Privacy Policy - NEW CENTRAL DUBAI FRUITS AND VEGETABLES MARKET L.L.C

Last updated: 07 January 2026

  1. Introduction & Scope

This Privacy Policy explains how New Central Dubai Fruits and Vegetables Market L.L.C (“NCDFVM”) ( “NCDFVM”, “we”, “us”, “our”) collects, uses, discloses, retains and protects Personal Data when you use Fruits and Vegetables Market services accessible through the Dubai Trade website (www.dubaitrade.ae) and at the Dubai Food District service centre (the “Services”). It also explains your privacy rights and how to exercise them.

    1. 1.1.We process Personal Data in line with the–Federal Decree-Law No. 45 of 2021 concerning the Protection of Personal Data (the “PDPL”) and implementing guidance issued by the UAE Data Office.
    2. 1.2.This Policy applies to NCDFVM’s operations in Dubai, outside the Dubai International Financial Centre (“DIFC”) and the Abu Dhabi Global Market (“ADGM”). It applies only to Personal Data processed in connection with the Fruits and Vegetables Market services described in this Policy. If you interact with Dubai Trade or other DP World entities from the DIFC or the ADGM, different data protection regimes may also apply.

Other Dubai Trade services and websites remain governed by Dubai Trade FZE’s own privacy policy.

  1. Controller & Contact
    1. Controller: New Central Dubai Fruits and Vegetables Market L.L.C (UAE).
    2. Contact: [email protected]
  1. Key Definitions
    1. Biometric Data means “Personal Data resulting from processing using a specific technology related to the physical, physiological or behavioral characteristics of the Data Subject, which allows the identification or confirmation of the unique identification of the Data Subject, such as facial images or fingerprints.”
    2. Controller / Processor means “the party determining the purposes and means of Processing Personal Data / the party who is Processing on behalf of the Controller.”
    3. Data Subject means “a natural person who is the subject of Personal Data.”
    4. Personal Data means “any data related to a specific natural person or related to a natural person that can be identified directly or indirectly by linking the data, through the use of identification elements such as his/her name, voice, image, identification number, his/her electronic identifier, his/her geographical location, or by one or more physical, physiological, economic, cultural or social characteristics. It includes Sensitive Personal Data and Biometric Data”.
    5. Processing means “any operation or set of operations performed on Personal Data using any electronic means, including processing and other means. This processing includes collecting, storing, recording, organizing, adapting, modifying, circulating, altering, retrieving, exchanging, sharing, using, characterizing, disclosing Personal Data by broadcasting, transmitting, distributing, making available, coordinating, merging, restricting, blocking, erasing or destroying it or creating forms thereof”.
    6. Sensitive Personal Data means “any data which directly or indirectly reveals a natural person’s family, ethnic origin, political or philosophical opinions, religious beliefs, criminal record, Biometric Data, or any data relating to such person’s health and physical, psychological, mental, genetic or sexual condition, including information related to the provision of healthcare services to him/her which reveals his/her health status.”
  1. What Information We Collect, Why We Use It & Our Lawful Basis
    1. We only collect the minimum necessary Personal Data and use it for specified and explicit purposes. Under the PDPL, consent is the default legal basis unless another basis applies (e.g., contractual necessity or legal obligation).

Data

Examples

Purpose(s)

Lawful basis

Typical source(s)

Personal identifiers

full name, company contact details; company name, company email address, company mobile number, contact person name, contact person mobile number and email address

Register for our services (Fruits and Vegetables Market); fulfil any requests you make (e.g., company registration, lease application or renewal, permit requests, updates via the Dubai Trade portal or Market service centre); allow you to participate in any interactive features of our service, when you choose to do so.

• Performance of a contract with you.

• Necessary (to provide our Services to you).

• Comply with our legal obligations (where applicable).

• Our registration forms are on the Dubai Trade portal. • Our direct interactions with you. • Our email correspondence or interactions at the Market service centre.

Marketing preferences

topics and channels you opt into

send you optional updates and communications about Fruits and Vegetables Market services and, where applicable, Dubai Trade / DP World communications that you explicitly opt in to receive

• Your explicit Consent (you can withdraw your consent anytime)

registration forms; direct interactions

Feedback & opinions

to answer our surveys, to manage your complaints, support threads

service improvement; address your complaints

• Contract (support) and/or your Consent (you can withdraw your consent anytime)

web forms; correspondence; Market service centre interactions

Website & app usage (cookies/SDKs)

Website and communication usage data. Your IP address, details of visits to our website, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, the full Uniform Resource Locators (“URL”), clickstream to, through and from our website and the date and time of the clickstream, products or services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call our customer service number.

