PRIVACY NOTICE
1. Introduction and Scope
This privacy notice explains how DP World FZE a Jebel Ali Free Zone company duly incorporated under the laws of the Jebel Ali Free Zone, Emirate of Dubai, United Arab Emirates and having its principal place of business at P.O Box 17000, Emirate of Dubai, United Arab Emirates and its affiliated companies (“DP World” or “us” or “we” or “our”) use personal information about you (and the other parties with whom we may share it) when we interact (for example, when we provide or procure services to/for you and when you use our Website (being the DP World website) or Apps (being the DP World mobile applications), or visit one of our locations).
It also tells you about your rights and choices with respect to your personal information, and how you can contact us about our privacy practices. You can see DP World affiliates by going to Our Global Locations & Networks here.
If you provide us with the personal information of anyone else, we ask that you: (i) provide this privacy notice to them so that they can understand how we process their personal information; and (ii) ensure that you are duly authorised to provide us with their personal information.
Our privacy practices may vary among the territories in which we operate to reflect local practices and legal requirements. See the annexes attached to this privacy notice for additional disclosures, as applicable.
Our Website includes links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy notice of every website you visit.
2. Data Controller
A data controller (or equivalent term under your national data protection legislation) is the entity that decides the means and purpose for which your personal information will be processed.
In some circumstances, more than one controller may be responsible for processing your personal information, such as when it is shared with third parties who act as independent controllers as set out in this privacy notice. If you are unsure who the controller is for the processing of your personal information, please contact us using the details set out in the “Further Information” section below.
3. Further Information
For any further information regarding this privacy notice, please email the data protection team at [email protected].
4. Information We Collect From Or About You, Why We Use It And Where We Get It From
We collect and process different types of personal information, which we set out in the table below together with the reasons why we process them, the lawful basis for our use of your personal information and the source of such information. Please read the table below in conjunction with any annexes of this privacy notice that apply to your jurisdiction.
Note: : In some jurisdictions, we may need your permission (consent) to process your personal information, either in addition to or instead of the other legal bases described in this notice.
| Data Subject | Processing Activities | Personal information we use | Purpose / activity | Lawful basis / condition | Source of information |
|---|---|---|---|---|---|
| Website Users | Providing a website |
• IP address • Details of visits to our Website • Browser type and version • Time zone setting • Browser plug-in types and versions • Operating system and platform • The full Uniform Resource Locators (URL) • Log files and clickstream to, through and from our Website • Website interaction information |
• Monitor the performance and relevance of our Website, our AdWords campaigns and analytics • Ensure that content from our Website is presented in the most effective manner for you and for your computer • Tailor the content of our Website for you • Keep our Website, our other IT systems and facilities safe and secure • Provide a contact form for you to be able to contact us |
• Legitimate interest to administer our Website and provide you with relevant information about our products and services • Consent |
• You when you visit and interact with our Website • 3rd party analytics providers |
| Customers/Clients – potential or actual | Negotiating/entering into an agreement with us, us providing or procuring services to/for you and us better understanding you as a Customer/Client |
• Name • Address and proof of address • Job title/position/role • Contact details • Gender • Nationality • Date of birth • Order number • IP address • Identification documents • Tax identification number • Financial information • Screening information • Know Your Customer (KYC) documentation • Profile ID/picture • Biometric data |
• Being able to contact you (and for you to contact us) regarding the negotiation of an agreement or, when we have entered into an agreement/contract with you for our services and for us to provide those services • Use of our systems to provide the services • When you sign up to an event with us • Fulfil orders and personalise marketing notifications • Report/investigate incidents • Onboard customers onto our platforms (including creating user accounts), send service notifications to the user for any transaction (booking) made by the user in the App and to share with the execution system • Analyse the personal information you provide to us, so that we can understand whether we can provide additional services to you • Carry out accounting, procurement, payments, financial reporting and approvals • Provide information to authorities, auditors, and insurance companies • Compliance checks e.g., sanctions screening, anti-money laundering (AML) as required under applicable laws |
• Necessary for the fulfilment of a contract between us or to take steps to enter into a contract with you • Consent • Legal requirement • Legitimate interest in providing, improving, and developing our services |
• Directly from customer/client • 3rd party organisation on behalf of customer/client • 3rd party sources |
