Privacy

Home Privacy - Policy

Privacy Policy

Introduction

The Personal Data Protection Policy aims to ensure that content containing personal data within the company is created, stored, preserved, accessed, managed, and disposed of appropriately in a manner that reflects system and business requirements, regulatory compliance, and in line with applicable industry standards. This policy provides clear guidance on managing compliance under the Personal Data Protection Act.

1. Scope

This policy applies to all types of personal data collected, processed, stored, archived, and disposed of by relevant departments within the company, as well as all systems that process personal data, and all employees who use personal data to achieve company objectives.

2. Main Principles

  • Responsibility: The company's privacy policies and procedures are defined, documented, and approved by the General Secretariat or its authorized representative for dissemination to all relevant parties.
  • Choice and Consent: The company is committed to clarifying the purpose for which any personal data is collected to the data subject and must obtain their explicit consent regarding the collection, use, and disclosure of personal data prior to collection.
  • Limiting Data Collection: Any personal data collected will be limited to the minimum amount necessary to achieve the purposes set out in this Privacy Notice.
  • Limiting Data Use, Retention, and Disposal: Personal data shall be used only for the purposes stated in the Privacy Notice and explicitly consented to by the data subject. Furthermore, data shall be retained for as long as necessary to achieve its intended purposes or as required by laws and regulations and destroyed securely.
  • Access to Data: The company must provide a means by which any data subject can review, update, and correct their personal data.
  • Limiting Data Disclosure: Disclosure of personal data to a third party is limited to the purposes stated in the privacy notice, which has been agreed to by the data subject.
  • Data Security: Personal data must be protected from leakage, damage, loss, theft, misuse, modification, or unauthorized access.
  • Data Quality: Personal data must be retained after verification of its accuracy, completeness, and timeliness.
  • Monitoring and Compliance: Compliance with the company's privacy policies and procedures must be monitored, and any privacy-related inquiries, complaints, and disputes must be addressed.

3. Company Responsibility

The company is not responsible for any intellectual products, studies, or reports based on the data published on the website, nor for any misuse, errors, or missing data.

4. Responsibility of Visitors and Users of the Website

Visitors should regularly review the privacy policy to learn about any updates.

5. Data Reuse

This privacy policy is designed to help visitors understand how their data is handled. Appropriate measures are taken to secure personal information against unauthorized access, misuse, or modification.

6. Related Legislation

National Data Governance Policies issued by the Saudi Data and Artificial Intelligence Authority (SDAIA): (Key Principles for Personal Data Protection).