Privacy Policy

Last Modified Date: 08/09/2024

We, Rewaa For Information Technology, a single-member limited liability company registered in Riyadh under Commercial Registration No. 1010948357, with its main office located at 3259 Anas Ibn Malik Road, Al-Malqa District, Postal Code: 13522, Riyadh, Kingdom of Saudi Arabia (“Rewaa”, “we“, “us“, or “our”), specialize in providing technological solutions for the retail sector, aiming to contribute to the automation of this sector and offering specialized software services including inventory management, sales, accounting applications, and other technological services provided to merchants.

You may reach us through any of our official channels, including the following:

Address:
Riyadh – 3259 Anas Bin Malik Street, Al-Malga District, Postal Code: 13522
Phone:
8001244020
Email:
[email protected]

1. Introduction:

This Privacy Policy (“Policy“) is a legally binding agreement between you (“User” or “your“) and Rewaa. By using or accessing any of our website, products, services, or applications (“Services“) in any manner, you acknowledge that you accept the practices and policies outlined below. Please read this Policy to understand how we handle your Personal Data.

This Policy is designed to help you understand the types of Personal Data we collect, disclose, retain, or otherwise process through our Services, the purposes for processing this Personal Data, and how we protect it. Additionally, it details the choices you have regarding our use of your Personal Data and how you can access and update it. This Policy aligns with the Personal Data Protection Law (“Law“) applicable in the Kingdom of Saudi Arabia.

For the purposes of this Policy, “Personal Data” means any data, regardless of its source or form, that may lead to identifying an individual specifically, or that may directly or indirectly make it possible to identify an individual, including but not limited to: name, personal identification number, addresses, contact numbers, license numbers, records, personal assets, bank and credit card numbers, photos and videos of an individual, and any other data of a personal nature.

2. Your Rights:

In accordance with the Personal Data Protection Law, which explicitly stipulates the rights of data subjects, you shall have the following rights:

• Right to be informed: You are entitled to be informed how we collect your Personal Data, the legal basis for collection and processing, how such data is processed, stored, destroyed, and to whom it may be disclosed. You can access all details through this Policy or by contacting us through our official communication channels.
• Right of access to your Personal Data: You have the right to access your Personal Data that we may hold or process. This right may be exercised by logging into your account, or by contacting us through our official communication channels. This access should be limited to your Personal Data without affecting the data of others and in accordance with the regulations and procedures established in the Personal Data Protection Law.
• Right to request obtaining a copy of your Personal Data: You have the right to request a copy of your Personal Data that we hold about you, in a readable and clear format, whenever it is technically feasible. This request can be made by contacting us through our official communication channels.
• Right to request correction of your Personal Data: You have the right to request the correction, completion, or update of your Personal Data by contacting us through our official communication channels.
• Right to request destruction of your Personal Data: You have the right to request the erasure of your Personal Data, unless there are legal justifications that require or permit its retention for a longer period and without prejudice to the provisions of Article (18) of the Personal Data Protection Law.
• Right to withdraw your consent: You have the right to withdraw your consent to the processing of your Personal Data, unless there are legal justifications that require or permit its retention for a longer period.

When exercising one or more of the aforementioned rights or as provided for in the Personal Data Protection Law, we undertake to fulfill your requests within a period not exceeding thirty (30) days. In the event that fulfilling the request requires unexpected or unusual effort, we reserve the right to extend this period by no more than an additional thirty (30) days. Please note that some or all of these rights may be subject to specific exceptions and exemptions provided for by relevant regulations, and each request shall be evaluated on a case-by-case basis.

3. Legal Basis for Processing Your Personal Data.

The legal basis we rely on for collecting and processing your Personal Data are:

1. Consent: Obtaining your explicit consent, including your consent to this Policy, to process your Personal Data for purposes mentioned in this Policy, including but not limited to receiving marketing information, sales offers, participating in surveys, or research studies. You can withdraw your consent at any time, except where there is another legal basis allowing us to continue processing your Personal Data.
2. Contractual Obligations: We may process your Personal Data to fulfill our contractual obligations towards you, including but not limited to using your Personal Data to execute the contract between us and provide the agreed-upon Services.

• Legitimate Interests: We may process your Personal Data to pursue our legitimate interests in various areas, provided that such processing does not override your rights and freedoms, including but not limited to direct marketing of some of our Services, detecting fraud, protecting network and information security, and improving and developing our Services based on data analysis.

66. Legal obligation: We may process your Personal Data to comply with legal and regulatory requirements, including but not limited to the Commercial Books Law, Article 16, and Implementing regulations of the Value Added Tax law, Article 66.

4. Purposes for Processing Your Personal Data

We collect your Personal Data for several purposes aimed at improving the Services we provide. These purposes, include but are not limited to the following:

• To develop, provide, and improve our Services.
• To support our operations and systems.
• To verify User identity.
• To understand customer needs.
• To improve customer experience.
• For marketing purposes.
• To respond to inquiries and complaints.
• To prevent fraud.
• To comply with contractual requirements.
• To comply with legal and regulatory requirements.
  