| Vendors/Suppliers - potential or actual | Negotiating/entering into an agreement with us, and you providing services to us and/or our customers |
• Name • Address • Employer • Job title/position/role • Contact details • Driving licence • Health information • Qualifications • Gender • Order number • IP address • Identification documents • Tax identification number • Financial details • Screening information |
• Use of our systems for you to provide the services • When you sign up to an event with us • Report/investigate incidents • Carry out accounting, procurement, payments, financial reporting and approvals • Provide information to authorities, auditors, and insurance companies • Use driver details to ensure only authorised drivers are entering the terminals • Ensure the right users are assigned the right trips • Assess whether the driver is fit to drive and whether they are legally allowed to carry the goods assigned to them • Produce analytics and reports in order to optimise our products, marketing, website, sales and to know more about our customers' preferences in relation to products and maintaining a Customer Relationship Management (CRM) database. This is done by analyses of our databases with information about, e.g., website use, customer preferences, purchase history, sales and by sending questionnaires |
• Necessary for the fulfilment of a contract between us or to take steps to enter into a contract with you • Consent • Legal requirement • Legitimate interest in providing, improving, and developing our services |
• Directly from vendor/supplier • 3rd party organisation on behalf of vendor/supplier • Other 3rd party sources |
|
The following partners: • representatives of shareholders of financial institutions (e.g., banks, Non-Banking Financial Companies (NBFC), financial institutions, etc.); • representatives of partners who are part of World Logistics Passport (WLP) program; • representatives of partners involved in community programs / projects; and • members of digital communities and professional associations (e.g., Digital Freight Alliance, etc.) |
Entering into and carrying out partner relationships to better provide our products and services |
• Name • Contact details • Identification details |
• Contact purposes, collaboration and providing services • Provide trade finance services • Comply with legal and compliance requirements as per applicable regulations • Collaborate on community programmes |
• Necessary for the fulfilment of a contract between us or to take steps to enter into a contract with you • Consent • Legal requirement • Legitimate interest in enabling us to better provide our products and services to you |
• Directly from partner or partner’s representative • 3rd party organisation on behalf of the partner • Other 3rd party sources |
| Visitors to one of our locations | Visitors attending one of our locations |
• Still & Live Images (CCTV) • Full name • Identification documents • Work address • Contact details • Car registration • Facial recognition for security verification purposes at our offices |
• For the safety of visitors and staff, and for the prevention and detection of crime • Confirm identity of individual visiting us and to be able to contact the individual whilst they are on site, and to confirm who they are visiting |
• Legitimate interest in keeping our locations safe and secure • Consent |
• Directly from visitor when visiting our location |
| All Users of our Apps | Use of our Apps |
• Name • Contact information • Login details (e.g., email, phone number, password) • Location data • Your personalized settings in our App • Information about your use of our App (e.g., errors, interaction information (such as scrolling and clicks)) • Images, voice and video recordings, feedback and opinions you submit |
• Provide our Apps to you • Develop, manage, and improve our Apps. This is done to ensure you receive the best experience we believe to be possible, including that the content is relevant and presented to you in the most effective manner • Allow you to participate in/register for interactive features in our Apps • Keep our Apps safe and secure, and administer our Apps for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes • Feedback and opinions (including being provided through our enquiry or contact forms), to assist with queries, complaints and to help us evaluate and improve our services •Feedback and opinions (including being provided through our enquiry or contact forms), to assist with queries, complaints and to help us evaluate and improve our services •if you use our Apps’ barcode scanning, QR code scanning, text recognition, or inspection/audit features, we may capture and use images from your device's camera The images captured are used solely for the following purposes: i. Barcode scanning: to decode and retrieve information from barcodes ii. QR code Scanning: to read and interpret QR codes for specific actions or information retrieval iii. Text recognition: to recognize and extract text from images for various functionalities within the App iv. Inspection/audit: to document and inspect damages for record-keeping and analysis |
• Necessary for the fulfilment of a contract between us or to take steps to enter into a contract with you • Legitimate interest in providing, improving, and developing our Apps • Consent |
• Directly from the user • 3rd party organisation on behalf of customer/client/ vendor/supplier • Other 3rd party sources/analytics providers |
| All individuals that we market to | Marketing |
• Name • Marketing preferences • Contact details - telephone number, email address • Your interactions with our Website, Apps and products/services |
Provide marketing materials via newsletters, electronic or analogue communication, via our Apps or social media. This will include receiving information, notifications, newsletters, offers, or similar, depending on our relationship and your personal preferences.
