top of page

Privacy Policy

This Privacy Policy (“Policy”) describes the principles and practices adopted by Intelligence Engineering (“the Company,” “we,” “us,” or “our”) regarding the collection, use, processing, retention, disclosure, and protection of information obtained in the course of providing AI Maturity Assessments and related advisory services to enterprises, financial institutions, and other organizations (“Clients”).

The Company acknowledges the sensitivity of the data provided by Clients, particularly those operating in regulated sectors such as banking and financial services, and undertakes to handle all such information in accordance with applicable data protection laws, contractual commitments, and industry best practices.

1. Categories of Information Collected

In delivering our services, the Company may collect, access, or be provided with the following categories of information:

  • Organizational Information: Details concerning the Client’s business processes, technology environment, governance models, and AI initiatives.

  • Assessment Information: Inputs, responses, results, benchmarks, and reports generated during the AI Maturity Assessment process.

  • Business Contact Information: Professional identifiers including, but not limited to, names, job titles, email addresses, and telephone numbers of the Client’s representatives.

  • Technical Information: Limited metadata pertaining to access, usage, and system interactions relevant to the provision of services.

The Company does not seek to collect or process personal banking records, customer-identifiable financial data, or sensitive personal data unrelated to the scope of the assessment.

2. Purpose of Processing

 

Information collected shall be processed strictly for the following purposes:

  • Conducting and delivering AI Maturity Assessments.

  • Preparing and providing benchmark analyses, recommendations, and strategic reports.

  • Enhancing and refining assessment methodologies and frameworks.

  • Fulfilling contractual obligations to Clients.

  • Ensuring compliance with legal, regulatory, or supervisory requirements.

No information shall be processed beyond the scope of the agreed engagement without the prior written consent of the Client.

3. Confidentiality and Security Measures

 

The Company employs appropriate technical, organizational, and administrative controls to ensure the confidentiality, integrity, and security of Client information, including but not limited to:

  • Encryption of data at rest and in transit.

  • Role-based access control and authentication mechanisms.

  • Secure data hosting on infrastructure compliant with recognized international standards.

  • Periodic audits, monitoring, and reviews of security practices.

Access to Client information shall be restricted solely to personnel authorized on a need-to-know basis for the execution of contractual duties.

 

4. Disclosure of Information

 

The Company shall not disclose Client information to any third party except in the following circumstances:

  • Where disclosure is expressly authorized by the Client.

  • To subcontractors or service providers bound by confidentiality and data protection obligations equivalent to those of the Company.

  • Where disclosure is required by applicable law, regulation, or court order.

Under no circumstances shall Client data be sold, rented, or used for marketing purposes without the Client’s prior written authorization.

 

5. Data Retention

 

Client information shall be retained only for the duration necessary to fulfill the purposes outlined in this Policy or as otherwise required by applicable laws, regulations, or contractual obligations. Upon expiration of the retention period, such data shall be securely deleted, destroyed, or irreversibly anonymized.

6. Rights of Clients

Subject to applicable law, Clients may exercise the following rights with respect to their information:

  • The right to access information held by the Company.

  • The right to request correction of inaccurate or incomplete information.

  • The right to request deletion of information, except where retention is required by law or regulation.

  • The right to request details regarding the Company’s data processing practices.

Requests may be submitted in writing to the contact information provided in Section 9.

7. International Transfers

Where Client information is transferred or processed across jurisdictions, the Company shall ensure that such transfers are carried out in compliance with applicable data protection regulations, including but not limited to the General Data Protection Regulation (GDPR), DIFC Data Protection Law, or ADGM Data Protection Regulations, as applicable.

8. Amendments to This Policy

 

The Company reserves the right to amend or update this Policy from time to time to reflect changes in legal requirements, industry practices, or Company procedures. Any material changes shall be communicated to Clients in writing or via publication on the Company’s official website, with the effective date duly noted.

bottom of page