(06) 5503800
(06) 2002003
Login
New Account
  • العربية
    • Privacy Policy
    Home » Privacy Policy
    English

    Introduction:

    At Awraq Investments we are fully committed to protecting the privacy and security of your personal data in accordance with the provisions of the Jordanian Personal Data Protection Law No. (24) of 2023. This Privacy Policy explains how we collect, use, disclose, and process your personal data in general, as well as the measures we take to protect it when you receive our services directly, visit our website, use our online digital services, or engage in any other electronic interaction with the Company.

    Scope of Application:

    This Privacy Policy applies to all users of the Company’s website, including:

    • Website visitors
    • Individuals submitting contact forms
    • Individuals sending inquiries
    • Job applicants through the website
    • Users of any available digital services (whether existing or potential customers)

    This also includes data resulting from electronic interaction with the Company.

    Objectives of the Privacy Policy:

    This Privacy Policy aims to protect the personal data of natural persons who are customers of the Company or interact with it, and to ensure confidentiality and secure processing in accordance with applicable laws and regulations. It also seeks to:

    • Ensure transparency in the collection and use of personal data
    • Enable individuals to exercise their legal rights
    • Define legitimate purposes for data processing to ensure service efficiency
    • Ensure compliance with regulatory requirements
    • Strengthen trust and credibility between the Company and its customers
    • Apply the highest security standards and technical safeguards to protect information

    1. Information We Collect

    We collect different types of information to provide and improve our services, manage our relationship with you, and meet legal obligations. This may include:

    1.1. Personal Data You Provide Directly:

    Information you provide when applying for a product or service, registering for online services, contacting customer service, etc., including but not limited to:

    • Identity Data: name, date of birth, national number, passport number, nationality, gender.
    • Contact Information: address, email, phone number.
    • Financial Information: account numbers, income, credit history.
    • Other Data: information received from third parties (e.g., government bodies, regulators, or credit verification agencies).

    1.2. Data Collected Indirectly:

    We may obtain your personal data indirectly through various sources, including:

    - Device Information: IP address, device type, operating system, browser type.
- Usage Data: visited pages, time spent on pages, clicked links, referring URLs, interaction patterns.
- Location Data: general geographic location derived from your IP address.

    1.3 Information from Third Parties:

    We may receive information about you from third parties, such as credit inquiry entities, identity verification service providers, or related persons such as your legal representative, agent, authorized signatory, or employer.

    1.4 Publicly Available Sources:

    Such as public databases and the Companies Controller website, in accordance with applicable laws.

    2. How We Use Your Information (Purposes & Legal Basis)

    We use your personal data for various purposes, including:

    • Providing services and processing transactions (Contractual necessity)
    • Verifying identity and securing accounts (Contractual necessity)
    • Communicating with you regarding your accounts and our services (Contractual necessity / Legitimate interest)
    • Improving our products and services and enhancing user experience (Legitimate interest)
    • Complying with legal and regulatory requirements (Legal obligation)
    • Conducting analytics, research, and internal administrative purposes (Legitimate interest)
    • Collecting outstanding amounts owed to us (Contractual necessity)
    • Assessing applications you submit (Legitimate interest)
    • Monitoring, recording, and analyzing communications between you and us (Legal obligation)
    • Sharing data with government entities, credit reference agencies, fraud prevention agencies, operational bodies, regulators, foreign authorities, and external auditors (Legal obligation / Contractual necessity)
    • Processing job applicant information (Legitimate interest / Contractual necessity)
    • Litigation, legal consultations, notices, or transaction documentation (Legal obligation / Contractual necessity)

