Legal Framework

Privacy Policy

DocumentFalconEyeQ Privacy Policy v1.0

Last UpdatedMarch 2025

JurisdictionUnited Arab Emirates (UAE)

IMPORTANT NOTICEThis Privacy Policy governs the collection, processing, storage, and disclosure of data by FalconEyeQ Intelligence Systems in connection with AI-powered AML transaction monitoring services in the UAE. All data processed is subject to strict confidentiality under UAE law and CBUAE regulations.

01 Introduction and Scope

FalconEyeQ Intelligence Systems ("FalconEyeQ", "we", "us", "our") is an AI-powered Anti-Money Laundering (AML) transaction monitoring platform designed specifically for financial institutions operating within the United Arab Emirates. FalconEyeQ provides machine learning-based transaction risk scoring, behavioral analytics, and direct goAML STR submission capabilities.

This Policy describes how FalconEyeQ collects, processes, stores, and protects data. FalconEyeQ operates as a data processor on behalf of its Clients, who remain the data controllers of their customer and transaction data.

02 Regulatory Framework

Our operations are built to comply with the following UAE and international standards:

Federal Decree by Law No. 10 of 2025 (AML/CFT)
UAE Federal Law No. 45 of 2021 on Personal Data Protection (PDPL)
CBUAE AML/CFT Guidelines and Supervisory Requirements
UAE FIU goAML Reporting Requirements
FATF 40 Recommendations on AML/CFT

03 Data Collection and Tokenization

FalconEyeQ processes transaction data strictly in tokenized form. All Personally Identifiable Information (PII) — including Emirates ID numbers, passport numbers, and names — is tokenized upon ingestion and never stored in raw form within our ML systems.

UAE Identity Context

We handle two primary identity types in the UAE: Emirates ID (EID) for residents and Passport Numbers for expatriates. Both are tokenized immediately using AES-256 encryption.

04 Data Residency and Storage

FalconEyeQ is committed to full UAE data residency. All Client transaction data, alert records, and case management data are stored exclusively on cloud infrastructure located within the United Arab Emirates (AWS Middle East / Azure UAE regions).

Data Category	Retention Period	Regulatory Basis
Transaction Records	10 Years	CBUAE AML/CFT Regulation
STR/SAR Filing Records	10 Years	UAE FIU goAML Requirement
Security Audit Logs	7 Years	CBUAE Supervisory Audit

05 Data Security Architecture

Security is at the core of our platform architecture:

Encryption: AES-256 for data at rest, TLS 1.3 for data in transit.
Access Controls: Multi-Factor Authentication (MFA) and Role-Based Access Control (RBAC).
Isolation: Logical and physical separation between different Client data environments.
Auditability: Comprehensive logging of all system access and actions.

06 Contact and Data Privacy

For any inquiries regarding data protection or to exercise your rights under the UAE PDPL, please contact our Data Privacy Officer:

Email: privacy@falconeyeq.com
General: info@falconeyeq.com

Need a physical copy?

Download the official PDF version of our Privacy Policy for your records.

Download PDF