Privacy Policy
Privacy Policy in dimofinf ensure you protect data and your information that we have already when the customer book any of our services.
www.dimofinf.sa Privacy Policy
We are pleased that you are one of our customers or website’s visitors, which entails your tacit acceptance of our Privacy Policy.
This Privacy Policy is a legally binding agreement between you and “Dimensions of Information for Trading”, Inc. As a Saudi company licensed to provide web development, mobile application development, web hosting and e-marketing services.
We respect your privacy and are committed to protecting it through our compliance with this policy, which describes the following :
- The types of informationthat we may collect from you or that you may provide (“Personal Data”) through your subscription to our Site to utilize any of our services.
- Our practices for collecting, using, maintaining, preserving, protecting and disclosing Personal Data.
- Your rights and choices regarding our use of your Personal Data and how you can access and update it.
This policy consists of (14) clauses, please make sure that you read it carefully before you use or subscribe to one of our services, as well as the materials related to browsing our website, in case you are not subscribed to a service.
This policy is in line with the Personal Data Protection Law issued by Royal Decree No. (M/19) dated 1443/2/9H.
Clause (1) : Definitions
For the purpose of this Policy, the following words and phrases, wherever used, shall have the meanings indicated in front of each of them, unless the context requires otherwise :
Term | Definition |
---|---|
Law | The Personal Data Protection Law issued by Royal Decree No. (M/19) dated 9/2/1443 AH. |
Regulation | The Executive Regulation of the Personal Data Protection Law. |
Company / We / Dimofinf | Dimensions of Information for Trading |
Office | Data Governance and Management Office at Dimensions of Information for Trading |
Personal data | Any data - whatever its source or form - that leads to the specific identification of an individual, or makes it possible to identify them directly or indirectly, such as: Name, personal identification number, addresses, contact numbers, license numbers, records, personal property, bank account numbers, photos of the individual, and other data of a personal nature. |
Data processing | Processing is any operation performed on personal data by any means, whether manual or automated, including Collecting, recording, saving, indexing, arranging, coordinating, storing, modifying, updating, integrating, retrieving, using, disclosing, transferring, publishing, sharing, interconnecting, blocking, erasing, and destroying. |
Controller | The party that determines the purpose and manner of the processing of personal data, whether the processing is initiated by the controller or by the processor. |
Processor / Processing Authority | The entity that processes personal data for and on behalf of the controller. |
Public Authority | Any ministry, authority, public institution, public body, or any independent body in the Kingdom of Saudi Arabia, or any of its affiliates. |
The competent authority | The Saudi Data and Artificial Intelligence Authority (SDAIA). |
Personal Data Owner | The individual to whom the personal data relates, or his representative or legal guardian. |
Personal Data Protection Officer | Responsible for following up the implementation of the provisions of the Law and its regulations, monitoring and supervising the applicable procedures within the controller, and receiving requests related to personal data in accordance with the provisions of the Law and its regulations. |
Explicit consent | A consent given directly and explicitly by the personal data owner in any form that indicates his/her acceptance of the processing of his/her personal data, which cannot be interpreted otherwise, and is provable. |
Destruction | Any action performed on personal data that makes it impossible to access or retrieve it again or to know exactly what happened to it. |
Disclosure | Enabling anyone other than the controller or processing authority, as the case may be, to obtain, use or access Personal Data by any means and for any purpose. |
Transfer | Transferring personal data from one place to another for processing. |
Dissemination | Transmitting or making available any of the Personal Data through a written, audible or visual medium. |
Sensitive data | Any personal data relating to an individual's racial origin, ethnic origin, religious, intellectual or political belief. Security and criminal data, biometric data that identifies an individual, genetic data, health data, and data indicating that the individual is of unknown parentage. |
Leakage of personal data | Any incident that leads to the disclosure, corruption, or unlawful access to personal data, whether intentional or unintentional, and by any means, whether automated or manual. |
Realized interest | Any moral or material interest of the personal data owner that is directly related to the purpose of processing personal data, and the processing is necessary to achieve that interest. |
Clause (2) : Information about Dimensions of Information for Trading
Dimofinf is a leading Saudi company in the field of information technology with more than 25 years of experience and licensed with a commercial registration number 1010213247, working to provide innovative digital solutions to facilitate digital transformation in line with the Kingdom's digital vision in 2030 through the services of web development solutions, mobile applications, web hosting, and e-marketing.
