Privacy Policy

In order to ensure the safety of your personal data and to preserve its privacy through your dealings with us in all our official channels; We at the Waqfi platform appreciate the importance of your knowledge of the privacy policy, and how we can collect and process your personal data, as this policy has been formulated in accordance with the laws and regulations for protecting personal data in the Kingdom, with the aim of helping you understand the nature of the data we collect from you and how this data will be dealt with by Before the podium; Therefore, please read this policy; To ensure clarity of what the platform applies in its dealings, when you use the Waqfi platform website or one of our other official channels, you acknowledge your agreement to our privacy policy.

Definitions

1. You to the addressee means the user of the Waqfi platform website / the beneficiary and the customer through any official means of the platform.
2. The speaker's form, which is referred to as (we, us, ours), refers to Waqfi's platform.
3. Our website or the website means the Waqfi platform website.
4. Other official channels mean applications, stores, accounts on social networking sites, or any paper transactions with the Waqfi platform, and any means by which the platform, in its official capacity, deals with personal data.

Purpose for collecting your personal data

The process of collecting user/beneficiary personal data through the Waqfi platform website or any other means through which the platform deals is intended for several regulatory purposes, which are:

1. Enabling the platform to perform its regulatory roles regarding endowment work in the Kingdom..
2. Strict procedures and measures to protect the security of information and technology that we use to prevent fraud and unauthorized access to our systems.
3. When submitting any external report (outside the platform) to a specific party in the capacity of the regulatory platform or any service provided by the platform to those we deal with, without affecting the rights and interests of the personal data subject, we guarantee that your identity is hidden in accordance with the laws and regulations.
4. Regular and periodic updating of protection procedures and controls that meet or exceed standard standards.
5. Monitor and detect potential violations and abuses when using the site or any of our official means and channels.
6. Understand the needs of beneficiaries, verify their eligibility for endowment products and services, and notify customers of any new product offered.
7. Sending awareness and marketing materials, with the possibility of canceling this if the personal data subject requests, by communicating with the platform through the means of communication specified in this policy.
8. Dealing with complaints and inquiries regarding the transactions, products and services provided and practiced by the platform.
9. In the event of sharing and disclosing your personal data with any other party; We deal with it according to the goal of improving the service provided to you, and we will limit ourselves to the minimum of that.

Sources of personal data collection

1. Directly from users: While visiting the platform through direct correspondence with the platform via email, for example, or through other direct customer interactions such as: applying for the platform’s services, creating an account on the Waqfi platform, or benefiting from the services The platform or questionnaires that the platform operates on, or submitting comments or contacting the entity by any means to submit an inquiring complaint, etc., and the collection of personal data is not limited to electronic transactions, but rather includes every paper dealing of the platform with beneficiaries and interested parties.
2. From another (third) party: Acting on behalf of the person with personal data.
3. From publicly available sources: Where the platform may use public sources, for example - but not limited to - Websites available to everyone, social media networks, programs open to the public such as Google Maps (via technical connection points with government agencies.)
4. Cookies: If you allow them, browser records (cookies) will save your data based on your last login on the site, as cookies are used to distinguish between you and other users, to improve quality, Collecting and storing data to assist in the classification process, which achieves better service for the beneficiary, as cookie links preserve the user’s identity to simplify the process of re-entering the site with ease.

Personal data we collect

Waqfi platform collects the following personal data:

1. Identity data: Full name, username or similar identifier, date of birth, gender, identification number (such as passport number, or national ID number), and other identifying data that the platform may need.
2. Contact information: Location addresses, email address, and phone numbers.
3. Geospatial and geographical data:This means, for example - but is not limited to - the time range such as the country of the data subject, the city in which he lives, the longitude and latitude of endowment assets, and any of the relevant data and relationships that the platform needs.
4. Transaction data: Includes direct banking transactions such as payment, purchases, IBAN number, and other content when needed.
5. Credit data: Any statement that the Waqfi platform may need; To ensure the fulfillment of the platform’s requirements as a regulatory body or through the services provided by the platform, it requires the collection of any credit-related data, and the platform specifies the purpose for this, for example - but not limited to - (the bank facility containing credit data).
6. Technical Data: includes, but is not limited to, your Internet Protocol (IP) address, your login data, browser type and settings, types and versions of browser plug-ins, and information collected through cookies. , operating system, operating platform, crash reports, system activity, request history, URL and other related technologies that you use to access the site, or our other official means and channels.
7. Health data: Any statement related to an individual’s health that the platform may need, and it determines its purpose, to carry out its work accordingly Legal justifications, including, but not limited to, (what is related to the health condition of the endowment supervisor).