Enable us to: · monitor the performance and relevance of our website and our ad words campaigns; · ensure that content from our website is presented in the most effective manner for you and for your computer; · tailor the content of our website for you; and · keep our website, our other IT systems, and facilities safe and secure.

• Strictly necessary cookies: Our Contract with you and our Service delivery;

• Non-essential analytics/ads: Consent (you can withdraw your consent anytime)

As you interact with the Dubai Trade website, we will automatically collect website and communication usage data about your equipment, browsing actions and patterns. We collect this personal data through the operation of your browser on your device, by using cookies and other similar technologies. Please see our cookie policy in section 2 of Annex A for further details. Third party analytics providers such as Google Analytics and Hotjar.

Email interaction data

opens, bounces, link clicks

measure and improve campaigns; segmentation; understanding how you interact with service notifications or other communications

Your Consent (you can withdraw your consent anytime);

Performance of our Contract with you

Our correspondence with you.

Transactional/billing (if applicable) – Banking data

For Fruits and Vegetables Market services, NCDFVM receives only payment confirmation details from the Dubai Trade payment gateway (Rosoom), such as the transaction reference number, amount, date and status, for reconciliation and record purposes. NCDFVM does not receive or store your bank account or card details.

• Perform the agreements we have with you or your employer and manage our relationship in this respect (e.g., lease and permit payments).

• Monitor our activities (measuring and compiling statistics on payments, number of customers).

• Improve the quality of our products and services.

• Safeguard our economic interests.

Performance of a contract with you; compliance with legal obligations.

• Information passed to us from the Dubai Trade portal and Rosoom payment gateway.

• Any transactions conducted by you on the Dubai Trade website in relation to Fruits and Vegetables Market services.

  1. Related Websites and Third-Party Websites
    1. The Fruits and Vegetables Market services are accessed through the Dubai Trade website. Dubai Trade and other DP World entities may operate additional websites and online services, which are governed by their respective privacy policies unless this Privacy Policy is expressly stated to apply.
    2. It is important that you read this Privacy Policy together with any other privacy notice (including any Acceptable Use Policy) or fair processing notice we or Dubai Trade provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your personal data. This Privacy Policy supplements the other notices and is not intended to override them.
    3. Our products and services include links to third party websites, plug-ins, and applications (including those presented via the Dubai Trade portal). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We strongly advise you to review the privacy policy of every website you visit.
    4. This Privacy Policy does not apply to, and we are not responsible for the privacy policies of these third-party websites regardless of whether they were accessed while using links from our website or communications. These third parties are typically used for the following:
      1. 5.4.1.Advertising, direct marketing, lead generation and other marketing service providers;
      2. 5.4.2.SMS and email notification service providers;
      3. 5.4.3.Foreign and domestic financial and credit institutions; and
      4. 5.4.4.Auditors.
  2. Disclosing, Sharing and Transferring Personal Data
    1. We use third party service providers in connection with providing our services to you. We have contracts with all third-party service providers we use that strictly govern how they use the personal data we disclose to them.
    2. The table below indicates categories of organisations to whom we may disclose information about you, the reason we disclose this information, what information is shared with them, and where these organisations are located.

Categories of Organisation

Purpose / Activity

Lawful basis

Information shared

    
    
    

Dubai Trade FZE

To provide and support the online portal through which Fruits and Vegetables Market services are accessed, including processing registrations, applications and payments (via Rosoom).

Performance of our contract with you.

Personal identifiers, licensing and registration data, uploaded documents, payment confirmation references.

Microsoft Azure, Oracle CX

Information management.

Performance of our contract with you.

All data types listed in the ‘What Information We Collect, Why We Use It & Our Lawful Basis section above, to the extent hosted in such infrastructure.

Analytics and search engine providers

To assist us in the improvement and optimization of our website.

Performance of our contract with you.

Personal Identifiers (where relevant), website, and communication usage data.

Public authorities, regulators, or government bodies

Administration of justice, regulatory and compliance.

Compliance with our legal obligations.

All data types listed in the ‘What Information We Collect, Why We Use It & Our Lawful Basis section above, only where required.

IT Service providers

To support and maintain the IT software and infrastructure we use including (WIPRO, Oracle, and Accenture).

Performance of our contract with you.

All data types listed in the ‘What Information We Collect, Why We Use It & Our Lawful Basis’ section above, as necessary for support.

