Privacy Policy

FinTechX Technology Solutions FZ-LLC (UAE)
FinTechX Technology Solutions (SMC-PRIVATE) LIMITED (Pakistan)

Last Updated: 16 April 2026

Welcome to Fintechsol.biz (the “Website”). This Website is owned and operated jointly by FinTechX Technology Solutions FZ-LLC, a company incorporated under the laws of the Ras Al Khaimah Economic Zone (RAKEZ) in the United Arab Emirates with registered address at FAMC2122, Compass Building, Al Shohada Road, Jazirat Al Hamra, Ras Al Khaimah, UAE, and FinTechX Technology Solutions (SMC-PRIVATE) LIMITED, a private limited company incorporated under the laws of Pakistan with registered address at 136 1-C1, Township, Lahore, Pakistan 54770 (hereinafter collectively referred to as “FinTechX,” “the Company,” “we,” “us,” or “our”).

This Privacy Policy constitutes a legally binding agreement between you (“User,” “you,” or “your”) and FinTechX governing the collection, use, processing, storage, disclosure, and protection of information obtained from visitors to the Website and recipients of our consulting, capacity building, and training services (collectively, the “Services”). We recognize that privacy is a fundamental right and that the nature of our work—operating at the intersection of financial systems and emerging technologies—demands the highest standards of data stewardship and confidentiality.

By accessing or using the Website, completing a contact form, enrolling in a training program, or otherwise engaging with our Services, you expressly acknowledge that you have read, understood, and voluntarily agree to be bound by the terms and conditions set forth in this Privacy Policy. If you are using the Services on behalf of a corporate entity or other organization, you represent and warrant that you have the authority to bind that entity to this Privacy Policy. In such cases, references to “you” and “your” shall extend to and include the entity you represent.

If you do not agree with any provision of this Privacy Policy, you must immediately discontinue use of the Website and refrain from providing any personal information to us. This Privacy Policy is incorporated into and forms an integral part of our Terms of Service, which can be accessed via a hyperlink located in the footer of the Website. In the event of any conflict between this Privacy Policy and the Terms of Service concerning privacy matters, the provisions of this Privacy Policy shall prevail.

We reserve the right to modify, amend, or replace this Privacy Policy at any time and in our sole discretion, subject to the provisions set forth in Section 34 below. Your continued use of the Website or Services following the posting of any changes constitutes acceptance of those changes. We encourage you to periodically review this Privacy Policy to remain informed of our current data handling practices.

For the purposes of this Privacy Policy and to ensure mutual understanding of its terms, the following words and phrases shall have the meanings ascribed to them below. Capitalized terms not defined in this section shall have the meanings given to them elsewhere in this Privacy Policy or in the applicable data protection legislation of the relevant jurisdiction.

“Personal Data” or “Personal Information” : Any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier (e.g., IP address, cookie ID), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. This definition aligns with Article 4(1) of the GDPR, the CCPA definition of “Personal Information,” and the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.

“Sensitive Personal Data” : A special category of Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person’s sex life or sexual orientation. Additionally, in the context of FinTech services, this includes financial account credentials, government-issued identification numbers, and payment card details.

“Processing” : Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means. This includes, but is not limited to, collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

“Data Controller” : The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data. For the purposes of this Policy, FinTechX Technology Solutions FZ-LLC and FinTechX Technology Solutions (SMC-PRIVATE) LIMITED act as joint Data Controllers for certain processing activities, particularly where data is shared across the corporate group for administrative purposes.

“Data Processor” : A natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Data Controller.

“Data Subject” : The identified or identifiable natural person to whom Personal Data relates. For the purposes of this Policy, this includes visitors to the Website, prospective clients, enrolled trainees, and authorized representatives of our corporate clients.

“Consent” : Any freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the Processing of Personal Data relating to him or her.

“Services” : All products, offerings, and services provided by FinTechX, including but not limited to technology consulting, enterprise capacity building, SAP module training, Business Intelligence workshops, Data Analysis certification programs, AI Automation implementation support, website content delivery, and any related support or maintenance services.

“Website” : The internet site accessible via the uniform resource locator (URL) https://www.fintechsol.biz, including all subdomains, subdirectories, mobile-optimized versions, and any successor websites.

“CCPA” : The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CPRA), codified at California Civil Code §§ 1798.100 et seq., and any implementing regulations.

“GDPR” : Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).

“UAE PDPL” : United Arab Emirates Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, and its implementing regulations and executive orders.

“SCCs” : Standard Contractual Clauses, as adopted by the European Commission for the transfer of personal data to third countries.

FinTechX operates as a unified global brand through two distinct legal entities, each established to serve specific geographic markets and regulatory environments while maintaining seamless operational integration. Understanding our corporate structure is essential for comprehending how your Personal Data may flow between our offices and across international borders.

3.1 FinTechX Technology Solutions FZ-LLC (UAE Entity)
This entity is registered as a Free Zone Limited Liability Company (FZ-LLC) within the Ras Al Khaimah Economic Zone (RAKEZ), United Arab Emirates. The registered office is located at FAMC2122, Compass Building, Al Shohada Road, Jazirat Al Hamra, Ras Al Khaimah. This entity serves as our primary hub for client engagements in the Middle East and North Africa (MENA) region, Europe, and the Americas. It is subject to the laws of the United Arab Emirates, including but not limited to Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL). The UAE entity is responsible for data processing activities originating from or directed to clients and users located outside of South Asia, unless otherwise specified in a separate Data Processing Agreement.

3.2 FinTechX Technology Solutions (SMC-PRIVATE) LIMITED (Pakistan Entity)
This entity is registered as a Single Member Company (SMC-Private) Limited under the laws of Pakistan and regulated by the Securities and Exchange Commission of Pakistan (SECP). The registered office is located at 136 1-C1, Township, Lahore, Pakistan 54770. This entity serves as our operational and delivery center for the South Asian market, including Pakistan, India, Bangladesh, and Sri Lanka. It also houses a significant portion of our global back-office support, training content development, and technical support teams. Data processing activities for users in South Asia are primarily managed by this entity. It is subject to the Prevention of Electronic Crimes Act, 2016 (PECA) and other applicable Pakistani laws regarding data protection and privacy, pending the enactment of comprehensive personal data protection legislation currently under consideration by the Parliament of Pakistan.

3.3 Joint Controllership Arrangement
Given the integrated nature of our global operations, FinTechX Technology Solutions FZ-LLC and FinTechX Technology Solutions (SMC-PRIVATE) LIMITED act as Joint Data Controllers for specific processing activities, particularly those involving:

The maintenance of a unified client relationship management (CRM) database accessible to staff in both jurisdictions.

The centralized management of the fintechsol.biz website and associated email marketing platforms.

Cross-border training delivery where a client in Dubai may receive instruction from a trainer based in Lahore.

The essence of this joint controllership arrangement is set forth in an internal data sharing agreement between the two entities, a summary of which is available upon request. In accordance with Article 26 of the GDPR and similar principles under the UAE PDPL, you may exercise your rights against either or both entities. However, for efficiency, we have designated the UAE entity as the primary point of contact for all privacy inquiries via legal@fintechsol.biz.

This Privacy Policy is intended to comply with a comprehensive framework of global data protection laws. Given the international nature of our client base and the cross-border provision of our digital training and consulting services, we adhere to the principles of the most stringent applicable regulations as a baseline standard. The specific laws governing our processing of your Personal Data depend on your location and residency.

4.1 United Arab Emirates (UAE)
For Users located in the UAE or where Processing occurs within the UAE, the collection and processing of Personal Data is governed by Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL) and its Executive Regulations. Key principles we adhere to include:

Legitimate Purpose: Data is collected only for specific, clear, and legitimate purposes.

Data Minimization: We limit collection to what is necessary and proportionate.

Transparency: We provide this clear and accessible Privacy Policy.

Security and Confidentiality: We implement robust technical and organizational measures.

Accountability: We maintain records of processing activities as required by law.

4.2 European Economic Area (EEA) and United Kingdom (UK)
For Users located in the EEA or the UK, the Processing of your Personal Data is governed by the General Data Protection Regulation (GDPR) and the UK GDPR (as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019). We recognize the rights granted to Data Subjects under Chapter III of the GDPR and have implemented measures to uphold the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.

4.3 State of California, United States of America
For Users who are residents of California, the Processing of Personal Information is governed by the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). We provide the specific disclosures required under Cal. Civ. Code § 1798.100 et seq., including notice at collection and a detailed description of consumer rights in Section 18 of this Policy.

4.4 Islamic Republic of Pakistan
For Users located in Pakistan, while comprehensive data protection legislation is currently under legislative review, we voluntarily adhere to the principles contained within the Personal Data Protection Bill, 2023 (as drafted) and the relevant provisions of the Prevention of Electronic Crimes Act, 2016 (PECA) concerning unauthorized access to information systems and data. Our processing is conducted with due regard to the constitutional right to privacy as affirmed by the Supreme Court of Pakistan in Justice (Retd.) Pervaiz Kiyani v. Federation of Pakistan.

