Privacy Policy

THE SOCIETY FOR ORPHAN CARE ENSAN

1. Introduction

THE SOCIETY FOR ORPHAN CARE ENSAN (hereinafter referred to as "the Society") is committed to protecting the privacy of personal data for beneficiaries, donors, employees, and all users of its digital systems. In compliance with the applicable laws of the Kingdom of Saudi Arabia, especially the Personal Data Protection Law (PDPL), the Society ensures full confidentiality of information and guarantees that personal data will only be used for authorized purposes as outlined in this policy.

This Privacy Policy forms an integral part of the terms of use for the Society's electronic systems, including online portals, mobile applications, donation platforms, and digital services.

2. Definition of User Data

User Data refers to any data collected from users, including but not limited to:

  • Personal Information: Name, national ID, mobile number, email, gender, date of birth.
  • Beneficiary Information: Family status, number of family members, educational status, income, housing data.
  • Donation and Financial Data: Donation amounts, dates, payment methods, and beneficiaries.
  • Technical Data: IP address, device type, browser, operating system, and connection information.

3. Data Collection and Storage

  • Data Collection: Data is collected when users register, submit applications, fill forms, or interact with the Society’s support teams.
  • Data Storage: Data is securely stored on servers located within the Kingdom of Saudi Arabia. Technical and organizational measures are implemented to prevent unauthorized access or data leakage.
  • Retention Period: Data is retained only as long as necessary to achieve the purposes for which it was collected or as required by applicable laws and regulations.
  • Data Disposal: Once data is no longer needed, it will be securely deleted to prevent recovery or misuse.

4. Data Usage and Disclosure

User data is used for the following purposes:

  • To provide services to beneficiaries and donors according to authorized permissions.
  • For internal operations, statistical reports, and research studies.
  • To communicate with users through official messages or notifications.
  • To improve digital systems and services, enhancing operational efficiency.

Data may be disclosed only in the following cases:

  • With the explicit consent of the data owner.
  • When required by law or regulatory authorities in the Kingdom.
  • To officially authorized charitable or governmental partners, provided full compliance with data protection measures.

5. Data Security

The Society implements the highest security standards to protect user data, including:

  • Encryption of sensitive data during storage and transmission.
  • Restricting access to authorized personnel only.
  • Regular security assessments of digital systems.
  • Backup and recovery procedures to prevent data loss.

6. User Responsibilities

Users are expected to:

  • Keep their login credentials confidential and not share them with others.
  • Report any suspected unauthorized access immediately.
  • Avoid submitting personal data through unofficial or unsecured channels.
  • Use trusted devices and networks when interacting with the Society’s systems.

7. External Links

The Society’s digital platforms may contain links to external websites or systems. The Society is not responsible for the privacy practices or content of these external websites.

8. Policy Updates

The Society reserves the right to modify or update this Privacy Policy at any time to comply with laws or operational changes. Users will be notified of significant updates through official channels. Continued use of the services after the policy update constitutes acceptance of the revised policy.

9. Supervisory Authority and Applicable Laws

This policy is subject to oversight by the Saudi Data and Artificial Intelligence Authority (SDAIA).
The Society complies with all relevant data protection laws and regulations in the Kingdom of Saudi Arabia. Any disputes or interpretations of this policy fall under the jurisdiction of competent authorities within the Kingdom.