Professional advisers

Legal and compliance advice. Audits.

Compliance with our legal obligations.

All data types listed in the ‘What Information We Collect, Why We Use It & Our Lawful Basis section above, as required.

    1. We may also disclose your personal data to other third parties from time to time:
      1. if we are under a duty to disclose or share your personal data to comply with any legal obligation or if we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets;
      2. to enforce or apply our terms of use and other agreements; and
      3. to protect the rights, property, or safety of our company, our customers, or others including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
    2. Where we transfer your personal data to third parties outside of the UAE we shall do so only where there are adequate provisions to ensure your privacy. For more information regarding the measures, we are taking for international transfer of personal data, please refer to section 3 of Annex A.
    3. Access to customer and tenant Personal Data within NCDFVM is limited to authorized personnel who require such access to perform their roles, including Customer Service, Permit, and Commercial (Leasing) teams, through controlled systems such as Oracle CX.
  1. Marketing Communications
    1. You can ask us to only send you marketing communications by particular methods (email, telephone, text message or post), about specific subjects or you can ask us not to send you any marketing communications at all.
    2. We will ask you to indicate your marketing preferences when you first register an account on the Dubai Trade website and/or app (as applicable), which you can change by emailing: [email protected] for privacy-related preferences, or by using any channel indicated in the Dubai Trade portal for communication preferences.
  2. International Transfer of Personal Data
    1. NCDFVM ensures that your Personal Data is stored and transferred in compliance with the applicable legislation or regulations of the UAE.
    2. You should be aware that certain third-party service providers, such as payment transaction processors, may be located in, or have facilities that are located outside UAE, in a different jurisdiction than either you or us.
    3. We may transfer of Personal Data outside the UAE, and we shall do so only when the country or territory to which the Personal Data is to be transferred (i) has a bilateral or multilateral agreements related to personal data protection with the UAE or (ii) has special legislation on personal data protection therein, including the most important provisions, measures, controls, requirements and rules for protecting the privacy and confidentiality of the your personal data and their ability to exercise their rights, and provisions related to imposing appropriate measures on the controller or processor through a supervisory or judicial authority.
    4. However, some of the international organizations and countries to which your personal data may be transferred do not benefit from an appropriate data protection regulatory framework. For such international organizations and countries, we shall transfer your personal data, only upon ensuring that a suitable degree of protection is afforded to it through the implementation of the necessary safeguards, such as an adequacy decision by the relevant authority, adequate binding corporate rules or through the inclusion of standard contractual clauses in our agreements with such organizations and countries. We may also transfer your personal data to recipients outside the UAE based on your express consent; or if such transfer is necessary for judicial processes; or if such transfer is necessary for entering into or performing a contract between NCDFVM and you or between NCDFVM and a third party for your interests, or if such transfer is necessary for an act relating to international judicial cooperation; or if the transfer is necessary for protection of public interest. We shall notify you with regards to the specific safeguard we shall adopt in transferring your personal data to such an international organization and/or country if you require such data. You provide your consent through the acceptance of the Privacy Policy and Annex A for such transfer.
    5. If you wish to procure specific information about the third-party service providers with whom your personal data has been shared, please contact us at [email protected]. If you choose to proceed with a service that requires the involvement of a third-party service provider, then your personal data may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. For these providers, we recommend that you read their privacy policies, so you can understand the manner in which your personal data will be handled by these providers.
  3. Data Retention
    1. We keep Personal Data only for as long as necessary to fulfil the purposes for which it was collected, including meeting any legal, regulatory, accounting, or reporting obligations. When those purposes no longer apply, we will delete, anonymize, or aggregate the data, unless a lawful exception requires longer retention.
    2. We maintain an internal Retention Schedule that sets maximum retention periods by data category. In setting these periods, we consider:
      1. 9.2.1.the nature and sensitivity of Personal Data;
      2. 9.2.2.the purposes for which we process it and whether we can achieve those purposes through other means;
      3. 9.2.3.applicable statutory or regulatory retention requirements (e.g., corporate, tax, financial record keeping, consumer protection);
      4. 9.2.4.limitation periods for establishing, exercising, or defending legal claims; and
      5. 9.2.5.security risks and best-practice guidance.
    3. If we believe data is needed to comply with a legal obligation, respond to a request from a competent authority, or establish, exercise, or defend legal claims, we may retain it beyond standard periods. During such legal holds, deletion is suspended until the hold is lifted.
    4. Where Personal Data is stored in backup or archival systems, it will be isolated from routine use and securely overwritten or deleted in line with our backup lifecycle. System and security logs are retained only as long as necessary for security, audit, and integrity purposes.
    5. When a retention period expires, or processing no longer has a lawful basis, we will securely erase Personal Data or irreversibly anonymize it. Anonymized data is no longer Personal Data and may be retained and used for analytics, reporting, or service improvement.
    6. Where processing is based on consent (e.g., direct marketing), we will stop processing upon withdrawal and promptly suppress your contact details from marketing lists. We may retain minimal records to document your opt-out.
    7. Where we process Personal Data on behalf of another controller, we will follow the controller’s written retention instructions and delete or return Personal Data at the end of the engagement, subject to any legal retention requirements.
    8. You may request erasure or restriction of your Personal Data in accordance with applicable data protection law. We will honor valid requests unless a lawful basis requires continued retention (for example, compliance with a legal obligation or the defense of legal claims).
    9. We will hold information about how you interact with our electronic communications for 6 months in order to help us analyze the performance of our digital marketing activities or customers and prospects.
    10. 9.10.We will only keep your information for a longer period where necessary in order to comply with our legal obligations.
    11. 9.11.You may email us at [email protected] for more information on our data retention practices.
    12. 9.12.Identity documents submitted for registration, verification or permit-related purposes (including Emirates ID, passport copies, visa copies and photographs) are currently retained for audit, compliance and reference purposes. NCDFVM may review and update retention periods for such documents based on business, legal and regulatory requirements.