Rights of Personal Data Subjects

1. The right to know: The subject of personal data has the right to know the ways in which we collect his data, the legal basis for collecting and processing it, how it will be processed, saved and destroyed, with whom it will be shared, and the importance of collecting and processing his personal data.
2. The right to access personal data: The personal data subject has the right to access his data by submitting an access request, taking into account that the legal justification is either consent, the legitimate interest of the platform, or the implementation of an agreement to which the personal data subject is a party, While emphasizing that the rights of others are not harmed by the exercise of this right, such as intellectual property rights or trade secrets.
3. The right to request access to personal data: The personal data subject has the right to request access to his data, taking into account that the legal justification is either consent, the legitimate interest of the platform, or the implementation of an agreement to which the personal data subject is a party. We provide personal data to its owner in a commonly used electronic format that is legible and clear. It is possible to provide the person with personal data with a printed copy whenever possible, while ensuring that the rights of others are not harmed by the exercise of this right, such as intellectual property rights or trade secrets.
4. The right to request correction of personal data: The owner of personal data has the right to request the correction of his data that he deems incomplete, inaccurate or incorrect, via e-mail. He will be notified via the same means within a period not exceeding 30 days from the date of the request. He will also have the right to restrict the processing of his data for a period during which the validity of the data can be verified, provided that the restriction request does not conflict with the laws and regulations.
5. The right to request the destruction of personal data: The personal data subject has the right to request the destruction of his personal data in legally specified circumstances unless there is a statutory provision specifying a period for retaining personal data, or contractual requirements, which the personal data subject has agreed to on the condition that it does not It negatively affects his rights or interests, and the Waqf platform automatically activates the right of destruction in the circumstances stipulated in the laws and regulations; Such as knowing that personal data is being processed in a manner that violates the law.
6. The right to withdraw consent: The data subject has the right to revoke his consent to processing and withdraw it at any time by informing the Waqfi platform of this through the specified means of communication, including the platform taking the necessary measures such as stopping the processing and requesting the destruction of personal data from those who have been disclosed. them in advance.

We would like to note that some or all of these rights may be subject to certain exceptions and exemptions specified by the system, and will be evaluated on a case-by-case basis to ensure their compatibility with those exceptions, and this policy specifies How to exercise those statutory rights of the data subject.

Retention and destruction of personal data

The Waqfi platform does not retain personal data unless this is necessary in accordance with regulatory justifications, including storing it in implementation of judicial requirements or security procedures. The Waqfi platform is also committed to destroying personal data if the personal data owner requests this, and in the event that the purpose for which it was collected is no longer available, or the Waqfi platform learns that the personal data is being processed in an irregular manner, it will take the necessary measures that result from that. Personal data is saved electronically through databases or data stores or in paper documents protected in strict ways. The means of destroying personal data is through paper crushing, and ensuring that it is deleted from the designated databases and systems available on the platform.

Regular basis for processing your personal data

According to the relevant laws and regulations, the systematic basis we rely on to process this data is:

Your express consent: You can withdraw your consent at any time, except for some exceptions described in the laws and regulations. To do this, you can contact us through the contact information indicated in the policy. The Waqfi platform also has the right, in certain circumstances, to process your personal data without obtaining With your consent, in accordance with Article 6 of the Personal Data Protection System.

Achieving the public interest: By trying to develop and improve joint government procedures, and the determinants and controls for this purpose are the laws and regulations.

Achieving legitimate interests for the Waqfy platform or for the personal data subject: The personal data protection system and its regulations set its requirements.

Implementing an agreement to which the personal data subject is a party: If the personal data is publicly available or was collected from a publicly available source.

Preserving the vital interests of the personal data subject or protecting him from any harm.

Use of your personal data

Under the laws and regulations related to the protection of personal data, we use your personal data on all official websites, channels, and means of communication of the Waqfi platform in order to develop the service provided to you, and to carry out general business analysis. of the platform in accordance with its organizational tasks and competencies, and we may combine personal data and/or access it to evaluate and provide content and services related to you. We also have the right to keep any of your personal data in a file and use it to contact you through any of the regular means of communication. On the platform, we can work to hide Your identity by taking updated organizational and technical measures, to avoid any risks to your personal data, as we confirm that we on the Waqfi platform are keen on the systematic and optimal use of your personal data. The Waqfi platform also applies dedicated measures to comply with the personal data protection system and its regulations, provided that these measures contribute to the application of the main principles of data protection, which are:

1. To be used in a systematic, fair and transparent manner.
2. Be limited to the specific purpose of its collection and to the minimum amount of data.
3. To be constantly updated, to verify its quality and integrity.
4. It should be kept when necessary, and destroyed as soon as its purpose no longer exists.
5. To be kept securely. It enhances its privacy.

Sharing your personal data

We seek to implement the main principles of data sharing determined by the competent authority, which are:

1. Promoting a culture of participation.
2. Legitimacy of purpose.
3. Authorized access.
4. Transparency and data security.
5. Ethical use.
6. Shared responsibility.