4.5 Other Jurisdictions
For Users located in other jurisdictions globally (including but not limited to Canada (PIPEDA), Australia (Privacy Act 1988), Singapore (PDPA), and Brazil (LGPD)), we endeavor to apply the core principles of notice, choice, access, security, and accountability. If you believe your local law imposes specific obligations that we have not addressed, please contact legal@fintechsol.biz.

FinTechX collects information necessary to provide, maintain, and improve our consulting and training Services. The specific categories of Personal Information we collect depend on the nature of your interaction with us. We have organized these categories to align with the definitions used in major privacy frameworks.

5.1 Identifiers
This category includes information that can be used to directly identify, contact, or locate a specific individual.

Full Name: First name, middle initial (optional), and last name.

Aliases or Nicknames: If provided voluntarily for classroom settings.

Postal Address: Street address, city, province/state, postal/ZIP code, and country. This is collected primarily for invoicing corporate clients or shipping physical training materials/certificates.

Email Address: Personal or corporate email address. This is our primary method of electronic communication.

Telephone Number: Mobile and/or landline number, including country code.

Online Identifiers: Internet Protocol (IP) address, browser cookie identifiers, device IDs, and account usernames (if we implement a client portal).

5.2 Customer Records Information (Cal. Civ. Code § 1798.80(e))
This category overlaps with Identifiers but includes information defined under California law as personal information in customer records.

Signature: Electronic or physical signature on service agreements, training enrollment forms, or NDAs.

Bank Account or Payment Card Information: Only collected when you purchase a paid service or training course. Note: Full credit card numbers are tokenized and processed directly by our third-party PCI-DSS compliant payment processors. FinTechX does not store full Primary Account Numbers (PANs) on its internal systems.

Tax Identification Number: VAT, GST, or Corporate Tax ID for invoicing purposes (B2B transactions).

5.3 Professional or Employment-Related Information
Given the B2B and professional development focus of FinTechX, this category is central to our service delivery.

Job Title and Function: Current role, department, and level of seniority.

Company Name and Industry: Name of the organization you represent and its primary sector (e.g., Banking, Manufacturing, Retail).

Professional Qualifications: Degrees, certifications held (e.g., SAP Certified Associate), and years of experience (often provided in the context of tailoring training content).

Training History: Record of courses completed through FinTechX, attendance dates, assessment scores, and certificates issued.

5.4 Commercial Information

Transaction History: Records of Services purchased, obtained, or considered.

Billing and Payment History: Dates, amounts, and status of invoices and payments.

Service Preferences: Indications of interest in specific training modules (e.g., SAP FICO vs. SAP MM) or consulting topics.

5.5 Internet or Other Electronic Network Activity Information

Browsing History: Pages visited on fintechsol.biz, time spent on specific course descriptions, and navigation paths.

Search History: Queries entered into our on-site search tool.

Interaction Data: Clicks, scrolls, mouse movements, and form interactions (as captured by Microsoft Clarity with text masking enabled).

Device Information: Browser type and version, operating system, screen resolution, referring website URLs, and exit pages.

5.6 Geolocation Data

Approximate Location: We derive imprecise location data (city and country level) from your IP address. This is used solely for content localization (displaying local office contact details) and security monitoring (detecting anomalous login patterns). We do not collect precise GPS-based location data from your mobile device unless explicitly enabled for a specific function (such as finding a nearby testing center, a feature not currently offered).

5.7 Inferences Drawn from Personal Information

Interest Profiles: We may infer your professional interests based on pages visited and resources downloaded. For example, if a user visits multiple pages related to “AI Automation in Finance,” we may infer an interest in that subject matter for the purpose of curating future newsletter content.

5.8 Audio, Electronic, Visual, or Similar Information

Call Recordings: With prior notice and consent, telephone calls with our sales or support teams may be recorded for quality assurance, training, and record-keeping purposes.

Virtual Training Session Recordings: Recordings of live virtual training sessions may be captured and made available for on-demand review by enrolled participants. Participants are notified in advance, and interactive segments may be excluded.

We collect Personal Information about you from a variety of sources. Transparency regarding these sources is essential for understanding the lifecycle of your data. The categories of sources are as follows:

6.1 Directly from You (The Data Subject)
This is the primary and most reliable source of information.

Website Forms: When you complete a “Contact Us” form, “Request a Quote” form, or “Course Registration” form.

Email and Written Correspondence: Information contained in emails, letters, or messages sent via platforms like WhatsApp Business or LinkedIn Messenger to official FinTechX accounts.

Telephone Conversations: Information disclosed during calls with our representatives.

Service Agreements: Information provided during the negotiation and execution of consulting contracts, Master Service Agreements (MSAs), or Statements of Work (SOWs).

Surveys and Feedback Forms: Responses to voluntary satisfaction surveys or post-training evaluations.

6.2 Automatically Through Technology

Website and Server Logs: As you navigate fintechsol.biz, our servers automatically record information sent by your browser (IP address, request time, status codes).

Cookies and Tracking Pixels: As detailed extensively in Section 8, we use various tracking technologies to understand user behavior and improve site functionality.

6.3 From Third-Party Sources
We augment the data you provide directly with information from reputable third parties, strictly for business development and service improvement purposes.

Event Organizers and Training Partners: If you register for a webinar or industry event sponsored by FinTechX but hosted on a third-party platform (e.g., Eventbrite, Zoom Webinar), we may receive attendee lists containing your name, email, and company affiliation.

Social Media and Professional Networks: Publicly available profile information from platforms like LinkedIn. We use LinkedIn Sales Navigator to identify relevant corporate decision-makers in the technology and finance sectors. We do not scrape private profile data.

Data Brokers and Enrichment Services: We may use services like ZoomInfo, Lusha, or Apollo.io to verify business email addresses or update job titles for existing contacts in our CRM. This ensures our communication remains relevant and directed to the correct individual within an organization.

Referrals: Information provided by a colleague or business associate who refers you to our Services.

6.4 From Publicly Available Government Records

Corporate Registries: Information regarding corporate officers or registered addresses from databases like the UAE National Economic Register (NER) or the Securities and Exchange Commission of Pakistan (SECP) database. This is used strictly for due diligence and verification of corporate clients.

FinTechX recognizes that certain categories of Personal Information warrant a heightened level of protection due to their inherent sensitivity and potential for misuse. This section outlines our specific policy regarding the collection and processing of Sensitive Personal Information, as defined in Section 2.

7.1 General Prohibition on Collection
As a matter of policy and design, FinTechX does not actively solicit, collect, or process Sensitive Personal Information through the public-facing interfaces of our Website. Our services are focused on professional development and technology consulting, which typically do not necessitate the processing of data revealing racial origin, political beliefs, religious practices, health conditions, or sexual orientation. We explicitly discourage users from providing such information in free-text fields (e.g., “Additional Comments” on a registration form).

7.2 Financial Information and Payment Credentials
While financial information is not always classified as “Sensitive Data” under all privacy laws (e.g., GDPR Recital 51 notes that financial data is not inherently special category data), FinTechX treats financial account credentials and payment card information with the same high level of security and confidentiality as Sensitive Personal Information.

Payment Processing: All payment transactions for training courses or consulting retainers are processed exclusively through PCI DSS Level 1 compliant third-party gateways (e.g., Stripe, Checkout.com). At no point does FinTechX store or have access to your complete, unredacted credit card number (PAN) or CVV/CVC code. We only receive a transaction ID and the last four digits of the card for reconciliation purposes.

Bank Account Details: If wire transfer is the preferred method of payment, bank account details provided on invoices are stored securely in our encrypted financial systems and are accessible only to authorized finance personnel on a strict need-to-know basis.

7.3 Government-Issued Identification
There may be limited circumstances where we require a copy of government-issued identification (e.g., Passport, Emirates ID, CNIC). Such circumstances include:

KYC/AML Compliance: For large corporate engagements or when required by UAE or Pakistani financial regulations.

Proctored Certification Exams: For identity verification during proctored online examinations for certain professional certifications.
In these specific instances, we will obtain your explicit, informed consent prior to collecting this information. Copies of identification documents are stored in a segregated, encrypted archive with strictly limited access controls and are automatically purged after the verification period expires or the regulatory retention period ends (whichever is longer).

7.4 Incidental Exposure
In the course of providing consulting services, FinTechX consultants may be granted access to client systems that contain the client’s own customer data, which may include Sensitive Personal Information. In such scenarios, FinTechX acts strictly as a Data Processor (or Service Provider) under the direction of the client (the Data Controller). Our access is governed by the terms of the Master Services Agreement and associated Data Processing Addendum (DPA), which strictly prohibit the use of such data for any purpose other than the provision of the contracted consulting services.

7.5 Legal Basis for Processing Sensitive Data (if applicable)
If we ever process Sensitive Personal Information in a capacity where we act as a Data Controller, we will rely on one of the specific legal bases enumerated in Article 9(2) of the GDPR, such as:

Explicit Consent: You have given explicit, written consent to the processing for one or more specified purposes.

Legal Claims: Processing is necessary for the establishment, exercise, or defense of legal claims.

Substantial Public Interest: Processing is necessary for reasons of substantial public interest, on the basis of applicable law.