i. Content of newsletters signed up to |
• Consent • Legitimate interest in promoting our products and services |
• Directly from recipient • 3rd party sources |
| All individuals who we take videos or photographs of (including using the likeness of the individual) | Taking videos or images of individuals for use in our promotional materials/publications |
• Live images • Videos • Still images • Likenesses (“images”) |
Place images across our portfolio of websites, promotional materials and publications for advertising and marketing purposes |
• Legitimate interest in promoting our business • Consent |
• Video/photo subject (using image capturing technology) |
Where we rely on our legitimate interests to process your personal information to enable and develop the activities underpinning our business and service offerings to you, we believe that your interests are not affected in a negative or disproportionate way. You are not under a legal obligation to provide us with any of the above personal information but please note that if you elect not to provide us with the personal information, we may be unable to provide our products or services to you.
Our Website and Apps use cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our Website and allows us to improve it. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.
5. Disclosing, Sharing and Transferring Personal Information
To facilitate our efficient use of your personal information and to provide you with our services, we disclose your personal information to third parties. We have contracts in place with third parties that we use, that strictly govern how they use the personal information we disclose to them.
We may transfer your personal information to third parties outside of the jurisdiction you are in, and we will do so only where there are adequate safeguards to ensure your privacy. Where the jurisdiction is not considered adequate by the relevant authorities of the jurisdiction of export, we put in place appropriate contractual measures, including standard contractual clauses approved under applicable laws to safeguard your personal information.
The below sets out the categories of organisations to whom we may disclose information about you and the reasons we disclose this information.
- Affiliates - We may disclose personal information to our affiliated companies for the purposes described in this privacy notice, for example, to provide you with our products and services in multiple markets, for supporting our IT infrastructure, to promote our products and services and undertake direct marketing, because we think you may have an interest in their products and services. Affiliates are those companies that are under the common control of our parent company DP World FZE. You can see the locations of our DP World affiliates by going to Our Global Locations & Networks here.
- Third Parties – We may use third parties to provide services to and/or for us which may require disclosure of your personal information to such third parties. This includes IT service providers (such as cloud storage providers), professional advisors, analytics and search engine providers, payment service providers, banks, other financial institutions (to enable you to pay or be paid for services) and credit reference and marketing agencies. Such third parties may act as independent controllers of your personal information in order for them and us to facilitate your receipt of services. If we allow a third party to have access to your personal information, they will only be permitted access for purposes that are consistent with this privacy notice and will be required to protect your personal information in accordance with applicable data protection laws.
- Law enforcement, compliance with applicable law, and legal claims - In certain circumstances, we may be required to disclose your personal information to any relevant party, regulatory body, governmental authority, law enforcement agency, or court, in response to a court order, subpoena, search warrant, law or regulation, or for the establishment, exercise or defence of legal claims. We plan to cooperate in responding to such requests, taking appropriate measures to ensure that the requester understands the confidential nature of the personal information that they may receive. We also reserve the right to cooperate with law enforcement authorities and other relevant parties in investigating and prosecuting individuals who violate our rules or engage in behaviour that is illegal or harmful to individuals or the personal information we are responsible for.
- Corporate transactions - We may disclose your personal information to a third party in connection with a corporate reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock, including in connection with any bankruptcy or similar proceedings.
