1. Overview

Baitshook processes personal data in accordance with the Personal Data Protection Law (PDPL) of the Kingdom of Saudi Arabia.

This statement outlines how personal data is collected, processed, and protected in alignment with applicable regulatory requirements.

 

2. Scope of Application

This statement applies to all personal data processed by Baitshook within the Kingdom of Saudi Arabia, or in connection with its services and operations.

 

3. Data Protection Approach

Baitshook follows a structured data protection framework aligned with:

• The Personal Data Protection Law (PDPL)
• Applicable regulatory requirements in the Kingdom of Saudi Arabia
• Industry best practices for data security and governance

Personal data is handled in accordance with key principles, including:

• Lawful and fair processing
• Purpose limitation
• Data minimization
• Accuracy of data
• Confidentiality and security

 

4. Data Collection and Use

Personal data may be collected and processed for purposes including:

• Service delivery and platform operation
• Communication and customer support
• System monitoring and performance optimization
• Security and fraud prevention
• Compliance with legal and regulatory obligations

 

5. Data Subject Rights

In accordance with PDPL, individuals have the right to:

• Be informed of data collection
• Access personal data
• Request correction of inaccurate data
• Request destruction of personal data where applicable
• Withdraw consent where processing is based on consent

Requests are handled in accordance with applicable legal requirements.

 

6. Data Security

Baitshook implements appropriate technical and organizational measures to protect personal data, including:

• Encryption of data in transit and at rest
• Access control and authentication mechanisms
• Monitoring and security controls
• Secure system design and operational practices

 

7. Data Sharing

Personal data is not sold or disclosed except where necessary for:

• Service delivery
• Compliance with legal obligations
• Protection of rights, security, and operations

 

8. Data Retention

Personal data is retained only for as long as necessary to fulfill the purpose for which it was collected or as required by applicable law.

 

9. Changes to This Statement

This statement may be updated to reflect changes in regulatory, legal, or operational requirements.

 

10. Contact

For inquiries related to personal data protection or PDPL compliance, please contact us.