Terms & Conditions
Privacy Policy
Smart MDD for Information Technology Privacy Policy
This policy covers all the services and products we provide, and ensures compliance with the Personal Data Protection Law adopted in the Kingdom of Saudi Arabia. This policy covers all the services and products we provide, and ensures compliance with the Personal Data Protection Law adopted in the Kingdom of Saudi Arabia. Smart MDD for Information Technology is committed to collecting and processing personal data through secure mechanisms, in compliance with data protection standards.
This privacy policy explains how Smart MDD for Information Technology collects, uses, stores, shares, and processes customers' personal data and the security measures it takes to protect personal data in compliance with the Personal Data Protection Law in the Kingdom of Saudi Arabia.
Data collection:
Smart MDD for Information Technology may only collect personal data that is necessary to provide our services with the highest possible quality and improve the customer experience. This data includes, but is not limited to:
- User data when visiting the Smart MDD for Information Technology website without registering, such as: Smart MDD for Information Technology Company's network servers, the domain name that was used to access the Internet, the name of the user's Internet service provider, and the user's previous and subsequent location.
- Personal data used for registration such as full name, date of birth, proof number.
- Geolocation data that may be necessary for certain services.
- Contact information such as national or business address, email address, and phone number.
- Bank account data and financial data related to our services such as deposits, withdrawals, etc.
- All documents provided by the client.
- The information required by Smart MDD for Information Technology to comply with the laws and regulations issued by the regulatory authorities.
- We use cookies to study how customers use our website.
- Other information entered by the user, such as filling out a complaint form or using other online services that collect information necessary for processing.
Sources of personal data
We process personal data that we obtain from the following sources:
- Information provided directly by the customer.
- Publicly available, commercially available, or shared information.
- Databases available from official authorities and government-authorized sources to update/verify customer documents.
- Cookies and customer tracking technologies.
- Authorized representatives, such as lawyers or legal guardians appointed to act on behalf of the client.
- While visiting Smart MDD for Information Technology's digital platforms, whether via the website or through other direct interactions such as filling out an application form to apply for the company's services, creating an account on the digital platform, and utilizing the company's services.
- Participating in surveys organized by the company, providing feedback or contacting the company to submit a complaint or inquiry. The collection of personal data is not limited to electronic transactions only, but also includes all manual transactions that take place between the company, beneficiaries and related parties.
Use and processing of personal data
We process customer personal data in accordance with the principles set out in the Saudi Personal Data Protection Law and may be used for the following purposes:
- Delivering and optimizing the products and supply chain services provided by Smart MDD for Information Technology.
- Compliance with legal and regulatory requirements issued by regulators.
- Enhancing information security and ensuring the integrity of personal data.
- To provide customers with high-quality, Sharia-compliant services.
- For security purposes or to meet judicial requirements.
- For purposes expressly approved by the customer.
Sharing and transferring data:
We may share Customer Personal Data with third parties only when necessary:
- with the customer's express consent.
- Where processing is necessary to comply with legal or regulatory obligations.
- With service providers who help us provide our services, provided they take appropriate data protection measures and with the customer's express consent.
- With government and regulatory agencies when requested or to comply with relevant laws and regulations.
Data security
MIDDALDKIA IT applies stringent security measures to protect customers' personal data from unauthorized access, disclosure, modification, or destruction, including advanced cybersecurity monitoring, encryption technologies and access controls, security verification procedures, and ongoing security assessments.
Retention and destruction of personal data
Smart MDD for Information Technology Company is committed to not retaining personal data unless it is necessary according to the statutory justifications, including retaining it to fulfill operational obligations or implement statutory or judicial requirements or security measures, and this is done while taking all appropriate safeguards to protect the data. In all cases, Smart MDD for Information Technology is committed to keeping personal data in line with the Personal Data Protection Law and the instructions issued by the regulatory authorities in the Kingdom of Saudi Arabia. When the purpose for which the data was collected no longer exists or if the data subject requests that the data be destroyed, Smart MDD for Information Technology is obligated to securely destroy the data. In the event that Smart MDD for Information Technology becomes aware that personal data is not being processed lawfully, it will take the necessary measures to rectify the situation and ensure compliance with the relevant laws and regulations. Personal data is stored electronically via databases, secure data stores or paper documents that are protected by strict methods. When data is destroyed, this is done by destroying the paper documents and ensuring that they are completely deleted from the databases and systems used, in accordance with the statutory requirements of regulators in the Kingdom of Saudi Arabia and the fight against cybercrime.
Data subject rights
Customers of SMIT have several rights according to the Personal Data Protection Law, as follows:
- The right to be informed, including informing you of the lawful basis for collecting your personal data and the purpose for which it is being collected.
- Access to personal data.
- Request for personal data.
- Request to correct or update data.
- Request the deletion of personal data when it is no longer needed.
- The right to know how data is processed.
- Request the withdrawal of the customer's consent to the processing of their personal data at any time.
General provisions:
- Social Media: Please do not share personal data on Smart MDD for Information Technology Company's social media platforms. Smart MDD for Information Technology Company does not assume any responsibility for personal data shared via social media platforms.
- Smart MDD for Information Technology may use electronic payment services provided by third parties ("Electronic Payment Service") to receive payments through the Site/Application. If you wish to make a payment through the Site, you may be directed to the online payment page of the payment service provider and not of Smart MDD for Information Technology. Any personal data provided through the online payment page will be collected by the online payment service provider and not by us and will be subject to the privacy policy of the online payment service provider and not to this privacy policy, and Smart MDD for Information Technology has no control over the external payment page and is not responsible for the online payment service provider's use of that information.
- The laws of the Kingdom of Saudi Arabia shall apply in all matters relating to the interpretation of statutory texts or the settlement of disputes arising from the use of the Smart MDD for Information Technology Platform website. The competent court in Riyadh is competent to consider and decide on these disputes.
- Updating the policy: This policy is subject to periodic reviews to ensure compliance with any legal or regulatory updates. Customers will be notified of any changes through our website.
- Communication: If you have any questions regarding this policy or wish to exercise any of your rights related to personal data, please contact us at info@mdd.sa
- Update date: September 23, 2024