Privacy Policy

This Privacy Policy explains how Become Global Citizen Ltd. collects, uses, and protects personal data submitted through this website and during the course of our advisory engagements. It is drafted to align with the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and the UAE Personal Data Protection Law (PDPL).

1. Data controller

Become Global Citizen Ltd.(“we”, “our”, “us”) is the data controller of personal data collected through this website and our services.

2. Personal data we collect

• Contact data: name, email, phone, country of residence, nationality.
• KYC/AML data: passport copies, proof of address, source-of-funds documentation, police clearances.
• Technical data: IP address, device type, browser, and usage logs.
• Marketing data: communication preferences and consent records.

3. How we use your data

• To deliver advisory services and process applications.
• To comply with KYC, AML, and sanctions-screening obligations.
• To communicate with you about your engagement.
• To improve our website and services.
• To send marketing communications where you have consented.

4. Legal bases (GDPR)

• Performance of a contract or pre-contractual steps.
• Compliance with a legal obligation (KYC/AML).
• Legitimate interests (security, fraud prevention).
• Consent (marketing communications).

5. Sharing of data

We share personal data with:

• Government authorities and licensed agents involved in processing your application.
• Due-diligence service providers and financial institutions.
• IT service providers (hosting, CRM, email) bound by data-processing agreements.

6. International transfers

Where personal data is transferred outside the EEA or the UAE, we rely on Standard Contractual Clauses or equivalent safeguards.

7. Data retention

KYC/AML data is retained for the minimum period required by law (typically 5–10 years after the end of the engagement). Other data is retained for the duration of the relationship plus a reasonable archival period.

8. Your rights

Subject to applicable law, you have the right to access, rectify, erase, restrict, or port your personal data, and to object to processing. Privacy and data-rights requests can be sent to legal [at] virugroup [dot] com.

9. Security

We implement organizational and technical measures to protect personal data, including encryption in transit, restricted access, and audit logs.

10. Updates to this policy

We may update this Privacy Policy from time to time. The latest version is always available on this page.