Privacy policy

Last update on 25th May 2025

Table of content

1. Capital Catering and Services – Sole Proprietorship L.L.C

(“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data in a transparent and responsible manner. This Privacy Policy describes in detail how we collect, use, store, disclose, and protect personal information when individuals engage with our services, websites, mobile applications, customer service representatives, and in-person events. This document provides comprehensive insights into your rights, our data handling practices, and the legal basis upon which your personal data is processed in accordance with UAE Federal Decree-Law No. 45 of 2021 and, where applicable, international data protection regulations.

We process personal information of customers, event participants, vendors, business clients, website visitors, and other individuals who interact with our platforms, digital channels, or catering and hospitality services. This includes our corporate catering services, wedding and special occasion packages, venue-based events, digital ordering systems, and any loyalty or promotional programs we operate. This Privacy Policy applies irrespective of whether you are based in the UAE or abroad.

2. Scope of This Policy

This Policy governs all collection and processing of personal data through our website, event registration forms, online ordering platforms, vendor and supplier systems, and any other operational interfaces we manage. It outlines the conditions under which we process your data for delivering catering services, managing venue reservations, facilitating customer support, conducting promotional campaigns, processing transactions, and ensuring compliance with applicable laws. Acceptance of this Privacy Policy, either through digital interaction or physical registration, implies your understanding of our practices as defined herein.

3. Geographical Scope

Capital Catering serves a wide array of clients across local and international territories. While our operational headquarters is located in Abu Dhabi, UAE, we regularly interact with clients, exhibitors, and partners throughout the GCC, Levant, North Africa, South Asia, Europe, and other global regions. Accordingly, we maintain robust data protection controls that adhere to the highest regional and international standards for privacy compliance.

4. Categories of Personal Data Collected

Depending on your interaction with us, we may collect a combination of the following data categories:
  1. 4.1 Full name, job title, and company affiliation (where applicable)
  2. 4.2 Email address, mobile number, and other contact details
  3. 4.3 Residential or delivery address and billing address
  4. 4.4 Nationality, identification details (when legally required)
  5. 4.5 Dietary preferences, allergy disclosures, and special meal requests
  6. 4.6 Payment-related details (card type, masked numbers, issuing bank; we do not store full payment card or CVV information)
  7. 4.7 VAT registration numbers (for corporate clients)
  8. 4.8 IP addresses, browser identifiers, and usage data collected through cookies or analytics tools
  9. 4.9 Photographic or video data for marketing and documentation purposes during events (with notice and/or consent)
All data is collected with your knowledge, either directly through forms and platforms or indirectly through interaction logs, cookies, and third-party systems we integrate with.

5. Use of Personal Data

We use the personal data we collect to provide, manage, and enhance the catering and hospitality services we offer, and to ensure a seamless experience throughout all customer touchpoints. Your data enables us to coordinate event catering, manage food preferences and service customizations, and communicate effectively regarding bookings, orders, or logistics. We also use your data to process payments and coordinate with our payment providers, monitor system usage for operational efficiency, and offer personalized marketing and promotional content that aligns with your preferences and past engagements. Further, your data supports internal reporting, compliance with food safety regulations, feedback analysis, and customer satisfaction surveys. Where applicable, we may also process your data to facilitate co-hosted or sponsored events with partners, to fulfill legal or regulatory obligations, or to protect our business against fraud and abuse.

6. How and When We Share Personal Data

We disclose your personal data only when necessary and in accordance with legal, contractual, or operational requirements. Categories of recipients may include:
  1. 6.1 Our affiliated companies and internal departments (e.g., Operations, Events, Finance, Compliance, and IT) for service fulfilment and internal reporting
  2. 6.2 Third-party vendors including Digital of Things, payment processors such as Adyen B.V., banking partners like First Abu Dhabi Bank, logistics or delivery service providers, and platform maintenance teams, all of whom are subject to strict confidentiality obligations
  3. 6.3 Event partners and co-organizers, where you have registered or opted to participate, to coordinate activities, share event-related updates, and ensure seamless guest experiences
  4. 6.4 Governmental, regulatory, or judicial bodies when mandated by law, subpoena, court order, or official investigation
  5. 6.5 Prospective buyers, merger parties, or acquirers in connection with corporate restructuring or business transactions, with appropriate safeguards in place
We do not sell, lease, or trade your personal information to third parties. All disclosures are carefully governed by data processing agreements, Non-Disclosure Agreements (NDAs), and compliance protocols aligned with UAE data privacy laws.

7. Data Storage and International Transfers

Your personal data is securely stored within the United Arab Emirates on servers equipped with robust cybersecurity protections. International data transfers, where applicable (e.g., for invoice processing or cross-border event participation), are conducted in strict compliance with UAE Federal Decree-Law No. 45 of 2021 and supported by contractual clauses, encryption technologies, and secure transfer mechanisms.

8. Automated Decision-Making

Our platforms may utilize rule-based logic and automated tools to facilitate workflows, assign event services, or generate confirmations. These tools do not result in decisions that have a legal or similar significant effect on you and are subject to oversight to ensure transparency, fairness, and accountability.

9. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Policy or as required under UAE law. This includes:
  1. 9.1 A 7–10-year retention period for compliance with financial, accounting, and tax regulations
  2. 9.2 Retention for the duration of the business relationship plus a limited period thereafter for post-event communication or legal claims
  3. 9.3 Longer retention periods where necessary for legal defense, regulatory inquiries, or contract enforcement
Once no longer required, data is securely erased, anonymized, or archived in accordance with our internal data retention policy.

10. Your Rights

Under the UAE Personal Data Protection Law and applicable international standards, you have the right to
  1. 10.1 Request access to your data and receive a copy
  2. 10.2 Correct inaccurate or outdated information
  3. 10.3 Request deletion of data no longer necessary or unlawfully processed
  4. 10.4 Restrict certain types of data processing
  5. 10.5 Object to data processing for direct marketing purposes
  6. 10.6 Withdraw consent at any time (where consent is the basis of processing)
  7. 10.7 File complaints with the appropriate data protection authority
To exercise any of your rights or raise concerns, please contact: support@capitalcateringplus.ae, ithelpdesk@adnec.ae, or cybersecurity@adnec.ae. We may verify your identity before acting on any request.

11. Data Security

Capital Catering applies rigorous data protection measures to preserve the confidentiality, integrity, and availability of personal data. This includes:
  1. 11.1 Encryption of data at rest and during transmission
  2. 11.2 Access control systems that limit data access to authorized personnel only
  3. 11.3 Continuous cybersecurity monitoring and threat detection
  4. 11.4 Regular penetration testing and vulnerability scans
  5. 11.5 Contractual and technical controls governing third-party data access
We periodically update our practices to reflect emerging threats and evolving regulatory requirements.

12. Policy Updates

This Privacy Policy may be updated from time to time to reflect changes in our practices, technology, legal obligations, or service offerings. Any amendments will be published on our website with an updated “Last Updated” date. Where required, we will notify you of significant changes and seek renewed consent.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or the handling of your personal data, you may contact us at: support@capitalcateringplus.ae or call +971 2 406 3500.