Close

Privacy Policy

Last Updated: 14/01/2026

At Quantum1st, including its subsidiaries and/or affiliates (hereinafter referred to as “we,” “our,” “us,” or “Quantum1st”), we are committed to safeguarding the privacy and security of our clients’ and website visitors’ personal data (“User,” “Customer,” “you,” “your”). We are committed to transparency and to ensuring that you understand how your personal data is collected, used, and protected, as well as the rights available to you under applicable law.

When you interact with us through any of our channels, we may collect certain information about you. Where such information can be used to identify you directly or indirectly, it constitutes “personal data” or “personal information”. We process personal data in accordance with Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data of the United Arab Emirates (“PDPL”), its Executive Regulations, and other applicable data protection laws and regulations, where applicable including those governing cross-border data transfers.

WHO WE ARE

For the purposes of the PDPL and other applicable data protection laws, Quantum1st is the Data Controller and is responsible for determining the purposes and means of processing your personal data.

This Privacy Policy, together with our terms of engagement, explains how we collect, use, store, share, and protect your personal data, and outlines your rights in relation to such data when you engage our technology services, visit our website (https://quantum1st.com/), or otherwise interact with us.

We may also collect personal data from third parties, as further described below. By accessing our website or engaging us for services, you acknowledge that you have read and understood this Privacy Policy.

For avoidance of doubt, this Privacy Policy applies to Website users and service engagements. Where Quantum1st provides technology services under a separate agreement, the scope of data processing may also be governed by the relevant engagement letter, service agreement, statement of work, or contract.

WHAT PERSONAL DATA DO WE COLLECT

We collect different categories of personal data depending on the nature of our relationship with you. This may include, but is not limited to:

  1. Identity Data: Name, date of birth, nationality, passport or national ID details, residency or visa information.
  2. Contact Data: Residential or business address, email address, telephone numbers.
  3. Financial Data: Bank account details, payment card details, financial records, tax-related information, billing and payment history.
  4. Professional Data: Occupation, employer, job title, professional qualifications, and business contact details.
  5. Project-Related Data: Information relevant to the technology services for which you engage us, which may include sensitive or special categories of data where such processing is lawful and necessary for the provision of our services or to comply with legal obligations.
  6. Technical Data: Internet Protocol (IP) address, browser type and version, time zone settings, approximate location, operating system, device type, and other technology identifiers used to access our website.
  7. Usage Data: Information about how you use our website, platforms, and services.
  8. Marketing and Communications Data: Preferences in receiving communications from us and records of your interactions with us.

We collect personal data directly from you, from publicly available sources, and from third parties (such as government authorities, financial institutions, or service providers) where necessary for the provision of our services or as permitted by applicable law.

“Project-Related Data” may include data provided by clients in connection with software implementation, cloud migration, system architecture, cybersecurity operations, data analytics, ERP/CRM tools, and other digital transformation services, which may involve personal data processed on behalf of clients.

HOW WE COLLECT YOUR PERSONAL DATA

  1. Information you provide: When you visit our website or utilize the “Contact Us” feature through interactive elements, online forms, email, or other communication methods, you voluntarily provide us with personal information such as your name, email address, phone number, and any other details you choose to share.
    We collect the information you submit when completing surveys, questionnaires, or forms. If you are a current or prospective client seeking our technology services, we may gather identity, contact, financial, professional, and project-related data as required for the specific services. Likewise, if you apply for a position at Quantum1st, you may be asked to provide your CV, which could include your personal, contact, professional, and financial data.

  2. Information we collect from third parties: We may collect personal data about you from third parties, in accordance with the law and where relevant to the services we provide or our legitimate business operations. These sources include publicly available registers and databases, professional networks, referrals, and service providers relevant to your engagement.

  3. Information we collect automatically: When you visit or interact with our website or digital platforms, we may automatically collect certain technical data, including device identifiers, IP address, browser and operating system information, usage patterns, referring URLs, and cookies. This information helps us understand how our website is used and enables us to improve functionality, performance, and security.
    Cookies and tracking technologies are managed in accordance with our Cookie Policy and may be subject to cookie preference / consent mechanisms where required by applicable law.

    HOW AND WHY DO WE USE YOUR PERSONAL DATA

We collect and process personal data only for specific, explicit, and legitimate purposes, and only where we have a lawful basis under applicable data protection laws. These purposes and legal bases include:

  1. Where we have your consent
    Where required by law, we process personal data based on your consent, including when you agree to our engagement terms, subscribe to communications, or otherwise provide explicit permission for specific processing activities. You may withdraw your consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

  2. To perform a contract
    We process personal data where necessary to perform our contractual obligations to you or to take steps at your request prior to entering into a contract. This includes client onboarding, service delivery, billing, payment processing, and communications relating to your engagement.

