Document

Privacy Policy

Version 2.0 — April 8, 2026

1. Introduction

AzizWares is committed to protecting your personal data per the Saudi Personal Data Protection Law (PDPL), Royal Decree M/19 dated 9/2/1443 AH, amended by Royal Decree M/148.

Data Controller: AzizWares, CR 7053925942, [email protected]

2. Legal Basis

We process your data based on:

  • Contractual necessity (service agreement execution)
  • Consent (newsletter subscriptions)
  • Legal obligation (billing records per ZATCA)

3. Data We Collect

3.1 Direct Data

Personal data we collect and the purpose for which it is used.
DataPurpose
Name & contact infoProject delivery & communication
Business info (company, CR)Contracts & invoicing
Project details & requirementsDelivering agreed services
Payment info (billing only)Invoicing & payment processing
Email (newsletter)Monthly newsletter (with consent)

3.2 Automatic Data

Basic browsing data when visiting our site. No advertising cookies. No third-party tracking tools.

4. Usage

We use your data only for: delivering services, invoicing, project communication, newsletter (with consent), improving services, and regulatory compliance. No other purpose.

5. Sharing

We do not sell your data. No third-party marketing sharing. We share only with:

  • Payment providers (for processing transactions)
  • Competent authorities, as required by law
  • Anyone you explicitly consent to

6. Protection

HTTPS/TLS encryption, secure self-hosted infrastructure, daily backups, 2FA, least privilege access principle, and no sensitive payment data stored on our systems.

7. Your Rights

Per the PDPL, you have the right to:

PDPL data subject rights and what each entitles you to.
RightDetails
AccessRequest a copy of your data held by us
CorrectionRequest correction of inaccurate data
DeletionRequest deletion (subject to legal obligations)
ObjectionObject to processing in certain circumstances
Withdraw consentWithdraw consent at any time

To exercise your rights, contact [email protected] — we respond within 30 days.

8. Retention

  • Project data: contractual period + legal requirement
  • Billing records: per ZATCA requirements
  • Newsletter: deleted on unsubscribe
  • Browsing data: max 90 days

9. Data Breaches

If a breach affects your privacy, we notify SDAIA and notify you of the breach nature, impact, and actions taken.

10. Supervisory Authority

Saudi Data and Artificial Intelligence Authority (SDAIA) — sdaia.gov.sa

11. Contact

[email protected] · azizwares.sa

النسخة العربية

← Back to home