6. Data Retention
We store your personal information for as long as it is necessary to fulfil the purposes set out in this privacy notice, unless we are obliged under applicable laws and regulations or are entitled to store the personal information for a longer period. More specifically, we will:
- retain your personal information as long as we have an ongoing relationship with you (in particular, if you have an active account with us or have not withdrawn your marketing consent);
- only keep the personal information while your account is active or for as long as needed to provide services to you or for you to provide services to us;
- retain your personal information for as long as needed in order to comply with our global legal and contractual obligations;
- also retain your personal information where this is advisable to safeguard or improve our legal position (for instance in relation to statutes of limitations, security, litigation, or regulatory investigations); and
- Once your personal information is no longer required for the purpose for which it was collected, and we are not required or authorised by applicable law to retain it, we will, as soon as reasonably practicable, delete, destroy, or de-identify it in accordance with applicable legal requirements.
7. Artificial Intelligence (AI)
By leveraging the robust capabilities of AI, we remain committed to innovating while upholding the highest standards of responsible AI use and data privacy. Such processing is based on our legitimate interest or your consent given to us, where applicable laws allow us to use it.
We do not use your personal information in any automated decision making (a decision made solely by the creation and application of technologies without any human intervention) or profiling (processing of personal information with a range of technologies that reduce human intervention to evaluate certain conditions about an individual) that produces a legal effect or similarly significant effect concerning you.
Accountability, fairness, and transparency are essential to our AI practices. Our accountability measures include rigorous oversight and governance structures that monitor AI deployment and usage. This ensures users understand and trust the technology. By continuously testing and validating the performance and outcomes we believe that we use AI technology in a fair, equitable and unbiased manner. We are open about what AI algorithms and models we use, the data used, and the decisions made. By adhering to these standards, we ensure that our AI initiatives are conducted with integrity and respect for user privacy and data protection. We remain committed to leveraging AI in ways that enhance our services while maintaining the highest standards of ethical and compliance conduct.
To ensure compliance with local requirements, you can find additional information on our local applications/websites, where required by local law or by contacting us using our contact details above.
8. Your Rights
In certain circumstances, applicable data protection law may grant you certain rights, which we summarise in the table below. Please note that these rights are not absolute and may not always apply in your particular circumstances. To make requests to exercise your rights, please email the data protection team at [email protected].
We may need to request specific information from you to help confirm your identity and ensure your entitlement to such rights. This security measure ensures that your personal information is not disclosed to anyone who does not have the right to receive it.
| Right of access and data portability | You may have the right of access to personal information we hold about you and/or to have it transferred to another data controller in some circumstances. |
| Right of rectification or erasure | If you feel that any personal information that we hold about you is inaccurate you may have the right to ask us to correct or rectify it. You may also have a right to ask us to erase personal information about you. |
| Right to restriction of processing | You may have a right to request that we refrain from processing your personal information in certain circumstances. |
| Right to object | You may have a right to object to our processing of your personal information. |
| Right to withdraw consent | You may have the right to withdraw your consent for the processing of your personal information where the processing is based on consent. |
| Right not to be subject to automated decision-making | You may have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning yourself or similarly significantly affects you. |
| Right of complaint | If you are unhappy with the way we have used or are handling your personal information you may have the right to lodge a complaint with your supervisory authority (if you are unsure of who your supervisory authority is, please contact us using the email address above and we can provide this information to you). We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance at the email set out above and we will respond within a reasonable period of time. |
9. Data Security
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties as detailed in ‘Disclosing, Sharing and Transferring Personal Information’. Such employees, agents and contractors will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Please remember that you are responsible for keeping your passwords secure. If we have given you (or you have chosen) a password which enables you to access certain parts of our Website or App, you are responsible for keeping this password confidential. Please do not share your passwords with anyone.
Please note that sending information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of personal information sent to our Website or App; you send us personal information at your own risk. Once we have received your personal information, we will use strict procedures and security features to try to prevent unauthorised access.
10. How We Keep This Privacy Notice Up to Date
This privacy notice was last updated in March 2026. We will review and update this privacy notice from time to time and will take reasonable steps to notify you of any substantive updates to it.
