Privacy Policy. ALBA DC Hub

→ 01

Introduction.

Alba DC Hub Project Management LLC (operating as Alba DC Hub, "we", "us", "our") is committed to protecting the privacy and confidentiality of personal information collected from visitors to our website at albadc.com and from participants in our training programmes.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you interact with our website, register for the Data Centre Planning Professional (DCPP) programme, book consultations, or contact us through any channel.

→ 02

Who we are.

Alba DC Hub is the data controller responsible for your personal information.

Legal Entity: Alba DC Hub Project Management LLC
Licence: DET Licence No. 1603638
Jurisdiction: Emirate of Dubai, United Arab Emirates
Website: albadc.com
Email: training@albadc.com
WhatsApp: +971 55 852 6501

→ 03

Information we collect.

We collect personal information that you provide directly when you interact with us, as well as limited technical data when you visit our website.

Information you provide directly

Identity data: full name, job title, employer
Contact data: email address, phone number, country of residence
Professional data: years of experience, area of practice, relevant professional credentials (e.g., CDCP, PMP)
Registration data: programme selection, cohort number, learning objectives
Payment data: billing name, billing address, and transaction reference (full card details are processed by Stripe and never stored on our servers)
Correspondence data: messages you send us by email, WhatsApp, LinkedIn, or through our forms

Information collected automatically

Technical data: IP address, browser type, device type, operating system
Usage data: pages visited, time spent on pages, referring website
Cookies data: see our Cookies Policy for full details on what is collected and why

Note

We do not knowingly collect special categories of personal data (such as ethnicity, religious beliefs, health data, or biometric data) through our website or registration forms. If you voluntarily share such information in correspondence, we will treat it with additional care.

→ 04

How we use your information.

We use your information for the following specific purposes:

Programme delivery: registering you in DCPP cohorts, providing access to live sessions, issuing certificates of completion
Communication: responding to your inquiries, sending joining instructions, programme updates, and session reminders
Payment processing: processing programme fees via Stripe and issuing invoices
Marketing (with consent): sending newsletters and information about future cohorts, advisory services, and CPD opportunities. You can withdraw consent at any time
Service improvement: understanding how visitors use our website and which content resonates with our audience
Record-keeping: maintaining tax and business records, reporting participant counts to our accreditation body, and responding to lawful requests
Security: protecting against fraud, unauthorised access, and misuse of our services

We will not use your personal data for any purpose that is incompatible with the purposes listed above without first obtaining your explicit consent.

→ 05

Disclosure to third parties.

We do not sell your personal information. We share data only with trusted service providers who help us operate our business, and only to the extent necessary for them to perform their function.

Service providers we use

See section 11 (Third-Party Services) for the complete list of platforms that process your data on our behalf, including the type of data shared and the purpose.

Legal disclosures

We may disclose your information if required to do so by law, in response to valid requests by public authorities (e.g., UAE courts or regulatory bodies), or where disclosure is necessary to:

Comply with a legal obligation
Protect and defend our legal rights or property
Prevent or investigate possible wrongdoing in connection with our services
Protect the personal safety of our participants, staff, or the public

→ 06

International data transfers.

Some of our service providers are located outside the United Arab Emirates. When we transfer personal data internationally, we ensure that appropriate safeguards are in place and that each provider applies security standards equivalent to or higher than our own.

Specifically, your data may be transferred to:

European Union (Ireland, France): Tally (forms), Stripe (payments)
United Kingdom: CPD Standards Office (accreditation records)
United States: Calendly (scheduling), LinkedIn (advertising and analytics), Google Fonts (typography), Netlify (hosting)
Japan: Supabase (database backend, Tokyo region)

All transfers are governed by appropriate contractual safeguards with each provider.

→ 07

Data security.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction:

Encryption in transit: all data exchanged with our website and service providers is encrypted via TLS (HTTPS)
Encryption at rest: personal data stored by our processors (Supabase, Stripe) is encrypted at rest
Access controls: only authorised personnel have access to personal data, and only to the extent required to perform their duties
Service provider vetting: we use established platforms with recognised security certifications (SOC 2, ISO 27001, PCI-DSS where applicable)
Payment isolation: we do not store full payment card details. All card processing is handled by Stripe under PCI-DSS Level 1

Limitation

While we take reasonable steps to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security. If you believe your data has been compromised, please contact us immediately at training@albadc.com.

→ 08

Data retention.

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements.

Registration and programme data: retained for 5 years from the end of your cohort, to support certificate reissuance, CPD verification, and alumni communications
Payment records: retained for 7 years to meet standard accounting and tax requirements
Marketing data: retained until you withdraw consent or 3 years from your last engagement, whichever is sooner
Inquiry correspondence: retained for 2 years from the date of last contact, unless a contractual relationship arises
Cookies and analytics data: see Cookies Policy for retention periods specific to each cookie

When personal data is no longer needed, we will securely delete or anonymise it.

→ 09

Your rights.

You can contact us at any time to:

Access the personal data we hold about you
Correct data that is inaccurate or incomplete
Delete your data, subject to record-keeping obligations
Withdraw consent for marketing communications
Raise a concern about how your data is being handled

To make any of these requests, write to training@albadc.com. We will respond within a reasonable timeframe.

→ 10

Children's privacy.

Our services are intended for professionals aged 18 and above. We do not knowingly collect personal information from anyone under the age of 18. If you believe that a minor has provided us with personal data, please contact us immediately and we will take steps to delete that information.

→ 11

Third-party services.

We use the following established service providers to operate our business. Each is a separate data controller or processor with its own privacy policy:

Forms and registration

Tally (tally.so) — DCPP registration form. Hosted in the European Union. Tally Privacy Policy

Scheduling and consultations

Calendly (calendly.com) — 15-minute consultation booking. Hosted in the United States. Calendly Privacy Policy

Payments

Stripe (stripe.com) — programme fee processing. PCI-DSS Level 1 certified. Stripe Privacy Policy

Analytics and advertising

LinkedIn Insight Tag (Partner ID: 9764553) — measures effectiveness of our LinkedIn advertising and supports audience retargeting. You can opt out via LinkedIn opt-out settings. LinkedIn Privacy Policy

Hosting and infrastructure

Netlify (netlify.com) — website hosting and content delivery. Netlify Privacy Policy
Supabase (supabase.com) — secure backend database, ap-northeast-1 (Tokyo) region. Supabase Privacy Policy
Google Fonts (fonts.google.com) — typography delivery via CDN. Google may receive technical request data. Google Privacy Policy

Accreditation

CPD Standards Office (cpdstandards.com) — accreditation body (Provider No. 23161). Receives anonymised participant counts and programme details for CPD compliance. CPDSO Privacy Policy

→ 12

Changes & contact.

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. Material changes will be communicated via a notice on our website or by email to registered participants. The "Effective" date at the top of this page indicates when the policy was last revised. We encourage you to review this page periodically.

Contact us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or need to report a privacy concern, please contact us:

Email: training@albadc.com
WhatsApp: +971 55 852 6501
LinkedIn: linkedin.com/company/alba-dc-hub
YouTube: youtube.com/@AlbaDCHub
Postal: Alba DC Hub Project Management LLC, Dubai, United Arab Emirates
Response time: Within a reasonable timeframe