Address : 2759 Prince Meshal Bin Abdulaziz - Arqa - Riyadh - Saudi Arabia
Postal code : 12534
Email : [email protected]
Phone Number : +966-92-00-31132
Clause (3) : Personal data to be collected
Specific types of personal data are collected for the purposes of the processing mentioned in Clause 6 of this policy, according to the following categories:
- Account Data : This is the data that is requested from you when you create an account or profile on our website (Client Area Credentials).
- Payment Data : This is the data collected for the purposes of making payments.
- Cookies Data : Data collected through website logs, cookies or other technologies, including IP address, browser type and version, operating system, login details, and browsing data.
- Identity data - mandatory : Name, date of birth, national ID/residence number.
- Contact information - mandatory : Email address and phone number.
- Billing address - mandatory : Country, city and region.
- The following optional data - may be mandatory when ordering services of a specific nature such as reserving Saudi domains or registering your account as a licensed company : Company name, tax card, postal code, photocopy of the commercial register.
- Bank account information and other banking information : This information is required only to match and confirm the payment, this data includes the account number through which you made the transfer and the name of the account holder, and may sometimes require a scan of the payment receipt, or a screenshot showing the electronic transfer of the outstanding invoice, you will have to provide us with this information when you open an account with us. We will collect the data necessary to process your payment whenever you make a purchase. We do not collect credit card information or other sensitive financial information that is used on our site. Other than purchases by bank transfer, which we process directly, all purchases made with credit cards are processed through the paypal purchase gateway. For information regarding the terms of paypal's privacy policy, please visit the following link : www.paypal.com
- Details of your communications with us Through the ticketing system, online chat and through various communication media such as WhatsApp/Zoom, emails, letters, or any other records of any communication with us.
- Very Special Cases : In very special and rare cases where you are obtaining a service that is not managed by us, and in order to ensure that you do not engage in any illegal activities or violate the laws of the Kingdom of Saudi Arabia, we may ask you for a photocopy of your ID, a photocopy of the commercial register and a photocopy of the letter certified by the Chamber of Commerce.
- All electronic correspondence : between AITC and the account holder or his/her representative that you receive, either via email from non-personal addresses, such as [email protected] and [email protected], or via an online ticketing system, are stored and retained for a period from the date they are received, until such time as we determine that the information contained therein is no longer needed or is not required by lawful authorities. This correspondence with customers is automatically linked to their accounts.
- Support Services : If your request is for technical support service, software installation or upgrades, we may collect certain information required to fulfill your request. Support services often require you to provide us with details to access the server or website requested, such as Username or password, which is necessary to allow access to a site and perform the requested service properly, and which allows our customer support team to access your server or control panel to diagnose an issue or complete an upgrade or installation. In order for you to take advantage of these services, you must authorize us and our customer support team to log into your website or access your control panel, which may contain personal information.
Clause (4) : Cookies
Our website may store so-called “cookies” on your computer when you visit our website. Cookies are our own files that are placed directly by us and used only by us.
We mainly use Sessions cookies, which store information about your browsing session only, and are deleted immediately after you leave our website and close the window. The purpose of using cookies is to facilitate your experience with our website to provide and improve our services.
To ensure that your privacy and personal data are protected and respected at all times, we have provided controls so that you can choose to enable or disable cookies in your internet browser. Most internet browsers also allow you to choose whether you want to disable all cookies or only third-party cookies. By default, most internet browsers accept cookies, but you can change this.
You can choose to delete cookies on your device at any time, however, you may lose any information that enables you to access our website more quickly and efficiently including, but not limited to, login and personalization settings.
Clause 5 : Lawful basis for collecting and processing your personal data
By using our website or subscribing to one of the services provided by Dimensions of Information for Trading, you expressly consent to the collection and processing of your data for the purposes specified in clause 6 of this policy, and your consent is the lawful basis for the collection and processing of your personal data.
Your data is collected and processed in order to fulfill your contract, take action on your requests, or maintain and fulfill the legitimate business interests of Dimensions of Information for Trading, for example, preventing fraud and maintaining the security of our network and services.
