Privacy Policy
Last updated: 6 July 2026
This Privacy Policy (the “Policy”) sets out the basis upon which EuroBridge Global (the “Company”) collects, uses, discloses, transfers, retains and otherwise Processes the Personal Data of Data Subjects in connection with the provision of its documentation and immigration-support Services, in accordance with Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data and all other Applicable Laws of the United Arab Emirates.
Please read this Policy carefully. By using the Services, you acknowledge and agree to the terms hereof. Capitalised terms not otherwise defined herein shall have the meanings given to them in the Company’s Terms & Conditions.
1. Definitions and Interpretation
In this Privacy Policy, unless the context otherwise requires, the following expressions shall bear the meanings ascribed to them below:
- “Company”, “we”, “us” or “our” means EuroBridge Global, a documentation and immigration-support services provider having its registered office in Dubai, United Arab Emirates, together with its affiliates, successors and permitted assigns.
- “Data Subject”, “you” or “your” means any identified or identifiable natural person whose Personal Data is Processed by or on behalf of the Company.
- “Personal Data” means any data relating to an identified natural person, or one who can be identified, directly or indirectly, by way of linking data, including without limitation name, voice, picture, identification number, electronic identifier, geographic location, and one or more physical, physiological, economic, cultural or social characteristics.
- “Sensitive Personal Data” means any data that directly or indirectly reveals a natural person’s racial or ethnic origin, political or philosophical opinions, religious beliefs, criminal record, biometric data, or any data related to that person’s health.
- “Processing” means any operation or set of operations performed upon Personal Data, whether or not by automated means, including collection, recording, organisation, storage, adaptation, alteration, retrieval, use, disclosure, dissemination, restriction, erasure or destruction.
- “Applicable Law” means Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data and its implementing regulations, together with all other applicable federal and Emirate-level laws, regulations, resolutions and directives of the United Arab Emirates, each as amended, supplemented or replaced from time to time.
- “Services” means the documentation, advisory, application-facilitation and related services offered by the Company through its website, mobile application and offices.
Headings are inserted for convenience only and shall not affect the construction of this Privacy Policy. Words importing the singular include the plural and vice versa, and words importing any gender include every gender.
2. Status of the Company and Scope of Application
The Company acts as the Controller in respect of the Personal Data described herein and determines, alone or jointly with others, the purposes and means of the Processing. Where the Company Processes Personal Data on behalf of a third party, it shall do so in the capacity of a Processor and strictly in accordance with the documented instructions of the relevant Controller.
This Privacy Policy applies to all Personal Data Processed by the Company in connection with the Services, whether obtained through the Company’s website, mobile application, electronic forms, correspondence, telephone, messaging platforms, or in person, and constitutes a legally binding instrument governing the relationship between the Data Subject and the Company with respect to such Processing.
By accessing the Services, submitting an enquiry or application, creating an account, or otherwise providing Personal Data to the Company, you acknowledge that you have read and understood this Privacy Policy and consent, to the extent permitted and required by Applicable Law, to the Processing of your Personal Data in the manner set out herein.
3. Categories of Personal Data Collected
The Company may collect and Process the following categories of Personal Data, whether provided directly by you, generated in the course of the Services, or lawfully obtained from third parties:
- Identity and civil-status data, including full name, gender, date and place of birth, nationality, marital/civil status and photographs;
- Contact data, including residential address, email address and telephone or mobile numbers;
- Travel-document and identification data, including passport number, dates of issue and expiry, issuing authority, national identity number, Emirates ID and residence-visa particulars;
- Immigration and application data, including destination country, service type, embassy of appearance, prior visa history and supporting documentation;
- Employment and educational data, including occupation, employer particulars, years of experience, qualifications and curriculum vitae;
- Financial and transactional data, including invoices, instalment schedules, amounts paid, payment references and bank-transfer confirmations (the Company does not itself store full payment-card numbers);
- Account and technical data, including login credentials, device identifiers, Internet Protocol (IP) address, application and browsing activity and push-notification tokens; and
- Any Sensitive Personal Data strictly necessary for the provision of the Services, Processed only where lawful and, where required, with your explicit consent.
You represent and warrant that all Personal Data supplied by you is accurate, complete, current and lawfully provided, and that where you supply Personal Data relating to any other natural person, you have obtained all necessary consents and authorisations for its disclosure to, and Processing by, the Company.
4. Purposes and Legal Bases of Processing
The Company Processes Personal Data only where, and to the extent that, at least one lawful basis under Applicable Law applies, including the performance of a contract to which the Data Subject is party, compliance with a legal obligation, the protection of the vital interests of the Data Subject, the legitimate interests of the Company, or the consent of the Data Subject.
The purposes for which Personal Data is Processed include, without limitation:
- assessing eligibility, and preparing, submitting, tracking and facilitating applications to Government Authorities, embassies, consulates and other competent bodies;
- establishing, administering and servicing your account and application, and communicating with you in relation thereto;
- issuing invoices, processing and reconciling payments, and administering instalment plans and coupons;
- providing customer support, notifications and status updates through electronic and other channels;
- complying with legal, regulatory, tax, anti-money-laundering and record-keeping obligations, and responding to lawful requests of competent authorities;
- preventing, detecting and investigating fraud, misuse, security incidents and breaches of the Company’s terms; and
- improving, securing and developing the Services, subject to appropriate safeguards.
Where Processing is founded upon consent, you may withdraw such consent at any time in accordance with Section 9, without affecting the lawfulness of Processing carried out prior to such withdrawal; provided that the withdrawal of consent necessary for the provision of the Services may render the Company unable to perform the Services in whole or in part.
