Titledeep

Product

  • Overview
  • Retail
  • Commercial
  • Orchestration

Tools

  • Mortgage Calculator
  • Affordability Calculator
  • DBR Calculator
  • Fees Calculator
  • Down Payment Calculator
  • Refinance Calculator
  • Document Checklist

Resources

  • Resources
  • Learn
  • Regulations
  • Govt Fees

Company

  • About
  • Enterprise
  • Security
  • Contact
  • Community
  • Status

Legal

  • Legal Hub
  • Privacy
  • Terms
  • Cookies
  • Platform Rules
  • DPA
  • Financial Promotions
  • AI Transparency
  • Accessibility
  • Anti-Bribery
  • Code of Conduct
Get StartedPre-approval in minutes, not weeks.
Titledeep

The faster, quieter path to home finance in the UAE.

connect@titledeep.com

ProductOverviewRetailCommercialOrchestrationAffiliates
ToolsMortgage CalculatorAffordability CalculatorDBR CalculatorFees CalculatorDown Payment CalculatorRefinance CalculatorDocument Checklist
ResourcesResourcesLearnRegulationsGovt Fees
CompanyAboutEnterpriseSecurityContactCommunityStatus
LegalLegal HubPrivacyTermsCookiesPlatform RulesDPAFinancial PromotionsAI TransparencyAccessibilityAnti-BriberyCode of Conduct
SupportComplaintsReport SecurityHire ExpertApply as Expert

Titledeep is not a bank or lender. Information is for estimation only. Applications are subject to bank eligibility, verification, and approval. © 2026 Titledeep Technologies L.L.C. All rights reserved.

Dubai, UAE

  1. Home
  2. /Privacy Policy

Last updated: 2 March 2026

Privacy Policy

1) Overview

This Privacy Policy explains how Titledeep collects, uses, shares, and protects personal data when you use our website, applications, and services.

Titledeep is a DED-licensed Dubai mainland entity. We process personal data in accordance with UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection (the UAE Federal Data Protection Law) and its implementing regulations.

2) Definitions

  • Titledeep / we / us: the Titledeep entity (and relevant affiliates) providing the service.
  • You: an individual using the service (borrower, expert, or partner user).
  • Partners / financial institutions: banks, lenders, and other parties you authorise us to share case information with.
  • Personal data: information relating to an identified or identifiable natural person.

3) What we collect

3.1 Identity and profile data

Name, date of birth, nationality, residency status, contact details, and identity documents where needed for the workflow.

3.2 Financial and eligibility data

Income and employment/business information, supporting documents (e.g., bank statements), declared liabilities/obligations, and case attributes (intent type, property profile).

3.3 Case documents and derived data

Documents you upload, extracted fields, verification outcomes, and structured evidence packs generated from those inputs.

3.4 Device, security, and usage data

IP address, device identifiers, security logs, and usage events to maintain security, prevent abuse, and improve reliability. Analytics data is used only where enabled and in accordance with your cookie preferences.

3.5 Communications

Messages you send to us, service communications we send you (e.g., missing items, status updates), and records of communication preferences.

4) Why we collect it (purposes)

  • Provide the service (intake, document handling, case timeline, and controlled exports).
  • Support verification workflows and integrity checks (for example, mismatch detection and fraud prevention signals).
  • Provide customer support and resolve issues.
  • Maintain platform security, integrity, and auditability.
  • Improve product performance and reliability (where enabled).

5) Lawful basis and consent

Where required, we rely on lawful bases recognised under applicable UAE Federal Data Protection Law, including consent (where you explicitly authorise a specific action), contractual necessity (to deliver the service you request), legal obligations (where applicable), and legitimate interests (such as platform security and fraud prevention), balanced with your rights and expectations.

Where we use consent, we present clear consent prompts and maintain records of consent events and changes over time.

6) Credit bureau and risk screening (important clarification)

Credit bureau reports and formal AML/KYC decisions are typically performed by authorised financial institutions or regulated entities. Titledeep may capture and store your consent and facilitate transmission of information as part of a case workflow, but banks and authorised parties control credit decisions, bureau retrieval, and regulatory determinations.

7) How we share personal data

  • With partners/financial institutions you select or authorise, to progress your requested workflow.
  • With service providers (sub-processors) that support hosting, communications, monitoring, and security.
  • With authorities or regulators where required by law or a valid request, handled with a cautious, risk-based approach consistent with applicable obligations.

We do not sell personal data.

8) Cross-border transfers

If personal data is transferred outside the UAE, we apply transfer safeguards consistent with UAE Federal Data Protection Law requirements. This may include transfers to jurisdictions with adequate data protection levels as determined by the UAE Data Protection Office, contractual protections where required, and vendor due diligence and security controls.

9) Retention and deletion

We retain case records and documents for as long as needed to provide the service, meet legitimate operational and auditability needs, and handle disputes, security investigations, and complaints. When retention is no longer required, we delete or anonymise personal data where appropriate, subject to legal holds and applicable law.

10) Your rights and how to exercise them

Where applicable, you may have rights including access, correction, deletion, restriction, objection, and portability, subject to conditions and exceptions. We may need to verify your identity before responding.

How to submit a request: email privacy@titledeep.com or use the in-service privacy request workflow (recommended).

Response: we respond within timelines required by applicable law and guidance.

If you disagree with our response: you may have the right to lodge a complaint with the UAE Data Protection Office where UAE Federal Data Protection Law applies.

11) DPIAs and privacy governance

For high-risk processing activities, Titledeep assesses privacy risk and may conduct Data Protection Impact Assessments (DPIAs) where appropriate. Titledeep maintains privacy governance processes, including vendor due diligence and controls for sensitive data handling.

12) Security

We apply technical and organisational measures designed to protect personal data, including encryption, access controls, and security logging. See the Security & Trust Center for a high-level overview.

13) Personal data breaches

We assess and respond to personal data breaches in line with applicable obligations. Where a breach is likely to result in serious harm, notification to relevant authorities and affected individuals may be required without undue delay, consistent with UAE Federal Data Protection Law requirements and regulatory guidance.

14) Updates to this policy

We may update this policy from time to time. If changes are material, we will provide notice through the service or by email before the update takes effect.