For Fruits and Vegetables Market services, tenant and registration records (including company details, licence information, and payment confirmation records) are retained after lease or service termination for audit and reference purposes in line with applicable legal and regulatory requirements.

  1. Your Rights
    1. 10.1.Data protection law grants you certain rights which we summarise in the table below. Please note that these rights are not absolute, and they may not always apply in your particular circumstances. To exercise your rights, please email us at [email protected]. We may need to request specific information from you to help us confirm your identity and ensure your entitlement to such rights. This security measure is to ensure that your personal data is not disclosed to any person who has no right to receive it.

Right of access and data portability

You have the right to access information we hold about you and/or to have it transferred to another Controller in some circumstances.

Right of rectification or erasure

If you feel that any data that we hold about you is inaccurate you have the right to ask us to correct or rectify it. You also have a right to ask us to erase information about you where you can demonstrate that the data we hold is no longer needed by us, if you withdraw the consent upon which our processing is based, or if you feel that we are unlawfully processing your data. Your right of rectification and erasure extends to anyone we have disclosed your personal data to, and we will take all reasonable steps to inform those with whom we have shared your data about your request for erasure.

Right to restriction of processing

You have a right to request that we refrain from processing your data where you contest its accuracy, the processing is unlawful and you have opposed its erasure, where we do not need to hold your data anymore, but you need us to in order to establish, exercise or defend any legal claims, or we are in dispute about the legality of our processing your personal data.

Right to object

You have the right to object to our processing of your Personal Data. This includes the right to object to the use of your information for direct marketing and profiling purposes.

Right to withdraw consent

You have the right to withdraw your consent for the processing of your Personal Data where the processing is based on consent.

Right of complaint

If you are unhappy with the way we have used or are handling your Personal Data you have the right to lodge a complaint with the supervisory authority for data protection issues in the country where you usually live, work or where the relevant issue arose. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance at the email set out above.

  1. Data Security
    1. 11.1.We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties as detailed in ‘Disclosing, Sharing and Transferring Personal Data’ above. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.
    2. 11.2.We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
    3. 11.3.Please remember that you are responsible for keeping your passwords secure. If we have given you (or you have chosen) a password which enables you to access certain parts of products and services (as applicable), you are responsible for keeping this password confidential. Please do not share your passwords with anyone.
    4. 11.4.Please note that no transmission over the internet or any method of electronic storage can be guaranteed to be absolutely 100% secure, however, our best endeavors will be made to secure data and the ability to access your Personal Data.
    5. 11.5.Without prejudice to our efforts on protection of your data, nothing contained in this Policy constitutes a warranty of security of the facilities, and you agree to transmit data at your own risk.
    6. 11.6.Please note that we do not guarantee that your data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. Please, always check that any website on which you are asked for financial or payment information in relation to our services is in fact legitimately owned or operated by us.
    7. 11.7.If you do receive any suspicious communication of any kind or request, do not provide your information and report it us by contacting our offices immediately at [email protected]. Please also immediately notify us at [email protected] if you become aware of any unauthorized access to or use of your account.
    8. 11.8.Furthermore, we cannot ensure and do not warrant the security or confidentiality of data transmitted to us or sent and received from us by internet or wireless connection, including email, phone, instant messaging service or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us [email protected]
    9. 11.9.We also aim to conduct all applicable security risk assessments to ensure the availability of risk mitigation controls, to better safeguard the integrity of your data.

