Privacy and data protection at DUOARCH.

Governance structure

Our Global Privacy and Data Protection Office holds strategic and operational responsibility for privacy across the firm, coordinating contributions from ethics and compliance, legal, HR, and security disciplines.

Highlights of our approach:

• Board and executive commitment to privacy law compliance
• An ethics and compliance organisation with Board-level authority
• A Data Protection Office led by the Group Data Protection Officer (EU)
• A globally applicable Privacy and Data Protection Policy
• Comprehensive compliance standards and procedures
• Employee training across the employment lifecycle
• Regular privacy risk assessments and Privacy Impact Assessments
• Data-breach handling procedures with 24/7 incident response
• Cross-disciplinary partnerships
• A flexible service-delivery model
• A one-stop point of contact for privacy-related matters

Scope

This Privacy Notice applies to all DUOARCH-owned websites, domains, services, and wholly owned subsidiaries — except where a specific policy supersedes it. It also covers offline collection of personal information.

Collection of personal information

Personal information includes identifying details such as names, addresses, phone numbers, and email addresses. Collection occurs through website access, ordering channels, employment processes, and correspondence with the firm.

Use of personal information

Fulfilling transaction requests

Information is used to process requests and may be shared with group companies and business partners for the purpose of fulfilment.

Personalising experience

Data enables tailored website content and navigation.

Providing support

Technical support may involve incidental access to customer data, which is governed by separate service agreements rather than this Privacy Notice.

Marketing

The information you provide may be used by DUOARCH for marketing purposes. Opt-in opportunities are provided where required, and unsubscribe options are present in marketing emails.

Co-branded offerings

Information may be shared with third-party partners; users are encouraged to review partner privacy policies.

Recruitment

Job-application information is processed throughout the organisation for employment consideration.

Monitoring interactions

It is DUOARCH's general practice to monitor and in some cases record calls, chats, and online transactions for training and quality-assurance purposes.

Mobile applications and social tools

Supplemental privacy statements are provided with apps and social tools. Content posted to those platforms is subject to those platforms' terms rather than this notice.

Rights and property protection

Information may be disclosed to protect organisational rights when reasonably believed necessary, or as required by law and legal process.

Sharing of personal data

DUOARCH will not sell, rent, or lease your personal information to others.

Cross-border transfers

Information is transferred within our global organisation in accordance with this notice. Service providers are required to meet equivalent standards.

Business transactions

Mergers and reorganisations may involve disclosure to prospective or actual purchasers, with appropriate protections sought.

Legal disclosure

Information may be subject to disclosure pursuant to judicial proceedings, court orders, or law enforcement requests.

Choices and privacy preferences

Registration is not required for website access. Users can manage subscription and communication preferences at the point of collection, in account settings, or through the contact methods listed below. Opt-out is available at any time, except for administrative or transactional communications.

International data transfers

DUOARCH recognises and respects the varying national laws and obligations applicable to data transfer. We respect the OECD Privacy Guidelines, GDPR, the UK Data Protection Act, the APEC Privacy Framework, PIPEDA, and the Australian Privacy Act.

EU data transfers

We use EU Standard Contractual Clauses and intragroup agreements to ensure adequate protection for EU-originated data transferred cross-border.

Information security, accuracy and retention

Security is a high priority for DUOARCH. We implement administrative, technical, and physical safeguards. Third parties are required to meet equivalent standards. Retention follows legal requirements and our records-management policies.

Access to your personal information

DUOARCH provides individuals with reasonable access to personal information they have provided. Users may request review, correction, anonymisation, blockage, or deletion. Identity verification is required before access is granted.

Dispute resolution

Complaints regarding the collection and use of personal information should be directed to the Privacy Office. Individuals may also contact their national privacy authorities. The firm commits to coordinate with foreign regulators where required.

Cookies, web beacons, and other technologies

Cookies identify visitors and track usage and preferences. Users are offered control over their placement; browser settings can refuse cookies (with potential feature limitations). Third-party embedded content (such as YouTube) may set cookies outside our control.

Online advertising

Third-party advertising systems use cookies and pixel tags for targeted content. We use external sites to advertise our services.

External links

Third-party links and social media features are provided for convenience. DUOARCH does not control those third-party sites or their privacy practices. Users are encouraged to review external privacy policies.

Notification of changes

Material updates are posted at the top of this page with notification provided to users. Different usage practices are disclosed with appropriate user choice (subject to legal and contractual provisions).

Inquiries and contact

Comments and questions should be directed to our Global Data Protection Office at [email protected]. Requests and complaints will be treated confidentially with a representative response within a reasonable timeframe.