When we rely on this legal basis to process your data, we evaluate our business interests to ensure that they do not override your rights. In addition, in some cases, you have the right to object to this processing by contacting us via one of the contact methods described in Clause 14.
Clause 6 : Purpose of using and processing your personal data
We use your data collected within the legal framework of the service you wish to obtain from us, including :
- Providing the requested service : Fulfill your orders and provide you with your products and services.
- Keeping you informed about the status of your order
-
Billing and customer care, for example :
- Invoicing you for the use of our products and services
- Contact you if the billing information you have provided to us is about to expire or we are unable to accept payment.
- Respond to any questions or concerns you may have about our network, products or services.
- Service messages and mails : Keep you up to date with current information about the products and services you have purchased. For example, changes to terms and conditions, price plan, Traffik usage, add-ons you are entitled to, or service interruptions.
- Insurance and anti-fraud: We will process your Usage Data to protect against and detect fraud, to protect and detect misuse or damage, and to recover debts or track those who owe us money resulting from the use of our services.
- We may share your personal information with our collaborating companies in order to identify products or services that may be of interest to you, to improve the overall user experience and website, to participate in market research and for other internal business purposes. We may also combine your personal information with the information of others and compile or distribute to others reports on Site usage, purchase history, or other factors of sale. These reports include any personally identifiable information. We may use your personal information from email or communications about products or services we offer, to send to third parties with whom we have relationships, which we believe may be of interest to you.
We do not share, sell or rent your personal information to third parties for unknown reasons.
Clause (7) : Use of your email address
We may use your email address for the following types of emails
- Updates and occasional valuable offers. We may email you reports about updates on our products and services
- Periodic e-newsletters related to our products and services that you subscribe to.
- Other types of emails from us such as bulletins, alerts or notifications regarding the operation of the service or billing reminders.
Please note that even if you have opted out of marketing emails, we will continue to send you electronic service notifications related to your account(s), including emails that provide account information, respond to your questions about a product or service, facilitate or confirm a sale, or fulfill a legal or regulatory requirement to disclose information.
Clause (8) : Storing your personal data
By using the services of Dimensions of Information for Trading Corporation or visiting our website, you agree to the storage, processing and use of that data by the company, noting that your personal data is stored through secure solutions in the company or with third parties authorized by us within the Kingdom of Saudi Arabia and no data will be stored outside the Kingdom of Saudi Arabia except in accordance with the controls contained in the executive regulations for the transfer of personal data outside the Kingdom of Saudi Arabia.
Clause (9) : Protection of your personal data
We confirm that we have implemented appropriate technical and organizational security measures to ensure that your personal data is properly protected under the Personal Data Protection Law. The security measures include, but are not limited to
- Vulnerability scanning and penetration testing.
- Encryption of data in transit and at rest.
- Applying patches and updates regularly.
- Reviewing security and immunization settings for systems.
- Applying security standards according to best practices for website and application development.
- Data is collected within a secure technical architecture that adheres to cybersecurity policies and standards and in accordance with the controls and legislation issued by the National Cybersecurity Authority.
- Security measures are put in place to prevent your personal data from being accidentally lost, used, accessed, accessed, altered or disclosed in an unauthorized manner based on cybersecurity controls and policies and in accordance with the controls and standards issued by the National Cybersecurity Authority.
- We apply the necessary procedures to manage data sharing, where such data will not be publicly available, and none of that data will be exchanged or traded to any other party without the prior consent of the data owner unless in compliance with the relevant policies, regulations and laws.
- We implement the necessary procedures to manage authorization and access to data, whereby only authorized persons who provide our website services will have access to the information.
Clause (10) : Disclosure of your personal data
Without prejudice to what is stated in paragraphs (3,4,5) of Article 15 of the Personal Data Protection Law, you agree to share your personal data with the relevant authorities, whether private or public entities, in accordance with the legal justification that authorizes the data requester to obtain it, taking all organizational, administrative and technical measures and controls before sharing them as stated in Article 19 of the Law, where your data may be available to government officials in exceptional circumstances in which this need should arise, however, it will never be available to the public without your prior consent.
Your personal data will only be disclosed in the following cases :
- If you consent to its disclosure in accordance with the provisions of the law.
- If your personal data is collected from a publicly available source.