    Personal Data Processing Matrix

    Legal Basis Processing Purpose Data Type
    Permitted by law / Contract / Legal & Regulatory obligation Account management, communications, service delivery, regulatory compliance Personal identity details (name, DOB, email, nationality, marital status, gender, contact details)
    Permitted by law / Legal & Regulatory obligation Providing special services when needed, legal compliance Health data (physical, psychological, genetic)
    Legal & Regulatory obligation / Contract Account management, regulatory compliance Addresses and proof documents
    Legal & Regulatory obligation Identity verification, compliance with regulatory requirements and anti-money laundering Identification documents (ID, passport)
    Permitted by law / Contract / Legal & Regulatory obligation Evaluating margin account applications and managing client accounts, Regulatory compliance Employment and employer data
    Legal & Regulatory obligation Account management, risk assessment, regulatory compliance Financial details (income, source of wealth, financial activity)
    Legal & Regulatory obligation International tax compliance Tax status (TIN, FATCA), U.S. withholding tax under Chapter 3
    Legal & Regulatory obligation Account management, fraud prevention, regulatory compliance Financial transaction details
    Legitimate interest / Legal obligation Cybersecurity and electronic service delivery Digital identifiers (IP, email)
    Legitimate interest / Legal obligation Service improvement, fraud prevention Geolocation data
    Explicit consent / Permitted by law User experience enhancement, digital services Cookies
    Legal obligation / Legitimate interest Security, identity verification Audio, video, and photographic data
    Legitimate interest Credit evaluation, risk management Risk classification information
    Legal & Regulatory obligation / Permitted by law Regulatory compliance Due diligence data
    Explicit consent / Legal obligation Account management, regulatory compliance Data of individuals related to you

    3. Online Services

    Our online services are designed to provide secure and convenient access to your accounts. When using our online services application, we collect specific data to enhance security and user experience, including:

    • Device information: device model, operating system, and unique device identifiers to authenticate your device and protect your account.
    • Geolocation: may be used to provide location-based services and for fraud prevention purposes.

    4. Cookies and Tracking Technologies

    Our website uses cookies and similar tracking technologies to ensure proper website functionality, enhance user experience, analyze website usage, and strengthen information security, in compliance with Jordan’s Personal Data Protection framework.

    Cookies are small text files stored on the user’s device when visiting the website. They may include technical data such as IP addresses or device identifiers, which may be considered personal data and are processed accordingly.

    4.1 Types of Cookies We Use

    • Strictly Necessary Cookies: Required for website operation and cannot be disabled. These enable core functions such as security, session management, and secure access. Used based on legitimate interest to provide the service.
    • Functional Cookies: Used to remember user preferences such as language and settings to improve usability.
    • Performance & Analytics Cookies: Used to collect aggregated statistical information about how the website is used, such as the most frequently visited pages and the duration of browsing sessions, for the purpose of improving website performance and enhancing the quality of the services provided.
    • Third-Party Cookies: Cookies may be used by third parties (such as analytics or technical service providers) in accordance with their privacy policies and applicable legal requirements.

    4.2 Cookie Consent Management

    Non-essential cookies are not used unless we obtain prior explicit consent through the consent management window shown on the first visit. Users have the right to:

    • Accept or reject non-essential cookies
    • Modify preferences at any time
    • Withdraw consent without impacting core website usability

    This is done through the cookie settings available on the website.

    5. How We Share Your Information

    We may share your personal data with third parties only when necessary, for the purposes described in this Policy, and in compliance with legal requirements. These parties may include:

    • Service Providers: Intermediary entities involved in the execution of financial transactions, including correspondent banks and licensed or authorized electronic funds transfer providers permitted by law to obtain relevant data. Personal data is shared and processed strictly to the extent necessary to execute such transactions and to comply with applicable legislative and regulatory requirements.
    • Regulatory and Legal Authorities: Government bodies and supervisory authorities (such as the Jordan Securities Commission, Amman Stock Exchange, Securities Depository Center, Central Bank of Jordan, and the Anti-Money Laundering Unit), as well as courts, where disclosure is required by law or pursuant to a lawful request.
    • Credit Reporting Providers: For the purposes of credit assessment and preparation of credit reports, as permitted under applicable law.
    • Professional Advisors: Auditors and legal counsel for audit, compliance, and legal representation purposes.
    • Parent Company (Cairo Amman Bank): For the purpose of complying with laws, regulations, and instructions applicable to subsidiaries.
    • Sister Company: Under a marketing agreement for the promotion of the Company’s products through an Awraq Investments representative within the sister company.

    6. International Data Transfers

    Your personal data may be transferred to countries outside the Hashemite Kingdom of Jordan under the following conditions:

    • A valid legal basis for the transfer, such as the necessity to perform a contract with the data subject (e.g., executing a funds transfer), the data subject’s prior consent, or for the purpose of complying with legal obligations imposed by applicable legislation.
    • A legitimate justification for transferring data outside the Kingdom, as required by the nature of the Company’s business operations, such as the existence of subsidiaries or affiliated entities outside the Kingdom, or where the nature of the transaction or service necessitates such transfer.
    • The implementation of appropriate security safeguards to protect your privacy rights, in accordance with the Jordanian Personal Data Protection Law (2023).