This section provides a comprehensive and legally robust disclosure regarding the deployment of tracking technologies on the Fintechsol.biz domain and associated subdomains operated by FinTechX. In the modern digital ecosystem, the line between necessary functionality and analytics is often blurred by complex strings of code executing on a user’s device. As a company operating at the nexus of financial technology consulting and corporate training, we recognize that transparency regarding these mechanisms is not merely a regulatory checkbox but a cornerstone of our fiduciary-like duty to maintain client confidentiality and system integrity.

8.1 Defining the Technological Landscape: Beyond the “Cookie”
The term “Cookie” is a colloquialism that inadequately describes the spectrum of data storage and retrieval mechanisms we employ. A cookie is technically a small text file stored locally within a browser’s dedicated directory. However, modern web infrastructure relies on a suite of related technologies collectively referred to as “Trackers.” For the purposes of this exhaustive policy, references to “Cookies and Similar Technologies” encompass:

HTTP Cookies: Session cookies (ephemeral, deleted upon browser close) and Persistent cookies (retained for a predefined duration).

Local Storage and Session Storage: HTML5 mechanisms allowing websites to store larger amounts of structured data (key/value pairs) directly in the browser without transmission to the server on every HTTP request. FinTechX uses Local Storage to cache user interface preferences, such as dark mode toggle states or dashboard widget layouts, which enhances performance and reduces server load for our training portal.

IndexedDB: A low-level API for client-side storage of significant amounts of structured data, including files and blobs. We utilize IndexedDB strictly for offline functionality in our Learning Management System (LMS) modules. This allows a trainee enrolled in a FinTechX SAP course in Lahore or Ras Al Khaimah to download course materials and progress through modules while on a flight or in a location with intermittent connectivity, syncing progress once the connection is restored.

Web Beacons (Tracking Pixels): Tiny, transparent graphic images (usually 1×1 pixel) embedded in HTML emails or web pages. These are essential for our email communication analytics. When you open a newsletter from FinTechX regarding a new AI Automation workshop, a web beacon allows our system to register that the email was opened. This metric is aggregated and used to determine the relevance of our content. If open rates for “SAP FICO” content are significantly higher than “Legacy System Migration” content, we adjust our editorial calendar accordingly without identifying which specific individual opened the email, only that a user within a certain cohort did.

Software Development Kits (SDKs): In the context of any future mobile applications released by FinTechX, SDKs are libraries of code provided by third parties (e.g., Firebase for crash reporting) that are embedded within our application binary. Currently, the primary interaction point is the Website; however, this policy extends to cover SDKs should we release a dedicated training companion app.

8.2 Granular Categorization and Lifecycle Management
To provide clarity, we categorize all Trackers deployed on Fintechsol.biz into four distinct tiers, aligning with the standards set forth by the UK Information Commissioner’s Office (ICO) and the European Data Protection Board (EDPB) guidance on the ePrivacy Directive.

Tier 1: Strictly Necessary Trackers (Legal Basis: Legitimate Interest / Contractual Necessity)
These trackers are essential for navigating the Website and using its core features. Without these, services such as secure login to the client portal, shopping cart functionality for course enrollment, or e-billing payment processing cannot be provided. Blocking these trackers will result in a degradation of service that prevents the completion of a requested transaction.

Example: `fintechx_session`
Domain: .fintechsol.biz
Duration: Session (Deleted when browser closes)
Purpose: This is a first-party, HTTP-only secure cookie. It contains a unique, cryptographically random identifier that links your browser session to server-side memory. It does not store any personal data in the browser cookie file itself. Its sole function is to maintain state as you move from the “Course Description” page to the “Enrollment” page. Without this, the server would treat every page click as a new, anonymous visitor, rendering the registration process impossible.

Example: `csrftoken`
Duration: 1 Year
Purpose: Cross-Site Request Forgery protection token. This security mechanism ensures that every POST request (e.g., submitting a contact form) originates from our actual website and not a malicious script running on a third-party site impersonating you.

Tier 2: Functional and Preference Trackers (Legal Basis: Legitimate Interest)
These trackers enable the Website to remember choices you make to provide enhanced, more personal features. They may be set by us or by third-party providers whose services we have added to our pages. While the Website may function without these, the user experience is significantly less intuitive.

Example: `fintechx_lang_pref`
Domain: .fintechsol.biz
Duration: 1 Year
Purpose: Stores the user’s preferred language (e.g., English/Arabic) or regional selection (e.g., UAE Site vs. Pakistan Site). This prevents the site from reverting to the default browser locale on every visit, which is particularly important for our bilingual audience navigating between the Middle East and South Asian operations.

Example: `course_compare_ids`
Purpose: Used within our training catalog. When a user selects multiple courses (e.g., “Data Analysis with Python” and “Advanced Excel for Finance”) to compare curriculums, this local storage object retains the list of selected courses across page reloads.

Tier 3: Performance and Analytics Trackers (Legal Basis: Consent)
These trackers collect information about how visitors use a website, for instance, which pages visitors go to most often, and if they get error messages from web pages. These cookies do not collect information that identifies a visitor directly. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how the Website works.

Tool: Google Analytics 4 (GA4)
Configuration: FinTechX has implemented GA4 with strict privacy controls enabled. This includes:

IP Anonymization: Enabled by default. IP addresses are truncated before storage, preventing granular geolocation tracking beyond city-level approximation.

Data Retention: Set to 14 months (the minimum practical period for year-over-year trend analysis).

Remarketing/Advertising Features: Disabled. FinTechX does not use Google Signals or cross-device tracking for advertising purposes.
Purpose: We analyze navigation paths through the Website. For example, if we observe that 80% of visitors from Pakistan leave the “SAP Training” page when they see pricing in AED (UAE Dirhams), this indicates a friction point. We can then use this aggregated insight to implement a location-based pricing display, improving the experience for Pakistani users without knowing who those users were.

Tool: Microsoft Clarity
Purpose: Heatmapping and session recording. This tool helps us understand user frustration points (e.g., “rage clicks,” dead links). FinTechX has configured Clarity to mask all text input fields (passwords, email addresses, search queries) and mask all numerical data by default. Therefore, while we can see where the mouse is moving on the page, we cannot read what the user is typing into the contact form.

Tier 4: Targeting and Advertising Trackers (Legal Basis: Explicit Consent)
FinTechX does not deploy third-party advertising cookies for the purpose of behavioral retargeting of individual consumers. As a B2B enterprise, our marketing is primarily account-based. However, we utilize LinkedIn Insight Tag.

LinkedIn Insight Tag: This lightweight JavaScript code enables us to measure the effectiveness of our LinkedIn Sponsored Content campaigns. It allows LinkedIn to report to us that “User X (anonymized) from Company Y (aggregated) viewed Page Z.” We do not use this data to target specific individuals with ads off-platform unless they are part of a broad, anonymized audience segment (e.g., “IT Managers in UAE Finance Sector”).

8.3 The Consent Management Platform (CMP) Experience
Upon your first visit to Fintechsol.biz, you are presented with a Cookie Preference Center. This interface is designed to be fully compliant with the GDPR’s requirement for granular, informed consent.

Pre-Ticked Boxes: None. All non-essential categories are defaulted to “Off.”

Lifetime of Consent: Consent for Analytics cookies is logged and retained for six months, after which the banner will reappear to refresh your choice.

Withdrawal Mechanism: A persistent “Privacy Settings” tab is located in the bottom-left corner of every page on the Website. Clicking this tab immediately invokes the preference center, allowing you to revoke consent for any category (e.g., switching Analytics from “On” to “Off”) with a single click. Upon revocation, a script executes to delete the corresponding cookies from your browser cache.

8.4 Implications of Cross-Border Cookie Deployment
Given FinTechX’s dual registration in the UAE and Pakistan, we must navigate a complex matrix of ePrivacy interpretations. While the UAE’s PDPL does not yet have a specific ePrivacy directive akin to the EU Cookie Law, we apply the highest standard (GDPR/CCPA) globally across all domains for consistency and ethical operation. This means a visitor from Karachi, despite not being subject to the GDPR geographically, will be afforded the same right to reject Analytics cookies as a visitor from Berlin. This approach mitigates risk and establishes FinTechX as a leader in data ethics within the regional FinTech ecosystem.

FinTechX processes Personal Information only for specified, explicit, and legitimate purposes. We do not process Personal Information in a manner that is incompatible with the purposes for which it was originally collected, unless we obtain your specific consent or are required to do so by law. The following is a detailed enumeration of the business and commercial purposes for which we use each category of collected data.

9.1 Provision and Management of Services
This is the core purpose of our data processing activities.

Training Enrollment and Delivery: To register you for selected courses, process payments, provide access to our Learning Management System (LMS), deliver live or recorded training sessions, administer assessments, and issue certificates of completion.

Consulting Engagements: To understand your organization’s requirements, assign appropriate consultants, manage project timelines and deliverables, and communicate project status updates.

Client Support: To respond to inquiries submitted via the “Contact Us” form, email, or telephone. This includes troubleshooting technical issues related to accessing the LMS or course materials.