For avoidance of doubt, NCDFVM does not store or process full banking or card details. Payment card and bank data used to pay Fruits and Vegetables Market fees are processed by the Dubai Trade payment gateway (Rosoom). NCDFVM receives only payment confirmation references and related metadata necessary for reconciliation.

  1. Additional Security Precautions and Measures for Banking Data
    1. 12.1.Should your Personal Data be breached, and your Banking Data be at risk, we shall promptly and immediately communicate to you the nature of the breach which has taken place, the likely consequences of such a breach and shall describe thoroughly the measures we have implemented to address the breach and to mitigate any and all adverse effects to you and your rights. We will also notify the CBUAE of the breach in accordance with applicable regulations. In the unlikely event of a breach occurring, please reach out to us at [email protected] for further information and for further advise on how to mitigate the potential adverse effects of such a breach.
  2. How We Keep This Policy Up to Date
    1. 13.1.This Privacy Policy was last updated on 25th November 2025. From time to time, we may revise, amend, or supplement this Policy to reflect necessary changes in law, our personal data collection and usage practices, the features of our offerings, or advances in technology. If any material changes are made to this Policy, the changes may be prominently posted on our websites and applications. However, the onus is also on you to occasionally familiarize yourself with the contents of this Policy, for your own information. Changes to this Policy are effective when they are published.
  3. Annex A: Cookie Policy
    1. 14.1.What is a cookie?

A ‘cookie’ is a small piece of encrypted text saved on the browser or hard drive in your computer or mobile device when you visit a website. Cookies are selected pieces of information that are sent to your device or computer’s hard drive, while you are viewing or using the Dubai Trade website through which Fruits and Vegetables Market services are offered, as permissioned. It allows us to recognize you and make your next visit easier and the experience of our services more useful to you. Cookies can be stored for varying lengths of time on your browser or device.
We use both session / transient cookies (which expire once you close your device web browser) and persistent cookies (which stay on your device until you delete them) to collect information to provide you with a more personalized and interactive experience in using the Dubai Trade portal and services. This type of data is collected to make our services more useful to you and to tailor your experience with us to meet your special interests and needs.

    1. 14.2.How we use cookies?

When you use and access the Dubai Trade portal in connection with Fruits and Vegetables Market services, we may place a number of cookie files on your device’s web browser. We use cookies to enable certain functions of the portal, i.e., to provide analytics, to prevent fraudulent or illegal activity, to store your preferences, to enable advertisements delivery, including behavioral advertising. We also use cookies to enhance your browsing experience by:

      1. Recognizing when you log in and any preferred settings.
      2. Giving you a browsing experience that is unique to you and to serve you content which we believe improves your site’s experience.
      3. Analyzing how you use our sites, which helps us to troubleshoot any problems and to monitor our own performance.
      4. In addition to our own cookies, we may also use various third parties’ cookies to report usage statistics of our sites, deliver advertisements on and through the Dubai Trade portal, and so on.
    2. 14.3.Types of cookies we use

We use the following four types of cookies:

      1. Essential cookies: These cookies are essential to let you move around The Dubai Trade website and use its features. These cookies allow the portal to provide services at your request. We use essential cookies to authenticate users and prevent fraudulent use of user accounts.
      2. Performance cookies: These cookies may be used to collect information about how you use The Dubai Trade Portal e.g., which pages you visit most often, and if you experience any error messages. They also allow us to update the portal to improve performance and tailor it to your preferences. These cookies do not collect any information that could identify you – all the information collected is anonymous.
      3. Functional cookies: These cookies are used to remember the choices you make, e.g., your username, log in details and language preferences. They also remember any customizations you make to give you enhanced, more personal features of your digital experience.
    2. 14.4.Cookies preferences

Please note that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer on The Dubai Trade Portal. You may not be able to store your preferences, and some of our pages might not display properly. NCDFVM is not responsible for any limitations in Dubai Trade’s technical cookie functionality and is not responsible and will not be held liable for any loss resulting from your decision or inability to use cookies.

Privacy Policy
Cookies Policy
Terms of use
Whistleblowing Hotline
Modern Slavery Act
© 2026 - Dubai Food District, a part of DP World UAE. All rights reserved.