these channels after having had the opportunity to review this Policy, you acknowledge that such communications may be recorded, monitored and retained as described.
18. Third-Party Websites and Services
Our website and services may contain links to, or integrate with, websites and services operated by third parties — including banks and payment institutions, government and free-zone portals, our scheduling provider (TidyCal), analytics and advertising providers, and messaging platforms such as WhatsApp. When you follow such a link or use such a service, any personal data you provide is processed under that third party's own privacy policy and terms, not this Policy.
We do not control, and accept no responsibility or liability for, the privacy practices, security measures or content of third-party websites and services. The presence of a link or integration does not constitute an endorsement. We encourage you to review the privacy policy of every third-party website or service you use before providing personal data to it.
19. Aggregated and Anonymised Data
We may anonymise and aggregate personal data so that it can no longer be used to identify you, whether directly or indirectly. We may create, use, retain and disclose such anonymised and aggregated data — for example, statistics on jurisdictions selected, service demand, website usage and conversion performance — for analytics, benchmarking, research, marketing and service-improvement purposes without restriction, as such data no longer constitutes personal data under applicable data-protection law. This Policy does not limit our use of data that has been irreversibly anonymised.
20. Disclosures Required by Law
Notwithstanding any other provision of this Policy, we may access, preserve and disclose your personal data — with or without prior notice to you — where we believe in good faith that such disclosure is required or permitted in order to:
- Comply with any applicable law, regulation, court order, subpoena or other legal process, or a binding request from a government, regulatory, tax, law-enforcement or free-zone authority in any relevant jurisdiction.
- Meet obligations under tax-information-exchange frameworks, including FATCA, the Common Reporting Standard (CRS) and equivalent regimes, and under AML/CTF legislation, including the filing of suspicious-activity or suspicious-transaction reports.
- Enforce this Policy or our Terms & Conditions, or investigate suspected fraud, abuse or unlawful activity.
- Protect the rights, safety or property of Elite Consulting, our clients, our personnel or the public.
You acknowledge and agree that any disclosure made pursuant to this section shall not constitute a breach of this Policy, of any duty of confidentiality, or of any other obligation owed to you, and that in certain cases (for example, suspicious-activity reporting) we may be legally prohibited from informing you that a disclosure has been made.
21. Limitations; No Warranty of Absolute Security
We apply the safeguards described in this Policy and take the protection of your personal data seriously. However, no method of transmission over the internet and no method of electronic storage is 100% secure, and we therefore cannot and do not warrant or guarantee the absolute security of any data transmitted to or stored by us. Any transmission of personal data is at your own risk to the extent it travels over networks outside our control.
To the maximum extent permitted by applicable law, Elite Consulting shall not be liable for any unauthorised access to, interception, alteration, deletion or loss of personal data arising from events beyond its reasonable control, including sophisticated cyber-attacks, failures of third-party networks, platforms or infrastructure, or your own acts or omissions (such as compromised credentials or insecure devices), provided we have applied the appropriate technical and organisational measures described in this Policy.
Any liability of Elite Consulting arising under or in connection with this Policy is subject to, and limited in the aggregate as set out in our Terms & Conditions, including the cap at the fees actually paid by you for the relevant services and the exclusion of indirect, incidental, consequential, special and punitive loss (including loss of profit, business, goodwill or data). Nothing in this section excludes or limits liability that cannot be excluded or limited under applicable law.
22. Complaints
If you have a complaint about how we have handled your personal data, please contact us first in writing at [email protected], describing the issue and providing sufficient detail for us to identify you and investigate. We will acknowledge your complaint, investigate it in good faith, and respond to you within a reasonable period, keeping you informed of the progress of any longer investigation.
We ask that you give us a fair opportunity to investigate and resolve your complaint before escalating the matter to the competent data-protection authority. This does not affect any right you may have under applicable law to lodge a complaint with a supervisory authority at any time.
23. Governing Law and Data-Protection Authority
This Privacy Policy and any matter arising from it are governed by the laws of the United Arab Emirates, and you agree to the exclusive jurisdiction of the courts of Dubai in respect of any dispute, without prejudice to any mandatory data-protection rights available to you under applicable law. You may raise concerns with us directly using the contact details below, and you have the right to lodge a complaint with the competent data-protection authority in your jurisdiction.
24. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our operations, regulatory requirements, or technology. Any changes will be posted on this page with a revised "last updated" date. Please review this page periodically for updates.
25. Contact Us
If you have questions or concerns about this Privacy Policy, or wish to exercise your data rights, please contact us at:
- Entity: Elite Consulting Club (Elite Consulting FZC-LLC), TRN 104062296900003
- Email: [email protected]
- Phone: +971 502733997
- Address: SPC Free Zone, Sheikh Mohammed Bin Zayed Rd, Sharjah, United Arab Emirates
- Website: https://eliteconsultingclub.com
- Hours: Mon–Fri, 9:00–18:00 GST
