About us.

Portfolio.

Investment.

Insights.

Careers.

PRIVACY POLICY

PRIVACY POLICY

PRIVACY POLICY

Mojay Global Holding Limited

Last Updated: October 24, 2025

1. Scope

This Privacy Policy explains how Mojay Global Holding Limited (“MGHL”), a DIFC‑registered company, processes Personal Data relating to website visitors, business contacts, prospective investors, and candidates interacting with our Site and corporate channels. It does not cover employees/contractors (Workers); Workers should refer to MGHL’s Worker Privacy Notice. Interview/candidate processing is further described in MGHL’s Interview Data Retention & Privacy Policy and Candidate Privacy Notice, which supplement this Policy.

Updates. We may update this Policy; material changes will be posted here and, where appropriate, notified to you.

2. How We Collect Data & Categories of Data Collected

Sources. Directly from you (forms, emails, interviews), from MGHL affiliates/service providers operating on our behalf (hosting, analytics, videoconference, ATS), and from publicly available sources (e.g., corporate websites, LinkedIn for B2B context).

Categories (external interactions):

  • Identifiers & contact (name, business email/phone, company/role, IP address, device data, cookie IDs where consented).

  • Website usage/analytics (pages viewed, interactions, timestamps; via first‑party tools or processors).

  • Content you submit (contact form messages, meeting recordings where used, CV/application data).
    Investor relations (KYC/AML identifiers where legally required).

  • Special categories: only if provided for a clear purpose (e.g., reasonable accommodations for an interview), handled with enhanced safeguards.

3. Purposes & Lawful Bases

We process Personal Data only where a lawful basis applies (DIFC DP Law Art. 10). Our primary bases and purposes are:

  • Legitimate interests (Art. 13): operating a secure, informative B2B website; responding to enquiries; maintaining business contact lists; scheduling meetings; interview recording/assessment (with reasonable alternatives if you object); improving Site performance and content. We document Legitimate Interests Assessments (LIA). 

  • Consent (Art. 12): non‑essential cookies/analytics/marketing, optional interview features (e.g., sharing a recording), and receiving marketing communications. You may withdraw consent at any time. 

  • Contract / pre‑contract: responding to requests you initiate, arranging NDAs/meetings.

  • Legal obligation: such as AML/KYC for investors; compliance with DIFC, court, or authority requests.

  • Vital interests: only to protect life/safety in emergencies.

No solely automated decisions. MGHL does not make decisions solely by automated means that produce legal or similarly significant effects. Where we use algorithmic tools (e.g., meeting transcription), outputs are decision‑support only.

We provide concise notices at or before collection, including controller identity, purposes/bases, retention, recipients, international transfer safeguards, your rights, and how to contact us or the DIFC Commissioner of Data Protection.

4. Sharing, Processors & International Transfers

We share Personal Data with processors (hosting, storage, analytics, videoconference, ATS/transcription) and MGHL affiliates on a need‑to‑know basis under written processor terms (DIFC Art. 24), including confidentiality, security, sub‑processor control, deletion on termination, and assistance with rights and breach responses.

Where data is transferred outside the DIFC, we use DIFC adequacy (Art. 26) or DIFC Standard Contractual Clauses or other appropriate safeguards (Art. 27). Our vendor register records purpose, locations, and the transfer mechanism for each provider.

5. Data Retention

We retain Personal Data no longer than necessary for the purposes stated:

  • Website analytics (first‑party): up to 13 months (or shorter if your CMP supports shorter cycles).

  • Contact enquiries & B2B correspondence: 24 months from last meaningful interaction.

  • Candidate data (cross‑refer): recordings 30 days (not‑shortlisted)/up to 12 months (shortlisted); CVs/evaluation notes 18 months, with a narrow legal‑claims hold only where necessary.

  • Investor AML/KYC: per applicable law/limitation periods.

  • Backups: deletions extend to practical backup cycles. Logically deleted data is not restored except for disaster recovery.

  • Your Rights & How to Exercise Them: you have rights to access, rectification, erasure, restriction, objection (including to processing based on legitimate interests), portability, and to withdraw consent without penalty. Submit requests to privacy@mojay.com. We verify identity, respond within one month, explain any refusal ground, and log outcomes. You may also contact the DIFC Commissioner of Data Protection.

6. Security & Breach Notifications

We apply proportionate technical and organisational measures. If a personal data breach compromises confidentiality, security, or privacy, we notify the Commissioner as soon as practicable and affected individuals where high risk is likely, and promptly if there is an immediate risk of damage. We keep a breach register.

7. Contact & Complaints

  • Controller: Mojay Global Holding Limited (MGHL), DIFC, Dubai, UAE.

  • Privacy contact: Group General Counsel | privacy@mojay.com.

  • Regulator: DIFC Commissioner of Data Protection (contact details and breach reporting portal available on the DIFC website).

About us

Portfolio

Investment

Careers

Insights

Contact us

Terms of use

Cookie policy

Privacy policy

All rights reserved.

Mojay Global Holding Limited

About us

Portfolio

Investment

Careers

Insights

Contact us

Terms of use

Cookie policy

Privacy policy

All rights reserved.

Mojay Global Holding Limited

About us

Portfolio

Investment

Careers

Insights

Contact us

Terms of use

Cookie policy

Privacy policy

All rights reserved.

Mojay Global Holding Limited