9.2 Communication and Marketing

Transactional Communications: To send you essential administrative information regarding your account, enrollment status, invoice receipts, password resets, and service announcements. You cannot opt out of these communications as they are necessary for the performance of our contract with you.

Promotional Communications: To send you newsletters, event invitations, new course announcements, white papers, and promotional offers that we believe may be of professional interest to you. These communications are sent only where you have provided explicit consent or where we have a legitimate interest in marketing to existing corporate contacts (as permitted by applicable law). Every marketing email includes a clear and conspicuous “Unsubscribe” link.

Personalization: To tailor the content and recommendations displayed on the Website and in email communications based on your expressed interests, past course enrollments, and job function.

9.3 Research, Analytics, and Service Improvement

Website Optimization: To analyze usage patterns, track the effectiveness of marketing campaigns, identify popular content, and improve the functionality and user experience of the Website.

Curriculum Development: To aggregate and anonymize data regarding course demand and feedback to inform the development of new training programs (e.g., identifying a growing need for “Blockchain in Trade Finance” training based on search queries and client inquiries).

Business Intelligence: To create aggregated, de-identified statistical data for internal business planning and reporting to stakeholders. This data cannot be used to identify any individual.

9.4 Security, Fraud Prevention, and Legal Compliance

Account Security: To verify identity, detect and prevent unauthorized access to accounts, and protect against malicious, deceptive, fraudulent, or illegal activity.

Network Integrity: To monitor server logs and network traffic for security incidents, distributed denial-of-service (DDoS) attacks, and other threats.

Regulatory Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests (e.g., tax audits, anti-money laundering checks).

Enforcement of Terms: To enforce our Terms of Service and other agreements, including investigation of potential violations.

9.5 Employment and Recruitment
If you apply for a position at FinTechX via the Website or a third-party job board, we use the information provided in your application (resume, cover letter, references) solely to evaluate your candidacy for employment.

The processing of Personal Information by FinTechX is governed by specific legal bases that justify the collection and use of your data. The applicable legal basis depends on the jurisdiction and the specific purpose of the processing. We do not process Personal Data unless we have a valid legal ground to do so.

10.1 Contractual Necessity
Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.

Example: We need your email address and name to register you for a paid training course and provide you with access credentials. Without this information, we cannot fulfill our contractual obligation to deliver the course.

GDPR Reference: Article 6(1)(b).

UAE PDPL Reference: Article 6(1)(b).

10.2 Legitimate Interests
Processing is necessary for the purposes of the legitimate interests pursued by FinTechX or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

Legitimate Interest Assessment (LIA): Before relying on this basis, we conduct a thorough assessment weighing our business interest against your privacy rights.

Examples:

Direct Marketing (B2B): Sending information about advanced SAP modules to an existing corporate client’s IT Manager. We have a legitimate interest in promoting our services to existing contacts.

Network Security: Monitoring server logs for intrusion attempts.

Analytics: Understanding which pages on our Website are most useful to visitors.

GDPR Reference: Article 6(1)(f). You have the right to object to processing based on legitimate interests at any time.

10.3 Consent
Processing is based on your freely given, specific, informed, and unambiguous consent.

Examples:

Placing non-essential (Analytics and Targeting) cookies on your device.

Sending newsletters to individuals who are not existing clients.

Recording a customer service call.

Withdrawal of Consent: You may withdraw your consent at any time by using the “Unsubscribe” link in emails, adjusting cookie settings, or contacting legal@fintechsol.biz. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

GDPR Reference: Article 6(1)(a).

10.4 Legal Obligation
Processing is necessary for compliance with a legal obligation to which FinTechX is subject.

Examples:

Retaining financial transaction records for a period of seven (7) years as required by UAE Commercial Companies Law and Pakistan tax regulations.

Disclosing information in response to a valid court order or subpoena.

GDPR Reference: Article 6(1)(c).

10.5 Vital Interests
Processing is necessary in order to protect the vital interests of the Data Subject or of another natural person. This basis is extremely rare in the context of FinTechX’s services but is included for completeness (e.g., providing emergency contact information to medical personnel in the event of an incident at a physical training event).

10.6 Public Interest
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller. Not typically applicable to FinTechX as a private commercial entity.

In accordance with the principle of transparency and the guidance provided by the European Data Protection Board (EDPB), this section provides a summary of the Legitimate Interest Assessments (LIAs) we have conducted for key processing activities where we rely on Article 6(1)(f) of the GDPR as our legal basis. An LIA is a three-part test: (1) Identify the legitimate interest; (2) Assess the necessity of the processing; (3) Balance the interest against the rights and freedoms of the Data Subject.

11.1 LIA for B2B Direct Marketing

Legitimate Interest: Promoting our consulting and training services to relevant business contacts to grow our commercial enterprise.

Necessity: Email is a standard and minimally intrusive method for B2B communication. Processing limited professional contact data (name, job title, corporate email) is necessary to inform potential clients about services relevant to their role.

Balancing Test: We only market to individuals in a professional capacity (corporate email domains). The impact on private life is minimal. We provide a clear opt-out mechanism in every communication. We do not use data from social media or personal email accounts for this purpose. The balance favors FinTechX, as the impact on the individual is negligible compared to the utility of professional networking.

11.2 LIA for Website Analytics (Strictly Necessary Aggregation)

Legitimate Interest: Maintaining the security and performance of our Website, and understanding aggregated usage trends to improve user experience.

Necessity: While some analytics tools require consent (see Section 8), certain server-side log analysis is strictly necessary to diagnose errors and prevent fraud. Processing IP addresses and timestamps in server logs is essential for network security.

Balancing Test: Data in server logs is retained for a short period (90 days) and is not used to build individual profiles. Access is restricted to IT security personnel. The benefit to all users (a stable, secure website) outweighs the minimal privacy intrusion.

11.3 LIA for Fraud Prevention

Legitimate Interest: Protecting our business, employees, and clients from financial loss and reputational harm caused by fraudulent transactions or malicious cyber activity.

Necessity: Monitoring login patterns and transaction anomalies is a necessary and standard industry practice for e-commerce and service providers.

Balancing Test: We only analyze data necessary to flag potential fraud. Legitimate users are not affected. The significant societal and commercial interest in preventing fraud clearly overrides any limited privacy impact.

11.4 Your Right to Object
Notwithstanding our assessment, you have an absolute right to object, on grounds relating to your particular situation, to processing based on legitimate interests. To exercise this right, please contact legal@fintechsol.biz with a detailed explanation of your specific situation.

FinTechX recognizes that the security of Personal Information is paramount to maintaining trust and complying with our legal obligations. We implement and maintain a comprehensive Information Security Management System (ISMS) incorporating administrative, technical, and physical safeguards designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. This section provides a detailed, transparent overview of our security posture, acknowledging that while no system is impenetrable, we deploy industry best practices commensurate with the sensitivity of the data we handle.

12.1 Governance and Policy Framework
Security is not merely a technical function but a governance priority. FinTechX has established an internal Information Security Steering Committee comprised of executive leadership from both the UAE and Pakistan entities. This committee oversees the following policies and procedures, which are reviewed and updated at least annually or upon significant operational changes:

Information Security Policy: The overarching framework defining roles, responsibilities, and acceptable use of assets.

Data Classification and Handling Policy: Categorizes data into sensitivity tiers (Public, Internal, Confidential, Restricted) and prescribes specific handling requirements for each tier.

Access Control Policy: Defines principles of least privilege, need-to-know, and segregation of duties.

Acceptable Use Policy: Governs employee and contractor use of FinTechX information systems.

Incident Response Plan: A detailed, actionable plan for identifying, containing, eradicating, and recovering from security incidents.

Business Continuity and Disaster Recovery Plan: Ensures the resilience of critical business functions and data recovery capabilities.

12.2 Technical Security Controls
We employ a defense-in-depth strategy, layering multiple technical controls to protect data both in transit and at rest.

12.2.1 Encryption

Encryption in Transit: All data transmitted between your browser and the Fintechsol.biz website is protected using Transport Layer Security (TLS) version 1.2 or higher. We enforce HTTPS Strict Transport Security (HSTS) headers to ensure browsers only connect via secure channels. Email communication is protected via Opportunistic TLS. Where feasible, we utilize end-to-end encryption for sensitive file transfers using secure portals.

Encryption at Rest: All production databases, file servers, and backup media containing Personal Information are encrypted using industry-standard AES-256 encryption. Encryption keys are managed via a dedicated Key Management Service (KMS) with strict access controls and key rotation policies.

12.2.2 Network Security

Firewalls and Network Segmentation: We utilize next-generation firewalls (NGFWs) to filter ingress and egress traffic. Our internal network is segmented into distinct Virtual Local Area Networks (VLANs) to isolate production environments (web servers, application servers, database servers) from development environments and corporate workstations.

Intrusion Detection and Prevention Systems (IDPS): Network-based and host-based IDPS sensors monitor traffic patterns and system logs for signatures of malicious activity (e.g., SQL injection attempts, cross-site scripting).

Web Application Firewall (WAF): A WAF protects the Website from common web exploits outlined in the OWASP Top 10, including cross-site scripting (XSS), SQL injection, and remote file inclusion.