China Annex
1. Introduction and Scope
This annex (“China Annex”) to DP World’s Website, Customer, Vendor & Partner Privacy Notice Global Privacy Policy (“Global Notice”) applies to you if your personal information is being processed in the People’s Republic of China (“China”) by DP World China Co., Ltd, or DP World Management Consultation (Shanghai) Co Limited (collectively referred to as “DPW China”), which are subject to data protection laws and regulations of China, including the Personal Information Protection Law (“PIPL”).
2. Data Controller
Pursuant to the PIPL, the synonymous term for a data controller is a personal information processor.
3. Information We Collect From or About You, Why We Use It, and Where We Get it
We will process your personal information based on your consent, unless we are allowed to process your personal information without your consent as permitted by the PIPL, including:
- where it is necessary for the conclusion or performance of a contract to which you are a contracting party;
- where it is necessary for carrying out human resources management under an employment policy legally established or a collective contract legally concluded;
- where it is necessary for performing statutory responsibilities or statutory obligations;
- where it is necessary for responding to a public health emergency, or for protecting the life, health or property safety of the natural person in the case of an emergency;
- where the personal information is processed within a reasonable scope to carry out any news reporting, supervision by public opinions or any other activity for public interest purposes;
- where the personal information which has already been disclosed by you or otherwise legally disclosed, is processed within a reasonable scope and in accordance with the PIPL; or
- any other circumstance as provided by laws or regulations.
A list of the types of personal information we collect and process, and the source of the information can be found in the Global Notice.
In the event we require sensitive personal information as defined by the PIPL, we will obtain your separate consent prior to collection and processing. PIPL defines sensitive personal information as personal information that is likely to result in damage to the personal dignity of any natural person or damage to his or her personal or property safety once disclosed or illegally used, including such information as biometric identification, religious belief, specific identity, medical health, financial account and whereabouts and tracks, as well as the personal information of minors under the age of 14.
4. Disclosure, Sharing & Transferring Personal Information
To fulfill the purposes indicated in the Global Notice, we may need to transfer your personal information to our affiliated entities located outside of China, including, but not limited to, DP World China Holdings Limited located in Hong Kong, DP World Asia Pacific Pte. Ltd. in Singapore, and DP World FZE in Dubai, UAE. Your personal information may be processed by staff operating outside of China who work for us or one of our suppliers for the purposes described in the Global Notice.These entities may be contacted by emailing [email protected].
In accordance with applicable legal requirements, we will seek your consent before exporting your personal information. You have the right to refuse or withdraw your consent. Please note that this may impact the services we can provide you, depending on the circumstances and applicable laws.
When exporting your personal information to jurisdictions outside of China, we will implement appropriate measures as required by applicable laws, including, but not limited to, conducting risk assessments and entering into applicable contractual arrangements.
India Annex
1. Introduction and Scope
This annex (“India Annex”) to DP World’s Website, Customer, Vendor & Partner Privacy Notice Global Privacy Policy DP World’s Global Privacy Policy (“Global Notice”) applies to you if your digital personal information is being processed (a) within the territory of India (“India”) or (b) outside of India in connection with the offering of goods or services to you in India by DP World Limited, Hindustan Infralog Private Limited, Hindustan Ports Private Limited and/or any of their direct or indirect subsidiaries which are subject to data protection laws and regulations of India (collectively referred to as “DPW India”), including the Digital Personal Data Protection Act (“DPDPA”).
2. Data Controller
Pursuant to the DPDPA, the synonymous term for a data controller is a data fiduciary.
3. Information We Collect From or About You, Why We Use It, and Where We Get it
We will process your personal information for certain legitimate uses as defined by the DPDPA, including instances where you voluntarily give your personal information for a specific purpose and you do not object to the processing activity. For all other purposes we will process your personal information based on your consent. A list of the types of personal information we collect and process, and the source of the information can be found in the Global Notice.
4. Your Rights
In addition to any applicable rights listed in the Global Notice, you have:
- the right to nominate another other individual who may exercise your privacy rights in the event of your death or mental or physical incapacity; and
- the right to grievance addressal.
Grievances regarding our processing of your personal information and/or handling of your rights may be submitted to [email protected]. To the extent you have exhausted this right you may make a complaint to the Data Protection Board of India.