  

5. Personal Data Collected and Used:

We may collect necessary Personal Data when you utilize our Services, which may include the following:

• Account Data: Personal Data voluntarily provided to Rewaa, such as personal name, national identification number, addresses, contact numbers, commercial registration number, tax and VAT numbers, bank account information, payment card information, and any other Personal Data provided by you.
• Technical Data: Personal Data essential for Service usage, including Internet Protocol (IP) address, unique personal identifiers (such as device identifier; cookies, beacons, pixel tags, mobile ad identifiers), and similar technologies.
• Financial Data: Personal Data is collected for payment processing purposes.
• Location Data: Personal Data indicating your geographical location, which may be collected through GPS, IP address, or other means for location-based services or functionalities.
• Usage Data: Personal Data about how you interact with our Services, including log data, device information, website or application usage patterns, and performance data.
• Communication Data: Personal Data exchanged when you communicate with us, including emails, chat logs, and other correspondence.

6. Methods of Personal Data Collection

We collect and process some Personal Data obtained through various methods, including but not limited to:

• Services: When you visit, register, or subscribe to any of our Services.
• Direct Communication: When you interact with Rewaa through customer service channels, such as email, phone calls, instant messages, our website, social media accounts, or by submitting forms.
• Surveys: When participating in surveys conducted by us, we may collect information such as your feedback and preferences about our Services.
• Cookies: These are small text files stored on your computer or mobile device when you visit any of our Services. Cookies are used to collect and store information about your interaction with our Services, helping to enhance User experience by remembering preferences, tracking activities, improving site performance, and managing advertisements.

Managing Cookies: You can control cookie settings through your browser settings, allowing you to accept or delete cookies according to your preferences.

7. Retention of Personal Data

We retain your Personal Data as long as necessary to achieve the purposes specified in this Policy, unless otherwise mandated by relevant regulations or where permitted for a longer period. Upon completion of the purpose of collection and processing, we will take reasonable steps to erase them from our systems and external systems processing data on our behalf, or remove any links associating them with you, except where there is a legal justification mandating their retention for a longer period or if they are closely related to a pending legal matter before a judicial authority, and the retention of the Personal Data is required for that purpose.

Please note that requesting deletion or modification of your Personal Data may affect the use or termination of some of our Services, and we may not be able to recover them after deletion.

8. Protection of Your Personal Data and Disclosure

Rewaa Company emphasizes that the confidentiality and security of your Personal Data are among the company’s top priorities. We take a set of measures to ensure the protection of your Personal Data from unauthorized access or disclosure, except in cases required by law or where disclosure is necessary for providing services, technical support, or analytical purposes. We implement a range of reasonable technical, organizational, and technological measures to protect your Personal Data, including encryption, two-factor authentication, and continuous security software updates. However, please note that there is no completely secure method for transferring or storing data over the Internet.

We commit not to disclose your Personal Data for commercial purposes or share it with any third party other than as provided in this Policy, except in cases stipulated in the Personal Data Protection Law. We may share your Personal Data with a third party in the following cases:

• With your consent.
• With affiliates and companies within our group.
• With service providers who provide services on our behalf.
• With external partners and service providers who offer services to us.
• With Banks, financial institutions, and providers of payment technologies and services.
• In the event of corporate activities such as mergers, consolidations, or restructuring efforts (including during due diligence and negotiations); the sale of most of our stocks and/or assets; financial transactions involving the acquisition, divestiture, or dissolution of our business in whole or part; or any other significant corporate changes.
  
  

9. Transfer of Data Outside the Kingdom

Rewaa is an organization with operations, administrative structures, and technical systems outside the Kingdom of Saudi Arabia. Consequently, we may transfer your Personal Data outside the Kingdom for processing and storage by a third party abroad to support our efforts in providing our Services to you more effectively. We are committed to ensuring that any Personal Data transferred to a third party is subject to the same level of protection provided by Rewaa, in accordance with the applicable laws and regulations in the Kingdom.

When transferring Personal Data outside the Kingdom, we take all necessary measures to ensure the protection of your Personal Data, including entering into contractual agreements with the third party that ensure their commitment to protection and privacy standards similar to those we apply at Rewaa, and in accordance with the Personal Data Protection Law.

10. Changes to the Privacy Policy

Rewaa reserves the right to update this Policy from time to time. If we make changes to this Policy, we will notify you here or through appropriate means such as sending the Policy via email or publishing it on our website. We encourage you to regularly review the Policy to stay informed about how we protect your Personal Data. Your continued use of our Services after any changes to this Policy are published means you accept those changes. The last update date of this Policy shall be clarified at the top of the page.

11. Language

This policy has been drafted in Arabic and English, and the English version is a mere translation of the Arabic version. If there is a conflict between the Arabic text and the English text, the Arabic text shall prevail.

12. Contact

If you have any questions, concerns, or complaints regarding this Policy or the data we hold, or if you wish to exercise your rights, please do not hesitate to contact us through one of the communication channels below:

Email: [email protected]

Address: Riyadh – 3259 Anas Bin Malik Street, Al-Malga District, Postal Code: 13522

Phone: 8001244020

If you are not satisfied with our handling of your complaint or if we do not respond within thirty days from the date of receiving your request, you may file a complaint with the competent authority:

Saudi Data and Artificial Intelligence Authority

Kingdom of Saudi Arabia

Riyadh

Website:

Saudi Data & AI Authority  (sdaia.gov.sa)

National Data Governance Platform (dgp.sdaia.gov.sa)