- If the entity requesting the disclosure is a public entity, or for security purposes, or to adopt another system, or to fulfill judicial requirements in accordance with the provisions specified in the regulation.
- If the disclosure is necessary to protect the public interest, public safety, or the life or interest of a specific individual or individuals.
- If the disclosure will be limited to processing the data in a way that does not lead to the identification of the owner of the personal data or any other individual specifically. It will not be circulated, exchanged or sold to any third party without your prior consent.
We will not publish your personal information if any of the following conditions are met :
- Represents a threat to security, harms the reputation of the Kingdom of Saudi Arabia, or conflicts with its interests.
- Affects the Kingdom of Saudi Arabia relations with other countries.
- Prevents the detection of a crime or violates the rights of the accused to a fair trial or affects the integrity of existing criminal proceedings.
- Jeopardizes the safety of an individual or individuals.
- Violates the privacy of another individual who is not the owner of the personal data, as defined in the regulations.
- Conflicts with an incomplete or incapacitated interest.
- Violates applicable professional obligations.
- Involves a breach of an obligation, procedure or judgment of a court.
- Reveals a confidential source of information that should not be disclosed in the public interest.
Clause (11) : Retention Period and Destruction
Your personal data will be retained for as long as the purpose for which the data was collected is valid and as long as you have active services with us, and when the purpose of the personal data ends or upon your request, it will be immediately deleted in a secure manner that ensures that it cannot be recovered again taking into account other statutory, regulatory or other requirements applicable in the Kingdom of Saudi Arabia, without prejudice to the exceptions contained in Article 18 of the Personal Data Protection Law.
However, we may retain some data after the end of the purpose for which it was collected only in the following circumstances If there is a systematic justification for keeping it for a specific period of time, it must be destroyed at the end of that period or the end of the purpose of collection, whichever is longer.
If the personal data is relevant to a case before a judicial body and its retention is required for that purpose, in which case it will be destroyed after the judicial proceedings of the case are completed.
If you have unpaid invoices, intentionally or unintentionally cause legal issues directly related to the services provided by us, or violate the terms of service, it will be retained only to the extent that it allows to obtain any rights belonging to the company legally, or to the extent that it allows us to refuse to provide the service in the future or until the legal dispute is over.
Clause (12) : Rights of the Personal Data Subject
According to Article 4 of the Personal Data Protection Law, you are guaranteed the following rights :
- The right to be informed : This includes informing you of the legal basis for collecting your personal data and the purpose of collecting it.
- The right to access your personal data available to us in accordance with the controls and procedures specified by the regulations.
- The right to request to receive your personal data available to us in a legible and clear format, in accordance with the controls and procedures specified by the regulations.
- The right to request that we correct, complete, or update your personal data.
- The right to request the destruction of your personal data that is no longer needed, without prejudice to the provisions of Article 18 of the Law.
To practice any of your rights contained in the Law, or in case of any modification or update of your personal data, you can contact us at the contact information below.
Please note that in accordance with clause (b) of paragraph (1) and paragraph (2) of Article 9 of the Law, your right referred to above may be restricted by not allowing you to access your personal data.
Clause (13) : Changes to the Privacy Policy
You should continuously check the Privacy Policy, which may change at any time. Updates will be posted on the Privacy Policy page with an indication of the most recent update. Dimensions of Information for Trading Corporation reserves the right to modify this Privacy Policy as necessary, and any modification to the terms and conditions will become effective immediately upon adoption without any obligation to announce it.
The policy was last updated on 11/3/2024
Clause (14) : Contact Us
For inquiries about our privacy policy, complaints and requests regarding the privacy and protection of your personal data, including submitting a Data Subject Rights Request Form, you can contact our Data Governance and Management Office team, or our Personal Data Protection Officer at the following mailing addresses :
Personal Data Protection Team : [email protected]
Telephone number : +966-92-0031132
If you are not satisfied with our handling of your complaint or if we do not respond within 30 days, you can file a complaint with the Saudi Data and Artificial Intelligence Authority (SDAIA), regarding complaints about your personal data :
Saudi Data and Artificial Intelligence Authority Address Al Nakheel Neighborhood - Digital City
Building code : 1003-B001
Kingdom of Saudi Arabia - Riyadh - 12382
Website : https://sdaia.gov.sa
National Data Governance Platform : https://dgp.sdaia.gov.sa