    7. Data Security

    Awraq Investments is committed to protecting the confidentiality of your personal data. Our policies include a comprehensive set of technical, physical, and organizational measures designed to maintain the integrity and confidentiality of your data and protect it from loss, misuse, unauthorized access, breach, alteration, during storage, processing, and transmission. We continuously assess and update our security controls. Personal data is accessible only by authorized employees who require access for service delivery.

    8. Data Retention

    We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, regulatory, and statutory obligations. This is done in accordance with the instructions of the Jordan Securities Commission, Amman Stock Exchange, and the Securities Depository Center on a continuous basis for the duration of the relationship, unless a longer period is required by law. Personal data will be securely disposed of once it is no longer needed.

    9. Your Rights (Data Subject Rights)

    Under the Jordanian Personal Data Protection Law, the Company may process personal data without the consent or notification of the data subject under Article (6/A/5) for the purposes of enabling the Company to perform its licensed activities. Other than that, you have certain rights regarding your personal data, including:

    • Right of Access: request a copy of the personal data we hold about you.
    • Right to Rectification: request correction of inaccurate or incomplete personal data.
    • Right to Erasure (“Right to be Forgotten”): request deletion under certain conditions and in accordance with Central Bank of Jordan instructions and applicable laws, provided processing is not required for legitimate business purposes.
    • Right to Restriction of Processing: request limiting how we use your personal data, under certain conditions, provided processing is not required for legitimate business purposes.
    • Right to Object: object to processing under certain conditions (e.g., direct marketing).
    • Right to Data Portability: request your personal data in a structured, machine-readable format to enable reuse or transfer to another party.
    • Right to Withdraw Consent: withdraw consent at any time, provided processing is not required for legitimate business purposes.

    With the understanding that the Company may not be able to respond to any requests that conflict with applicable laws or the regulatory and supervisory requirements to which it is subject, or that may result in the concealment, alteration, or intentional modification of information necessary to verify the identity of the client or the beneficial owner, or the accuracy of their credit report, or that may affect due diligence requirements, or otherwise compromise the security, integrity, or safety of the Company’s operations or expose them to risk.

    Data Processing means one or more operations performed in any manner or by any means for the purpose of collecting, recording, copying, preserving, storing, organizing, refining, exploiting, using, sending, distributing, publishing, linking with other data, making available, transferring, displaying, anonymizing, encrypting, destroying, restricting, erasing, modifying, describing, or disclosing data by any means.

    10. Requests and Complaints Mechanisms

    To exercise any of these rights or submit a complaint, please contact our Data Protection Officer (DPO) through the channels below. We handle requests and complaints as follows:

    • Personal data requests: executed within 15 days from the day following receipt of the request. The Company may extend this period once for an equivalent duration.
    • Complaints: responded to within 10 days from the day following receipt of the complaint.

    Note: We may not be able to fulfill some requests if they conflict with legal requirements, regulatory obligations, or if they put the security of our operations at risk.

    11. Customer Notification in Case of a Personal Data Breach

    In the event of a personal data breach, the data subject will be notified within 24 hours if the breach is likely to pose a high risk to the rights and freedoms of the individual.

    12. Minors’ Data

    The website is not intended to collect personal data from children under the age of eighteen (18), and we do not knowingly collect or process any minors’ data. If we become aware that personal data of a minor has been collected without parental consent, we will take the necessary steps to delete it immediately.

    13. Marketing Provisions

    The Company uses customer data for the purpose of direct marketing of the Company’s services and products, within the scope of the business relationship between the customer and the Company. This includes services and products that are comparable or similar, including those provided by companies wholly owned by the Company. The customer has the right to unsubscribe from direct marketing channels from the first marketing communication.

    14. Changes to This Privacy Policy

    We update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by publishing the updated policy on our website with a new effective date. We encourage you to review this Policy periodically.

    15. Contact Us

    If you have any questions about this Privacy Policy, our data practices, or if you wish to exercise your rights, please contact our Data Protection Officer (DPO):

    • Personal Data Protection Officer: Samer Sawwan
    • Email: DPO@awraq.com
    • Phone: 065503800
    • Extension: 210

    This Privacy Notice has been last updated Feb 12, 2026

    Um Uthainah-Royal Business Center
  • 925102 Amman 11110 Jordan
  • +962 6 550 3800
    • About Us
    Asset Management
    Local Brokerage
    International Brokerage
    All Rights Reserved © | Developed by Blue Ray for Web Solutions