12.2.3 Endpoint and Malware Protection

Endpoint Detection and Response (EDR): All corporate-issued laptops and servers are protected by an EDR solution that provides continuous monitoring, threat hunting, and automated response capabilities against malware and ransomware.

Patch Management: We maintain a rigorous vulnerability and patch management program. Critical security patches for operating systems and third-party software libraries are applied within a defined Service Level Agreement (SLA) timeframe (typically 7 days for critical vulnerabilities).

12.2.4 Identity and Access Management (IAM)

Multi-Factor Authentication (MFA): MFA is mandatory for all employees and contractors accessing FinTechX email, cloud infrastructure consoles, VPN, and critical business applications. We support Time-based One-Time Passwords (TOTP) and hardware security keys (FIDO2).

Single Sign-On (SSO): Where possible, we integrate corporate applications with a centralized identity provider using SAML 2.0 or OIDC protocols to enforce consistent password policies and session management.

Privileged Access Management (PAM): Access to production servers and databases is strictly controlled via a Privileged Access Management solution that requires just-in-time (JIT) elevation, session recording, and audited command logging.

12.3 Organizational Security Controls

Employee Vetting and Onboarding: All employees undergo background verification checks consistent with local laws in the UAE and Pakistan. Upon joining, all personnel sign confidentiality agreements. New hires complete mandatory Information Security and Privacy Awareness training within their first week of employment.

Ongoing Training and Awareness: We conduct quarterly security awareness campaigns, including simulated phishing exercises, to reinforce a culture of security vigilance.

Third-Party Risk Management: Before engaging any Service Provider or vendor who may process Personal Data, we conduct a security and privacy assessment. This includes reviewing SOC 2 Type II reports, ISO 27001 certifications, and completing detailed vendor security questionnaires. Contracts with all Data Processors include legally binding Data Processing Agreements (DPAs) compliant with GDPR Article 28.

12.4 Physical Security
While FinTechX is primarily a digital services company, we maintain physical offices in Ras Al Khaimah (UAE) and Lahore (Pakistan) where limited data processing infrastructure may reside.

Facility Access: Office access is controlled via biometric or proximity card access systems. Visitor access is logged and escorted.

Environmental Controls: Server rooms (where applicable) are equipped with climate control, fire suppression systems, and Uninterruptible Power Supplies (UPS).

Clean Desk Policy: Employees are required to secure sensitive documents and lock workstations when away from their desks.

12.5 Continuous Monitoring and Improvement
Our security posture is subject to continuous monitoring. We conduct:

Annual Penetration Testing: Engagements with independent, CREST-certified third-party security firms to test the resilience of the Website and internal network infrastructure.

Vulnerability Scanning: Automated weekly scans of external IP ranges and internal assets.

Log Monitoring and SIEM: Security Information and Event Management (SIEM) technology aggregates logs from across the enterprise to correlate events and generate alerts for suspicious activity.

12.6 Limitation of Liability for Security Breaches
While we implement the robust measures described above, we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. In the unfortunate event of a security breach, we will adhere strictly to our Data Breach Response and Notification Protocol detailed in Section 30. To the fullest extent permitted by applicable law, FinTechX disclaims any liability for damages resulting from a security breach except where such breach results directly from our gross negligence or willful misconduct.

As a multinational organization with operations in the United Arab Emirates and Pakistan, FinTechX shares Personal Information between its constituent entities for legitimate business purposes and operational efficiency. This intra-group sharing is essential for providing seamless global service delivery and unified account management.

13.1 Scope of Intra-Group Sharing
Personal Information collected by FinTechX Technology Solutions FZ-LLC (UAE) may be accessed by employees and authorized contractors of FinTechX Technology Solutions (SMC-PRIVATE) LIMITED (Pakistan), and vice versa. This sharing is limited to the following categories of data and purposes:

Client and Prospect Data: Name, email, phone number, company affiliation, and interaction history are synchronized across a centralized Customer Relationship Management (CRM) platform. This ensures that a client based in Dubai who contacts our Lahore office for technical support receives a consistent experience, with the support agent having full visibility of the client’s account history and service tickets.

Training Records: Enrollment data, attendance records, assessment results, and issued certificates are maintained in a unified Learning Management System (LMS). This allows a multinational corporation to track the training progress of its employees across different regional offices served by different FinTechX entities.

Financial and Billing Data: Invoicing data may be shared between the entities for consolidated financial reporting, audit compliance, and inter-company reconciliation purposes.

Human Resources Data: Data related to employees and job applicants may be shared between the entities for global HR management, payroll processing, and performance review purposes.

13.2 Legal Basis and Safeguards
Intra-group data sharing is governed by an Intercompany Data Sharing Agreement executed between FinTechX Technology Solutions FZ-LLC and FinTechX Technology Solutions (SMC-PRIVATE) LIMITED. This agreement:

Acknowledges the status of both entities as Joint Data Controllers for the shared data sets.

Defines the scope of shared data and permissible uses.

Mandates adherence to a common set of data protection standards, applying the highest common denominator of UAE PDPL and GDPR principles across the group.

Incorporates the Standard Contractual Clauses (SCCs) for transfers from the UAE (which may have elements of EU-origin data) to Pakistan, ensuring an adequate level of protection for cross-border transfers as required by international data protection law.

13.3 Your Rights Regarding Intra-Group Sharing
You have the right to know which entities within the FinTechX group hold your data. You may exercise your rights of access, rectification, erasure, or restriction against either the UAE entity or the Pakistan entity. To streamline this process, we have designated the UAE office (legal@fintechsol.biz) as the primary point of contact for all data subject requests, which will coordinate with the relevant entity internally.

FinTechX engages select third-party companies and individuals (“Service Providers”) to facilitate our Services, provide the Services on our behalf, perform Service-related functions, or assist us in analyzing how our Services are used. These third parties have access to your Personal Information only to perform these tasks on our behalf and are contractually obligated not to disclose or use it for any other purpose.

14.1 Categories of Service Providers
We categorize our Data Processors based on the function they perform:

Cloud Infrastructure and Hosting: Providers like Amazon Web Services (AWS) and Microsoft Azure host our Website, LMS, and internal databases. Data is stored in secure data centers located in regions selected for compliance and performance (e.g., AWS Middle East (UAE) Region for regional data residency).

Customer Relationship Management (CRM): HubSpot or Salesforce are used to manage client interactions, marketing emails, and sales pipelines.

Learning Management System (LMS): Moodle (self-hosted) or TalentLMS is used to deliver online course content, track progress, and administer quizzes.

Email Marketing and Communication: SendGrid or Mailchimp is used for sending bulk transactional and marketing emails.

Payment Processors: Stripe and Checkout.com process online payments securely. They are PCI DSS Level 1 compliant.

Analytics and Performance Monitoring: Google Analytics 4 and Microsoft Clarity provide insights into Website usage (subject to consent).

Productivity and Collaboration: Microsoft 365 (Outlook, Teams, SharePoint) and Google Workspace are used for internal communication, document management, and virtual training sessions.

Accounting and Finance: Xero or QuickBooks is used for invoicing and financial record-keeping.

14.2 Due Diligence and Contractual Obligations
Before onboarding any Service Provider that will process Personal Data, FinTechX conducts a thorough due diligence review. This includes:

Security Assessment: Reviewing available security certifications (e.g., ISO 27001, SOC 2 Type II) and completing a security questionnaire.

Data Processing Agreement (DPA): Executing a legally binding DPA that complies with the requirements of GDPR Article 28, CCPA, and UAE PDPL. The DPA strictly:

Limits the processing of data to the specific purpose for which we engaged the provider.

Requires the provider to implement appropriate technical and organizational security measures.

Restricts the use of sub-processors without our prior written authorization.

Obligates the provider to assist FinTechX in responding to Data Subject requests.

Requires the provider to delete or return all Personal Data upon termination of the contract.

Mandates immediate notification in the event of a security breach.

14.3 List of Sub-Processors
A current list of material Sub-Processors is available upon request by emailing legal@fintechsol.biz. We will provide this list as a matter of transparency, subject to any confidentiality restrictions in our vendor agreements.

FinTechX is a global organization. Providing our Services efficiently requires the transfer of Personal Information between our offices in the UAE and Pakistan, as well as to Service Providers located in various countries around the world. We are committed to ensuring that all international transfers of Personal Data are conducted in compliance with applicable data protection laws.

15.1 Transfers from the EEA and UK
When we transfer Personal Data originating from the European Economic Area (EEA) or the United Kingdom to a country that has not been deemed by the European Commission or the UK Government to provide an “adequate” level of data protection, we rely on appropriate safeguards as required by Chapter V of the GDPR.

Standard Contractual Clauses (SCCs): We utilize the European Commission’s Standard Contractual Clauses for the transfer of personal data to third countries (Module Two: Controller to Processor; and Module Three: Processor to Processor) as our primary transfer mechanism. These SCCs are incorporated into our Data Processing Agreements with Service Providers and our Intercompany Data Sharing Agreement. We conduct Transfer Impact Assessments (TIAs) in conjunction with these SCCs to evaluate the laws and practices of the destination country and implement supplementary measures (e.g., enhanced encryption, data minimization) where necessary to ensure the data remains protected to an EEA-equivalent standard.