Thereby we ensure that we do not share your private data with any person or entity outside the scope of our work except in the following cases:

1. If we are permitted by you to share it with authorized official bodies for the purpose of processing.
2. If the data is requested under a regulatory requirement or in response to a legal requirement or for verification in order to conduct any legal and lawful practices in cases of fraud or technical problems.
3. The Waqfi platform may share personal data without obtaining consent from the personal data subject, in accordance with specific controls, and in accordance with the legitimate interests of the platform, without prejudice to the rights of the personal data subject or affecting his interests, unless the data is sensitive.
4. If we share your personal data with trusted third parties, we:
   1. We only provide them with the data necessary for their specific services/specific purpose.
   2. We agree with third-party entities through contracts that guarantee that your personal data will not be used except for the purposes specified with the required accuracy.
   3. In turn, we ensure that your personal data is protected during the sharing process through strict procedures, and we verify that those with whom we share your personal data take the necessary measures to maintain the privacy of your personal data.

Sharing your personal data

We seek to implement the main principles of data sharing determined by the competent authority, which are:

1. Promoting a culture of participation.
2. Legitimacy of purpose.
3. Authorized access.
4. Transparency and data security.
5. Ethical use.
6. Shared responsibility.

Thereby we ensure that we do not share your private data with any person or entity outside the scope of our work except in the following cases:

1. If we are permitted by you to share it with authorized official bodies for the purpose of processing.
2. If the data is requested under a regulatory requirement or in response to a legal requirement or for verification in order to conduct any legal and lawful practices in cases of fraud or technical problems.
3. The Waqfi platform may share personal data without obtaining consent from the personal data subject, in accordance with specific controls, and in accordance with the legitimate interests of the platform, without prejudice to the rights of the personal data subject or affecting his interests, unless the data is sensitive.
4. If we share your personal data with trusted third parties, we:
   1. We only provide them with the data necessary for their specific services/specific purpose.
   2. We agree with third-party entities through contracts that guarantee that your personal data will not be used except for the purposes specified with the required accuracy.
   3. In turn, we ensure that your personal data is protected during the sharing process through strict procedures, and we verify that those with whom we share your personal data take the necessary measures to maintain the privacy of your personal data.

Personal data leak incidents

The Waqfi platform is committed to notifying the competent authority in the event of a leak of personal data within a period not exceeding 72 hours from the time of becoming aware of the incident unless there are justifications for delay that prevent this. The Waqfi platform is also committed to informing the personal data subject about the leakage of his personal data, describing the potential risks and the measures taken by the Waqfi platform to prevent or mitigate the impact of those risks, while providing recommendations or advice to the personal data subject that may help him take any appropriate action regarding those risks.

Transferring data outside the geographical borders of the Kingdom of Saudi Arabia

The Waqfi platform protects personal data when it is transferred outside the Kingdom for any legal purpose, such as implementing an obligation in which the data subject is involved, serving the interests of the Kingdom, implementing an obligation under an agreement to which the Kingdom is a party, or implementing For other legal purposes, provided that the transfer or in cases of national or personal security does not harm a party to the vital interests of the Kingdom, and that there is an appropriate level of protection for personal data outside the Kingdom, and the transfer or disclosure is limited to the minimum amount of personal data that is needed, and is excluded from Conditions for transferring or disclosing data are within the absolutely necessary cases that relate to the life of the data subject or his vital interests and what is related to that.

1. Binding joint rules: provided that they include matters approved by the regulation on transferring personal data outside the geographical borders of the Kingdom of Saudi Arabia.
2. Standard contractual clauses if they guarantee adequate protection of personal data.
3. Certificates of compliance with the law and regulations in the Kingdom, issued by an entity approved by the competent authority.
4. Binding codes of conduct.

In the absence of any of the mentioned points, the Waqf platform for transferring personal data outside the Kingdom when needed follows what is approved by the laws and regulations, and the decisions and recommendations approved by the competent authority. In cases of transfer outside the borders, the Waqfi platform applies what is included in the regulations for transferring personal data outside the geographical borders of the Kingdom of Saudi Arabia, with multiple and different cases, which cannot be mentioned in this policy. Accordingly, we note the necessity of reviewing the aforementioned regulations to find out the mechanism for exercising them and to clarify the obligations of the Waqfi platform and the rights of the data subject. Regarding transportation outside borders.

Updates that may occur to the privacy policy

We reserve the right to update the privacy policy and what it contains from time to time without notifying you in advance, except in the event of fundamental changes, then we will notify you of that. Therefore, you are obligated to stay informed of the updates of this policy, and by using this site or any of our other official channels, you agree to this policy.

Inquiries and complaints

If you have any inquiry or request regarding exercising any of your rights related to the processing of your personal data or about what is stated in the Privacy Policy in general, you can communicate via email.

Concluding provisions

The privacy policy on the Waqf platform applies what is stated in the personal data protection system and its regulations, and they are considered a main reference for the terms and conditions contained in the privacy policy, etc.