  3. To comply with legal and regulatory obligations
    We process personal data to comply with our legal and regulatory obligations, including obligations relating to anti-money laundering (AML), know-your-client (KYC), professional conduct, record keeping, taxation, accounting, and regulatory compliance, as well as to ensure the security of our systems and data.

  4. For legal claims and vital interests
    We may process personal data where necessary to establish, exercise, or defend legal claims, or where processing is required to protect the vital interests of you or another individual in exceptional circumstances.

    Personal data collected for specific purposes will not be further processed in a manner incompatible with those purposes, except as permitted or required by law.

    We may process personal data where necessary for legitimate interests such as improving service quality, maintaining cybersecurity, fraud prevention, internal record keeping, audit trails, and dispute management, provided that such interests do not override the rights and freedoms of data subjects under applicable law.

    HOW WE SHARE YOUR PERSONAL DATA

We disclose personal data only where necessary and in accordance with applicable law, including to:

  1. Our Employees: Authorized personnel on a need-to-know basis.
  2. Service Providers: Third-party providers supporting our operations, including IT services, secure cloud storage providers, payment processors, and professional advisors.
  3. Other Professionals: Experts and advisors involved in technology projects
  4. Government and Regulatory Authorities: Where disclosure is required by law or pursuant to lawful requests.
  5. Business Transfers: Successors or third parties in the event of a merger, restructuring, or transfer of assets, subject to appropriate safeguards.

We ensure that all third parties who process personal data on our behalf are contractually obligated to protect your data in accordance with applicable data protection laws and our own standards.

Where Quantum1st processes personal data as a service provider/processor on behalf of clients, such processing shall be carried out under appropriate contractual safeguards, confidentiality obligations, and security measures.

USE OF COOKIES AND THIRD-PARTY LINKS

We may employ both temporary (session) and persistent cookies, along with tags, scripts, and similar technologies, to enhance your experience on our website and to better understand your interactions. These tools help us identify users, track website navigation, gather demographic information, analyze the effectiveness of email campaigns, and facilitate targeted engagement by monitoring activities on our platforms.

Additionally, our pages may incorporate web beacons or pixels to count visitors, monitor activity over time and across different sites, track email interactions, identify cookies or device-specific identifiers, and collect related information.

Our website may provide links to third-party websites. Accessing such links is at your own risk. We are not responsible for their privacy practices.

Strictly necessary cookies may be placed by default. Non-essential cookies (including functional cookies, analytics cookies, marketing cookies, and certain third-party cookies) will be placed only where legally permitted and, where required, only after obtaining your explicit consent via the cookie banner / cookie preference tool on the Website. Continued browsing alone shall not constitute consent for non-essential cookies where applicable law requires explicit consent.

Third-party websites linked through the Website are not controlled by Quantum1st. Quantum1st shall not be responsible for any loss, cyber incident, malware, fraud, unauthorised access, or personal data processing conducted through such third-party websites.

INTERNATIONAL DATA TRANSFERS

We may transfer personal data outside the UAE. When doing so, we ensure compliance with UAE PDPL standards, including sending data only to jurisdictions recognized as providing adequate protection, or where contractual safeguards are in place, or with your explicit consent.

Where cloud service providers or processors operate from outside the UAE, Quantum1st implements safeguards appropriate to the nature of the data, including contractual protections and technical security measures.

HOW LONG DO WE KEEP YOUR PERSONAL DATA

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, taking into account legal, regulatory, professional, and contractual obligations. Once the retention period expires, personal data will be securely destroyed or anonymized.

Retention periods may vary depending on contractual scope, project timelines, legal requirements, and limitation periods applicable to potential claims.

YOUR RIGHTS AND CHOICES

You have various rights regarding your personal data, including: Access, Accuracy, Objecting, Porting, Erasure, Complaints, and Withdrawal of Consent. To exercise any rights, contact us at the details below.

Your rights are subject to applicable law and may be restricted where retention or processing is required for legal compliance, regulatory obligations, or for establishing, exercising, or defending legal claims.

HOW DO WE KEEP YOUR INFORMATION SAFE?

We implement robust technical and organizational security measures, including encryption (using Tresorit end-to-end encryption), access controls, regular security audits, and employee training to ensure the protection of personal data.

Access to systems and sensitive information is limited to authorised personnel on a strict need-to-know basis.

CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. Significant changes will be communicated through email or other appropriate means. Continued use of our website or services after such notification signifies your acceptance of our revised policy.

CONTACT US

Quantum1st – Data Protection Officer

Name: Ahmed Elshnawy

Email: cto@quantum1st.com

Address:  BC 817937 26th Floor Amber Gem Tower Ajman

References to “Data Protection Officer” shall be interpreted as the designated privacy/compliance contact and do not imply statutory appointment unless required under applicable law.

You also have the right to lodge a complaint with the relevant supervisory authority in the UAE.