UK Addendum: For transfers subject to UK GDPR, we incorporate the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses issued by the UK Information Commissioner’s Office.

15.2 Transfers from the UAE
Under the UAE PDPL, transfers of Personal Data outside the UAE are permitted where the destination jurisdiction has an adequate level of protection as determined by the UAE Data Office, or where appropriate safeguards are in place. FinTechX relies on the use of contractual clauses approved by the relevant UAE authorities to govern transfers to Pakistan and other third countries.

15.3 Data Localization and Regional Hosting
Where possible and commercially feasible, we prioritize hosting data within the region of origin.

Middle East Data: We utilize cloud infrastructure located in the UAE (e.g., AWS Middle East Region) for serving clients in the MENA region. This reduces latency and aligns with regional data sovereignty preferences.

South Asia Data: Data for clients in Pakistan is primarily hosted in regional data centers (e.g., Singapore or the UAE) with robust connectivity to Pakistan.

15.4 Consent as a Basis for Transfer
In certain limited circumstances, such as a one-off training enrollment where immediate service delivery is required, we may rely on your explicit consent to transfer your data to a third country. You will be clearly informed of the risks associated with such a transfer (e.g., lack of an adequacy decision and absence of appropriate safeguards) and will have the right to withdraw your consent at any time.

FinTechX adheres to the principle of storage limitation. We retain Personal Information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When Personal Information is no longer required, we securely destroy or anonymize it.

16.1 Retention Criteria
To determine the appropriate retention period, we consider:

The Nature of the Data: Sensitive data is retained for shorter periods where possible.

The Purpose of Collection: Data collected for a single event (e.g., webinar registration) is retained for a shorter duration than data related to a long-term consulting contract.

Contractual Requirements: Specific client contracts may stipulate longer or shorter retention periods for project data.

Legal and Regulatory Obligations: We are subject to tax, audit, and commercial laws in the UAE and Pakistan that mandate minimum retention periods for financial and corporate records.

16.2 Specific Retention Schedules

Category of Data Retention Period Justification

Client and Supplier Contracts (MSAs, SOWs) Duration of contract + 10 years UAE Commercial Companies Law (Federal Law No. 32 of 2021) and Pakistan Limitation Act, 1908.

Financial Transaction Records (Invoices, Receipts) 7 years from the end of the relevant financial year UAE Federal Decree-Law No. 47 of 2022 on the Taxation of Corporations and Businesses; Pakistan Income Tax Ordinance, 2001.

Training Enrollment and Certificate Records Permanent (or until request for deletion) For verification of professional credentials. A record of certification issuance is a permanent part of our business record.

Marketing and Inquiry Data (Non-Converted Leads) 12 months from last interaction To allow for follow-up on business development opportunities. After 12 months, data is either deleted or moved to a suppression list.

Website Server Logs 90 days For security monitoring and incident investigation.

Cookie Consent Logs 6 months To demonstrate compliance with consent requirements under ePrivacy regulations.

Customer Support Communications 2 years For reference in ongoing client relationship management.

Job Applicant Data (Unsuccessful Candidates) 6 months from end of recruitment process For potential future opportunities and to defend against potential claims, unless explicit consent is obtained for a longer period.

16.3 Anonymization and Deletion Process
At the end of the applicable retention period, Personal Information is either:

Securely Deleted: Using industry-standard methods such as cryptographic erasure (overwriting) for digital data and cross-cut shredding for physical documents.

Anonymized: Permanently stripped of all identifiers so that it can no longer be associated with an individual. Anonymized data may be retained indefinitely for research and statistical purposes.

FinTechX is committed to honoring the rights granted to individuals under applicable data protection laws. This section provides a general overview of these rights. Jurisdiction-specific details are provided in subsequent sections (Sections 18, 19, 20, 21).

17.1 Summary of Core Rights
Depending on your location, you may have the right to:

Right to Know / Access: Obtain confirmation as to whether we are processing your Personal Information and, if so, request a copy of that information.

Right to Rectification: Correct any inaccurate or incomplete Personal Information we hold about you.

Right to Erasure (“Right to be Forgotten”): Request the deletion of your Personal Information, subject to our legal retention obligations.

Right to Restrict Processing: Limit the ways in which we use your Personal Information (e.g., while a dispute over accuracy is being resolved).

Right to Data Portability: Receive a copy of the Personal Information you provided to us in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another controller.

Right to Object: Object to the processing of your Personal Information based on our legitimate interests or for direct marketing purposes.

Right to Withdraw Consent: Where processing is based on your consent, withdraw that consent at any time.

Right to Non-Discrimination: Exercise these rights without fear of being denied goods or services or receiving a different quality of service.

17.2 How to Submit a Request
All requests to exercise Data Subject Rights should be submitted via email to legal@fintechsol.biz. Please include “Data Subject Rights Request” in the subject line and specify:

Your full name and the email address associated with your interactions with FinTechX.

The specific right(s) you wish to exercise.

Your country of residence.

17.3 Verification Process
To protect your privacy and prevent unauthorized disclosure of Personal Information, we will verify your identity before processing your request. Verification may involve:

Matching Information: Comparing the information provided in your request against data we already hold.

Additional Verification: If the request involves sensitive data or a high risk of harm, we may request additional proof of identity (e.g., a copy of government-issued ID, which will be used solely for verification and promptly deleted). We may also contact you via the email address or phone number on file for confirmation.

17.4 Response Timeline and Fees
We aim to respond to all verifiable requests within thirty (30) days of receipt. If your request is complex or we have received multiple requests from you, this period may be extended by a further two months. We will notify you of any such extension within the first month. There is no fee for exercising your rights unless your request is manifestly unfounded or excessive, in which case we reserve the right to charge a reasonable administrative fee or refuse to act on the request.

This section applies exclusively to residents of the State of California (“California Consumers”) and supplements the information provided elsewhere in this Privacy Policy. It is designed to comply with the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA).

18.1 Notice at Collection
In the preceding 12 months, FinTechX has collected the following categories of Personal Information about California Consumers, as defined under California law:

Identifiers (e.g., name, email, IP address)

Personal Information Categories Listed in Cal. Civ. Code § 1798.80(e) (e.g., signature, payment information)

Commercial Information (e.g., transaction history)

Internet or Network Activity (e.g., browsing history)

Professional or Employment-Related Information

Inferences Drawn from Personal Information

The sources of this information are detailed in Section 6. The business or commercial purposes for collection are detailed in Section 9. We do not collect “Sensitive Personal Information” as defined under California law for purposes other than those permitted by the CPRA (i.e., to provide the Services).

18.2 Disclosure and Sale/Sharing of Personal Information

Disclosure for Business Purposes: In the preceding 12 months, we have disclosed Identifiers, Commercial Information, and Internet Activity to Service Providers for business purposes (e.g., cloud hosting, payment processing).

Sale of Personal Information: FinTechX does not sell Personal Information as defined under the CCPA. We do not exchange Personal Information for monetary or other valuable consideration.

Sharing for Cross-Context Behavioral Advertising: FinTechX does not share Personal Information for cross-context behavioral advertising. We do not use data about your activity on our Website to target you with ads on unrelated third-party websites.

18.3 Right to Limit Use of Sensitive Personal Information
As noted in 18.1, we do not use or disclose Sensitive Personal Information for purposes other than those necessary to perform the Services or as otherwise permitted by law. Therefore, there is no need for a “Limit the Use of My Sensitive Personal Information” link.

18.4 California Consumer Rights
Subject to certain exceptions, California Consumers have the right to:

Right to Know (Access): Request that we disclose the specific pieces and categories of Personal Information we have collected about you, the categories of sources, the purposes for collection, and the categories of third parties with whom we share it.

Right to Delete: Request deletion of Personal Information we have collected from you.

Right to Correct: Request correction of inaccurate Personal Information.

Right to Opt-Out: While we do not sell or share data, you have the right to direct us not to sell or share your data should our practices change in the future.

18.5 Authorized Agent
You may designate an authorized agent to make a request on your behalf. We will require (1) written proof of the agent’s authorization signed by you, and (2) direct verification of your own identity with us (unless you have provided the agent with a valid Power of Attorney pursuant to California Probate Code sections 4121-4130).

18.6 Non-Discrimination
FinTechX will not discriminate against you for exercising any of your CCPA/CPRA rights. This means we will not deny you goods or services, charge different prices or rates, provide a different level or quality of services, or suggest that you may receive a different price or rate for services.

This section applies exclusively to Data Subjects located in the European Economic Area (EEA) and the United Kingdom (UK). It provides detailed information regarding your rights under the General Data Protection Regulation (GDPR) and the UK GDPR.

19.1 Legal Bases for Processing
The specific legal bases for our processing of Personal Data are set forth in Section 10.

