Personal Data Protection Policy
Introduction
Inclusive Financial Solutions Company is committed to protecting your personal data and ensuring the privacy of your data in accordance with applicable laws and regulations, including the Personal Data Protection Law in the Kingdom of Saudi Arabia. This policy explains the types of data we collect, the reasons for collecting it, how it is used, and your rights as a data subject.
1. Scope
The Personal Data Protection Policy applies to all users of the services and platforms of Inclusive Financial Solutions Company, including individuals who access the website, mobile applications, or use its services.
2. Personal Data Protection Principles
Principle 1 – ResponsibilityThe privacy policy of the controller shall be defined, documented, and approved by the entity's top official (or their designee) and published to all parties concerned with its implementation.
Principle 2 – TransparencyA notice on the controller's privacy policy and procedures must be prepared, specifying the purpose for which personal data was processed, clearly and explicitly.
Principle 3 – Choice and ConsentAll possible options must be presented to the data subject and consent (explicit or implicit) must be obtained regarding the collection, use, or disclosure of their data.
Principle 4 – Limiting Data CollectionThe collection of personal data should be limited to the minimum amount necessary to achieve the purposes specified in the privacy notice.
Principle 5 – Limiting the Use, Retention, and Disposal of DataPersonal data processing shall be restricted to the purposes specified in the privacy notice and for which the data subject has given his implicit or explicit consent, and shall be retained as long as necessary to achieve the specified purposes or as required by the applicable laws, regulations, and policies in the Kingdom, and destroyed in a secure manner that prevents leakage, loss, embezzlement, misuse, or unauthorized access.
Principle 6 – Data AccessThe methods shall be identified and provided to enable the data subject to access, review, update, and correct their personal data.
Principle 7 – Limiting Disclosure of DataThe disclosure of personal data shall be restricted to the parties specified in the privacy notice, for which the data subject has given their explicit and implicit consent.
Principle 8 – Data SecurityPersonal data shall be protected from breach, damage, loss, theft, misuse, modification, or unauthorized access, in accordance with the regulations issued by the National Cybersecurity Authority and other relevant authorities.
Principle 9 – Data QualityPersonal data shall be kept accurate, complete, and directly relevant to the specified purposes.
Principle 10 – Monitoring and ComplianceCompliance with the controller's privacy policies and procedures shall be monitored, handling inquiries, complaints, and disputes related to privacy.
3. The data we collect
We collect and process various types of personal data to provide and improve our services:
1.Personal Information:
Account Data: Entity Name, Entity Type, Business Activity Type, Sector Type, Trade Name, National Address.
Identity Verification Data: Copy of National ID or Passport, or any other documents required for regulatory compliance (Commercial Registration, License, etc.).
Bank Account Data: Account Name, Bank Name, Account Number, Bank Certificate.
Owners' Data
2.Contact information:
Information provided when you communicate with customer support via chat, phone calls, or email.
3.Technical data:
Cookies and similar technologies to improve website functionality and analyze performance.
4. Processing Your Data
The company is committed to not processing personal data or changing the purpose of processing it without the explicit consent of the data subject in accordance with Article (5) of the Personal Data Protection Law for specific purposes including:
Facilitating financial transactions, including payment processing.
Ensuring compliance with legal and regulatory obligations, such as anti-fraud measures and Know Your Customer (KYC) requirements.
Enhancing the user experience through data analysis and service personalization.
Communicating with you regarding service updates or important notifications.
Handling support inquiries or resolving disputes.
5. Sharing Your Data
Inclusive Financial Solutions will not sell or share your personal data for marketing purposes without your explicit consent. Your data may be shared with:
Service Providers: Third-party companies that help provide our services, such as payment processors and cloud storage providers.
Regulators: To comply with legal obligations or upon formal requests.
Business Partners: When needed to complete financial transactions or provide related services.
6. Protecting Your Data
We implement strong security measures to protect your data, including:
Encrypting sensitive information in transit.
Restricting access to data as needed.
Conducting regular security reviews and updates.
In the event of a data breach, affected users will be notified immediately in accordance with applicable regulations.
7. Data Retention
The company retains your personal data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal and regulatory obligations.
8. Your Rights
Under the Personal Data Protection Regulation, you have the following rights:
Access:Request a copy of the personal data we hold about you.
Correction:Request the correction of inaccurate or incomplete data.
Destruction:Request to destroy your data, unless there are legal obligations preventing it.
Objection:Object to specific data processing activities.
Withdrawal of Consent:Withdraw your consent to your data processing (if applicable).
Halt of Marketing and Awareness Content:Request to unsubscribe from receiving marketing and awareness materials without affecting the essential services provided to you.
To exercise your rights, please contact us via email Care@gopay.sa.
9. International Data Transfer
The company primarily stores the data within the Kingdom of Saudi Arabia, and it is not transferred or processed outside the Kingdom.
10. Policy Updates
This Privacy Policy may be updated periodically to reflect changes in our practices or compliance requirements. The updated version will be available on our website, and you will be notified of any significant updates.
Effective Date: January 7, 2025
11. Contact Us
If you have any inquiries regarding this Privacy Policy or your data:
Email:Care@gopay.sa
Phone:8001180024
Location:Modern Business Ltd., Al Mathar Ash Shamali, Riyadh, KSA
We commit to protecting your privacy all the time. We appreciate your trust.