5. Disclosure of Personal Data to Third Parties
The Company shall keep Personal Data confidential and shall not sell it. The Company may, however, disclose Personal Data, on a need-to-know basis and subject to appropriate contractual and technical safeguards, to the following categories of recipients where necessary for the purposes set out in Section 4:
- Government Authorities, embassies, consulates, immigration and visa-processing centres, and other competent public bodies to whom applications are submitted;
- sub-contractors, agents, correspondents and professional advisers engaged by the Company to assist in performing the Services, whom the Company is expressly authorised to retain;
- prospective or actual employers, sponsors, educational institutions and insurers, where relevant to the Services requested by you;
- payment-service providers, banks and financial institutions for the purpose of processing and reconciling payments;
- information-technology, hosting, communications and analytics providers acting as Processors on behalf of the Company; and
- any court, regulator, law-enforcement or governmental body where disclosure is required by Applicable Law, legal process, or to establish, exercise or defend legal rights.
The Company shall not be responsible for the independent acts, omissions, decisions, processing times or determinations of any such third party, including the discretionary decisions of any embassy or Government Authority.
6. Cross-Border Transfer of Personal Data
The provision of the Services inherently requires the transfer of Personal Data to jurisdictions outside the United Arab Emirates, including the destination countries to which applications relate. The Company may transfer Personal Data to such jurisdictions where an adequate level of protection is afforded under Applicable Law or, in the absence thereof, where an appropriate legal basis for the transfer exists, including your explicit consent or the necessity of the transfer for the performance of the contract between you and the Company.
By instructing the Company to facilitate an application in respect of a particular destination, you expressly authorise and consent to the transfer of your Personal Data to the relevant embassies, consulates, Government Authorities and correspondents in that jurisdiction to the extent necessary for such purpose.
7. Data Retention
The Company shall retain Personal Data only for such period as is necessary to fulfil the purposes for which it was collected, to provide the Services, and to comply with the Company’s legal, regulatory and accounting obligations, after which such Personal Data shall be securely erased, destroyed or anonymised.
Notwithstanding any request for erasure, the Company may retain Personal Data to the extent, and for so long as, retention is required for compliance with a legal obligation, for the establishment, exercise or defence of legal claims, or as otherwise permitted under Applicable Law.
8. Information Security
The Company shall implement and maintain appropriate technical and organisational measures designed to protect Personal Data against unauthorised or unlawful Processing and against accidental loss, destruction, alteration, disclosure or access, taking into account the nature of the data and the risks associated with its Processing.
While the Company applies commercially reasonable safeguards, no method of transmission over the Internet or method of electronic storage is entirely secure, and the Company cannot and does not guarantee the absolute security of Personal Data. You are responsible for maintaining the confidentiality of your account credentials and for all activity conducted through your account.
In the event of a personal-data breach that is likely to prejudice the privacy, confidentiality, security or rights of affected Data Subjects, the Company shall act in accordance with its obligations under Applicable Law, including any applicable notification requirements.
9. Rights of the Data Subject
Subject to, and in accordance with, the conditions and exceptions prescribed by Applicable Law, you may exercise the following rights in respect of your Personal Data:
- the right to be informed of, and to request access to, the Personal Data Processed by the Company;
- the right to request the rectification or completion of inaccurate or incomplete Personal Data;
- the right to request the erasure of Personal Data where the conditions for such erasure are satisfied;
- the right to request the restriction of, or to object to, certain Processing;
- the right to request the portability of Personal Data provided by you, in a structured and machine-readable format, where technically feasible; and
- the right to withdraw consent previously given, and the right to lodge a complaint with the competent supervisory authority.
Requests to exercise any of the foregoing rights should be submitted in writing to the contact details set out below. The Company may require verification of your identity before actioning any request and may decline or limit a request to the extent permitted by Applicable Law.
10. Cookies and Analytics
The Company’s website and application may employ cookies, pixels, software development kits and similar technologies to operate the Services, remember your preferences, maintain sessions, and analyse usage in order to improve and secure the Services. Certain analytics and advertising technologies may be operated by third parties in accordance with their respective privacy notices.
You may configure your browser or device to refuse or delete cookies; however, doing so may impair the functionality and availability of certain features of the Services.
11. Minors
The Services are directed to persons who have attained the age of majority under Applicable Law. The Company does not knowingly collect Personal Data from minors otherwise than in the context of a family or dependant application lawfully initiated by a parent or legal guardian. Where the Company becomes aware that Personal Data has been collected from a minor otherwise than as permitted, it shall take reasonable steps to erase such data.
12. Amendments to this Privacy Policy
The Company reserves the right, at its sole discretion, to modify, vary, amend or replace this Privacy Policy at any time. Any such amendment shall take effect upon publication of the revised Privacy Policy on the Company’s website, with the “Last updated” date amended accordingly. Your continued use of the Services following the publication of any amendment shall constitute your acceptance of the amended Privacy Policy.
13. Governing Law and Jurisdiction
This Privacy Policy, and any obligation, dispute, claim or matter (whether contractual or non-contractual) arising out of or in connection with it or its subject matter, shall be governed by, and construed in accordance with, the laws of the United Arab Emirates as applicable in the Emirate of Dubai, and shall be subject to the exclusive jurisdiction of the competent courts of the Emirate of Dubai.
14. Severability
If any provision or part-provision of this Privacy Policy is or becomes illegal, invalid or unenforceable under the law of any jurisdiction, that shall not affect or impair the legality, validity or enforceability of any other provision or part-provision, which shall continue in full force and effect.
Contact — Data Controller
EuroBridge Global, Dubai, United Arab Emirates. Any request, enquiry or complaint concerning this Policy or the Processing of your Personal Data may be addressed to [email protected]. This Policy should be read together with our Terms & Conditions.