19.2 Data Subject Rights Under GDPR
In addition to the rights outlined in Section 17, you have the following specific rights under the GDPR:

Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in the Member State of your habitual residence, place of work, or place of the alleged infringement. A list of EU Data Protection Authorities is available at https://edpb.europa.eu/about-edpb/board/members_en. The UK supervisory authority is the Information Commissioner’s Office (ICO) (www.ico.org.uk).

Right to Object to Automated Decision-Making: FinTechX does not engage in solely automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you. Any automated processing (such as email list segmentation) is subject to human oversight and does not result in legal or similarly significant effects.

19.3 Transfers Outside the EEA/UK
As detailed in Section 15, we transfer Personal Data to countries outside the EEA and UK (specifically the UAE and Pakistan). We rely on the EU Standard Contractual Clauses (SCCs) and the UK Addendum to the SCCs to ensure an adequate level of protection for your data. You may request a copy of the relevant safeguards by contacting legal@fintechsol.biz.

19.4 Representative in the European Union
In compliance with Article 27 of the GDPR, FinTechX has appointed a representative within the European Union for the purposes of acting as a point of contact for supervisory authorities and Data Subjects on all issues related to data protection. Contact details for our EU Representative can be obtained by emailing legal@fintechsol.biz.

This section applies to Data Subjects located in the United Arab Emirates or whose Personal Data is processed by FinTechX Technology Solutions FZ-LLC within the UAE. It outlines your rights under the UAE Personal Data Protection Law (PDPL).

20.1 Rights of the Data Subject Under UAE PDPL
Under the UAE PDPL, you have the following rights:

Right to be Informed: The right to know the purposes for which your data is processed (this Privacy Policy serves that purpose).

Right to Access: The right to obtain a copy of your Personal Data undergoing processing.

Right to Rectification: The right to correct inaccurate or incomplete Personal Data.

Right to Erasure: The right to request deletion of your Personal Data in certain circumstances (e.g., data no longer necessary for the purpose, withdrawal of consent, unlawful processing).

Right to Restrict Processing: The right to limit processing in specific cases (e.g., pending verification of accuracy).

Right to Data Portability: The right to receive your data in a structured format and transmit it to another Controller.

Right to Object: The right to object to processing based on legitimate interests or for direct marketing.

20.2 Complaint to UAE Data Office
If you are dissatisfied with our response to your request or believe our processing violates the UAE PDPL, you have the right to lodge a complaint with the UAE Data Office, the competent supervisory authority established under Federal Decree-Law No. 44 of 2021.

20.3 Consent for Cross-Border Transfer
By using our Services, you explicitly acknowledge and consent to the transfer of your Personal Data to Pakistan and other countries where our Service Providers may be located, in accordance with Section 15 of this Policy.

This section applies to Data Subjects located in Pakistan whose Personal Data is processed by FinTechX Technology Solutions (SMC-PRIVATE) LIMITED.

21.1 Applicable Legal Framework
While Pakistan awaits the enactment of a comprehensive personal data protection law, the Prevention of Electronic Crimes Act, 2016 (PECA) provides certain protections against unauthorized access to data and cybercrime. Furthermore, the Constitution of Pakistan guarantees the right to privacy under Article 14(1).

21.2 Our Voluntary Commitment
In the absence of specific statutory data subject rights equivalent to the GDPR, FinTechX voluntarily extends the following rights to Data Subjects in Pakistan, as a matter of corporate policy and ethical practice:

Right to Access and Correction: You may request a copy of the Personal Data we hold about you and request corrections to any inaccuracies.

Right to Opt-Out of Marketing: You may request that we cease using your Personal Data for direct marketing purposes.

Right to Deletion: You may request the deletion of your Personal Data where there is no compelling reason for its continued processing.

21.3 Complaint Mechanism
If you have a complaint regarding our data handling practices in Pakistan, please contact legal@fintechsol.biz. If the matter remains unresolved, you may consider lodging a complaint with the Pakistan Telecommunication Authority (PTA) or the Securities and Exchange Commission of Pakistan (SECP) where applicable, pending the establishment of a dedicated Data Protection Authority.

FinTechX is committed to transparency regarding the use of automated processing systems.

22.1 Solely Automated Decision-Making
FinTechX does not engage in solely automated decision-making, including profiling, which produces legal effects concerning a Data Subject or similarly significantly affects the Data Subject. For example, we do not use automated algorithms to approve or deny enrollment in courses, determine eligibility for employment, or set pricing based solely on automated profiling of personal characteristics. All significant decisions regarding our Services are made or reviewed by human personnel.

22.2 Profiling for Marketing and Personalization
We do engage in limited “profiling” as defined under the GDPR, which involves automated processing of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

Purpose: Our profiling is strictly limited to understanding professional interests (e.g., predicting that a user who downloaded a white paper on “SAP S/4HANA Migration” may be interested in related consulting services). This information is used to personalize the content of our marketing emails and website recommendations.

Impact: This profiling does not produce legal or similarly significant effects. It merely enhances the relevance of our communications.

Opt-Out: You have the right to object to this profiling at any time by contacting legal@fintechsol.biz. Upon receipt of your objection, we will cease using your data for this type of automated analysis.

FinTechX Services are designed for professionals and corporate entities. The Website and Services are not intended for children under the age of 18.

23.1 No Knowing Collection
We do not knowingly collect, use, or disclose Personal Information from children under the age of 18. If you are under 18, please do not attempt to register for our Services or send any Personal Information about yourself to us.

23.2 Parental Notice and Deletion
If we become aware that we have inadvertently collected Personal Information from a child under the age of 18 without verifiable parental consent, we will take immediate steps to delete such information from our records. If you are a parent or guardian and you believe your child has provided us with Personal Information, please contact us immediately at legal@fintechsol.biz so that we can take appropriate action.

23.3 Educational Settings Exception
In the context of corporate training programs that may be attended by interns or apprentices under the age of 18, the provision of Personal Information is governed by the contract between FinTechX and the corporate client, which assumes responsibility for ensuring appropriate consents are in place.

This section describes how FinTechX collects and uses Personal Information in the context of recruitment and employment.

24.1 Information Collected from Job Applicants
When you apply for a position with FinTechX, we collect information necessary to evaluate your candidacy. This may include:

Contact Details: Name, address, phone number, email.

Professional History: Resume/CV, cover letter, employment history, education history, professional certifications, and references.

Interview Notes: Notes taken by interviewers during the recruitment process.

Pre-Employment Screening: With your explicit consent, we may conduct background checks (criminal record, credit history) where permitted by local law and relevant to the position.

24.2 Use of Applicant Data
Applicant data is used solely for the purpose of:

Evaluating qualifications and suitability for the role.

Communicating with you about the recruitment process.

Complying with legal and regulatory obligations (e.g., verifying right to work in the UAE or Pakistan).

Defending against potential legal claims.

24.3 Retention of Applicant Data

Successful Candidates: Data is transferred to the employee personnel file and retained in accordance with employment law requirements.

Unsuccessful Candidates: Data is retained for a period of six (6) months after the conclusion of the recruitment process, after which it is securely deleted, unless you provide explicit consent for us to retain your details for future opportunities.

24.4 Employee Data
The privacy practices governing the Personal Information of FinTechX employees are set forth in a separate internal Employee Privacy Notice, which is provided to all staff members upon hiring.

The majority of FinTechX’s interactions are business-to-business (B2B) in nature. This section clarifies our practices regarding data of individuals acting in a professional or corporate capacity.

25.1 Distinction Between B2B and B2C Data
While all natural persons have privacy rights, certain regulations (like the CCPA) have historically provided partial exemptions for B2B communications until recently. FinTechX applies a consistent, high standard of privacy protection to all Personal Information, regardless of whether it pertains to a personal or corporate email address.

25.2 Corporate Contact Information
We process the professional contact information (name, job title, corporate email, office phone number) of our corporate clients and prospects for the following B2B purposes:

Negotiating and executing service contracts.

Communicating project updates and deliverables.

Sending invoices and managing payments.

Providing information about service upgrades or new offerings relevant to the corporate client’s business.

Complying with legal and audit requirements.

25.3 Opt-Out for Corporate Communications
Even where local law permits B2B marketing without explicit consent (a “soft opt-in”), we respect your preference. You may unsubscribe from FinTechX marketing emails sent to your corporate email address at any time by clicking the link in the footer of the email.

FinTechX uses email to communicate important information and to promote our Services. We are committed to complying with anti-spam laws, including the CAN-SPAM Act (USA), CASL (Canada), and the ePrivacy Directive (EU).

26.1 Subscription and Consent

Newsletter and Marketing Lists: We only add individuals to our marketing email lists where they have provided explicit consent (e.g., by checking an unchecked box on a registration form) or where we have a legitimate interest in marketing to an existing corporate contact.

Transactional Emails: We may send you emails related to your account or specific transactions (e.g., course enrollment confirmations, invoice receipts). You cannot opt out of these essential communications.

26.2 Unsubscribe Mechanism
Every marketing email sent by FinTechX includes a clearly labeled “Unsubscribe” or “Manage Preferences” link in the footer. Clicking this link will immediately remove you from that specific mailing list. We process opt-out requests promptly, generally within two (2) business days.

26.3 Email Tracking
As noted in Section 8, our marketing emails may contain web beacons that allow us to track aggregate open rates and click-through rates. This data is used solely to measure the effectiveness of our communications and is not used to track individual browsing habits across the web.

The Fintechsol.biz Website may contain links to external websites, plug-ins, and applications that are not operated or controlled by us.

27.1 Links to Other Websites
Our Website may include links to:

Industry partner websites (e.g., SAP, Microsoft).

Social media platforms (LinkedIn, Twitter/X, YouTube).

Event registration platforms (Eventbrite).

Resource libraries and white paper repositories.

Clicking on these links will direct you to a third-party site. We have no control over, and assume no responsibility for, the content, privacy policies, or data handling practices of any third-party sites or services. We strongly advise you to review the Privacy Policy of every site you visit.

27.2 Social Media Features
Our Website may include social media features, such as the “Share” button for LinkedIn, or embedded YouTube videos. These features may collect your IP address and which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Your interactions with these features are governed by the privacy policy of the company providing them.

A significant portion of our training and consulting services is delivered virtually via video conferencing platforms.

28.1 Platforms Used
We utilize industry-standard platforms such as Zoom, Microsoft Teams, and Google Meet to deliver these services.

28.2 Recording of Sessions

Notice: Participants are clearly notified at the start of a session and via the platform interface if a session is being recorded. For interactive training sessions, we may pause recording during breakout room discussions or Q&A segments to foster open communication.

Purpose: Recordings are made available to enrolled participants for on-demand review and for quality assurance of our instructional content.

Storage: Recordings are stored securely in our cloud infrastructure and are accessible only to authorized FinTechX personnel and registered participants. Recordings are typically retained for 12 months after the course concludes, unless otherwise specified in the training agreement.

28.3 Participant Privacy Settings
Participants are encouraged to utilize platform features such as virtual backgrounds, muting, and turning off video to control their personal environment.

When FinTechX consultants provide on-site services at client locations, the handling of Personal Information is governed by the client’s own security policies and our contractual obligations. This section outlines our internal protocols for on-site engagements.

29.1 Device Security

Clean Desk / Clear Screen: Consultants are required to lock their laptops when away from their workstations.

Encryption: All FinTechX-issued laptops have full-disk encryption enabled.

VPN: When accessing FinTechX internal systems from a client site, consultants are required to use our corporate Virtual Private Network (VPN) with MFA.

29.2 Handling of Client Data
Consultants are trained to handle client data with the utmost confidentiality. Any client data transferred to FinTechX systems for analysis is done via secure, encrypted file transfer protocols (SFTP) or client-approved secure portals.

29.3 Physical Documents
Any physical documents containing Personal Information printed during an on-site engagement are either securely stored in locked cabinets provided by the client or securely destroyed on-site using cross-cut shredding at the conclusion of the engagement.

FinTechX maintains a formal Incident Response Plan (IRP) to ensure a swift, effective, and compliant response to any suspected or confirmed security breach involving Personal Information.

30.1 Incident Response Team
A designated Incident Response Team (IRT), comprising members from Legal, IT Security, and Executive Management, is responsible for managing the response. The IRT convenes immediately upon detection of a potential incident.

30.2 Containment and Assessment
Upon detection of a suspected breach, our immediate priority is to contain the incident to prevent further unauthorized access or data loss. This may involve isolating affected systems, revoking compromised credentials, or temporarily taking services offline. We then conduct a forensic investigation to determine the scope of the breach, the categories of data affected, and the number of individuals impacted.

30.3 Notification Obligations

Supervisory Authority Notification: If the breach is likely to result in a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authority (e.g., UAE Data Office, relevant EU DPA, UK ICO) within 72 hours of becoming aware of the breach, as required by GDPR Article 33.

Data Subject Notification: If the breach is likely to result in a high risk to the rights and freedoms of individuals, we will notify affected Data Subjects without undue delay. The notification will describe, in clear and plain language, the nature of the breach and provide recommendations for mitigating potential adverse effects.

Client Notification: We will notify affected corporate clients in accordance with the terms of our Data Processing Agreements.

30.4 Documentation
We maintain an internal breach register documenting all incidents, including those that do not trigger mandatory notification, for audit and continuous improvement purposes.

31.1 Do Not Track (DNT)
DNT is a web browser setting that sends a signal to websites requesting that the user not be tracked. As there is currently no consensus industry standard or legal framework for how companies should respond to DNT signals, FinTechX does not currently recognize or respond to browser-initiated DNT signals. We will continue to monitor developments in this area.

31.2 Global Privacy Control (GPC)
The Global Privacy Control is a proposed specification designed to allow users to signal their privacy preferences (such as opting out of the sale of data) to websites they visit. FinTechX recognizes the GPC signal as a valid request to opt out of the sale of Personal Information and sharing for cross-context behavioral advertising. However, as stated in Section 18.2, FinTechX does not currently engage in these activities. Should our practices change in the future, we will honor the GPC signal as a valid opt-out mechanism for California Consumers.

FinTechX respects the rule of law and will comply with valid legal process from government and law enforcement agencies. However, we are also committed to protecting the privacy of our clients to the fullest extent permitted by law.

32.1 Procedure for Responding to Requests
We require that all government or law enforcement requests for Personal Information be:

Made in writing, on official letterhead.

Signed by a competent authority (e.g., a judge, magistrate, or senior law enforcement official with proper jurisdiction).

Issued pursuant to a valid legal process, such as a subpoena, court order, or search warrant, issued under the laws of the UAE or Pakistan, or through applicable Mutual Legal Assistance Treaties (MLATs).

32.2 Notice to Data Subject
Where legally permissible and not otherwise prohibited by the terms of the legal process (e.g., a non-disclosure order or “gag order”), we will make reasonable efforts to notify the affected Data Subject or corporate client of the request before disclosing any Personal Information. This provides the individual or entity an opportunity to seek legal recourse to quash or limit the request.

32.3 Transparency Report
We may, at our discretion, publish an annual Transparency Report aggregating the number and type of government requests received.

In the event that FinTechX Technology Solutions FZ-LLC, FinTechX Technology Solutions (SMC-PRIVATE) LIMITED, or substantially all of their respective assets are acquired by a third party, or in the event of a merger, reorganization, or bankruptcy, Personal Information held by us may be one of the assets transferred to the successor entity.

33.1 Notice of Transfer
You will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.

33.2 Continuity of Privacy Protections
Any acquisition or merger agreement will include provisions requiring the acquiring entity to honor the terms of this Privacy Policy and to provide an equivalent or greater level of protection for your Personal Information. If the acquiring entity plans to materially change this Privacy Policy, you will be provided with prior notice and an opportunity to opt out or delete your data before the changes take effect.

We reserve the right to update, modify, or replace this Privacy Policy at any time to reflect changes in our data processing practices, operational requirements, or legal and regulatory obligations.

34.1 Notice of Material Changes
If we make material changes to this Privacy Policy, we will provide notice through one or more of the following methods:

Posting a prominent notice on the Website home page.

Sending an email notification to the address we have on file for you (if applicable).

Updating the “Last Updated” date at the top of this document.

34.2 Your Continued Use
Your continued use of the Website or Services after the effective date of any revised Privacy Policy constitutes your acknowledgment and acceptance of the revised terms. If you do not agree with the revised Privacy Policy, you must immediately discontinue use of the Website and Services.

34.3 Archival of Prior Versions
Prior versions of this Privacy Policy will be archived and made available upon request by contacting legal@fintechsol.biz.

For any questions, concerns, requests, or complaints regarding this Privacy Policy or our data handling practices, please contact us using the details below. We have designated a Data Protection Officer (DPO) to oversee compliance with global privacy laws.

Primary Contact (Global Data Protection Officer):
Email: legal@fintechsol.biz
Subject Line: ATTN: Privacy Compliance Officer

Registered Office (United Arab Emirates):
FinTechX Technology Solutions FZ-LLC
FAMC2122, Compass Building, Al Shohada Road,
Jazirat Al Hamra, Ras Al Khaimah, United Arab Emirates

Registered Office (Pakistan):
FinTechX Technology Solutions (SMC-PRIVATE) LIMITED
136 1-C1, Township, Lahore, Pakistan 54770

EU Representative Contact:
Contact details for our designated EU Representative can be obtained by submitting a request to legal@fintechsol.biz with the subject line “EU Representative Inquiry.”

SAP Training Course Form

First Name

Last Name

Phone

Department

SAP Training Course

Other SAP Course

Course Delivery

In-Person / Classroom

Remote / Online

Privacy Policy

Privacy Policy

FinTechX Technology Solutions FZ-LLC (UAE)
FinTechX Technology Solutions (SMC-PRIVATE) LIMITED (Pakistan)

Last Updated: 16 April 2026

Privacy Policy

Privacy Policy

FinTechX Technology Solutions FZ-LLC (UAE)FinTechX Technology Solutions (SMC-PRIVATE) LIMITED (Pakistan) Last Updated: 16 April 2026

FinTechX Technology Solutions FZ-LLC (UAE)
FinTechX Technology Solutions (SMC-PRIVATE) LIMITED (Pakistan)

Last Updated: 16 April 2026