GoPay Personal Data Protection Policy
Introduction
Inclusive Financial Solutions Company is committed to protecting your personal information and ensuring the privacy of your data in accordance with applicable laws and regulations, including the Personal Data Protection System in the Kingdom of Saudi Arabia. This policy clarifies the types of data we collect, the reasons for collecting it, how it is used, and your rights as a data subject.
1. Scope
This Personal Data Protection Policy applies to all users of Inclusive Financial Solutions Company's services and platforms, including individuals who access the website, mobile applications, or use its services.
2. Personal Data Protection Principles
Principle One - AccountabilityThe privacy policy of the controlling entity must be defined and documented, approved by the entity's chief executive (or their delegate), and published to all parties involved in its implementation.
Principle Two - TransparencyA notice regarding the privacy policy and procedures of the controlling entity must be prepared, clearly and explicitly stating the specific purposes for which personal data is processed.
Principle Three - Choice and ConsentAll possible options for the personal data subject must be identified, and consent (express or implicit) obtained regarding the collection, use, or disclosure of their data.
Principle Four - Data Collection LimitationThe collection of personal data should be limited to the minimum necessary to achieve the purposes specified in the privacy notice.
Principle Five - Limitation of Data Use, Retention, and DisposalThe processing of personal data must be restricted to the purposes specified in the privacy notice for which the data subject gave their implicit or explicit consent, and it must be retained only as long as necessary to achieve the specified purposes or as required by applicable laws, regulations, and policies in the Kingdom, and disposed of in a secure manner that prevents leakage, loss, embezzlement, misuse, or unauthorized access.
Principle Six - Data AccessMeans must be identified and provided for data subjects to access their personal data for review, updating, and correction.
Principle Seven - Limitation of Data DisclosureData disclosure must be limited to parties specified in the privacy notice for which the data subject gave consent.
Principle Eight - Data SecurityPersonal data must be protected from leakage, damage, loss, embezzlement, misuse, modification, or unauthorized access, in accordance with National Cybersecurity Authority guidelines.
Principle Nine - Data QualityPersonal data must be kept accurate, complete, and directly relevant to the specified purposes.
Principle Ten - Monitoring and ComplianceCompliance with privacy policies and procedures must be monitored, and inquiries, complaints, and privacy-related disputes must be handled.
3. Data We Collect
We collect and process various types of personal data to provide and improve our services:
1.Personal Information
Account data: Establishment name, establishment type, activity type, sector type, commercial name, national address.
Identity verification data: Copy of national ID, or passport, or any other documents necessary for regulatory compliance (commercial registration, license, etc.).
Bank account data: Name in bank, bank name, account number, bank certificate
Owner data
2.Contact Data:
Information provided during your communication with customer support via chats, phone calls, or email.
3.Technical Data:
Cookies and similar technologies to improve website functionality and analyze performance.
4. Processing Your Data
The company is committed to not processing personal data or changing the purpose of its processing except after the explicit consent of its owner in accordance with Article (5) of the Personal Data Protection System for specific purposes, which include:
Facilitating financial operations, including processing payments.
Ensuring compliance with legal and regulatory obligations, such as anti-fraud measures and Know Your Customer (KYC) requirements.
Improving the user experience through data analysis and service personalization.
Communicating with you regarding service updates or important notices.
Handling support inquiries or resolving disputes.
5. Sharing Your Data
Inclusive Financial Solutions Company does not sell your personal data or share it for marketing purposes without your explicit consent. Your data may be shared with:
Service providers: External companies that help provide our services, such as payment processors and cloud storage providers.
Regulatory bodies: To comply with legal obligations or based on official requests.
Business partners: When needed to complete financial transactions or provide related services.
6. Protecting Your Data
We implement strong security measures to protect your data, including:
Encrypting sensitive information during transmission.
Restricting data access based on need.
Conducting regular security reviews and updates.
In the event of a data breach, affected users will be immediately notified in line with applicable regulations.
7. Data Retention
The company retains your personal data only as long as necessary to achieve the purposes outlined in this policy or to comply with legal and regulatory obligations.
8. Your Rights
Under the Personal Data Protection System, you have the following rights:
Access:Request a copy of the personal data we hold about you.
Correction:Request correction of inaccurate or incomplete data.
Deletion:Request deletion of your data, unless there are legal obligations preventing this.
Objection:Object to certain processing activities.
Withdraw Consent:Revoke your consent to the processing of your data (where possible).
Stop marketing and awareness content:Request to unsubscribe from receiving marketing and awareness materials without affecting the core services provided.
To exercise your rights, please contact us via email at Care@gopay.sa.
9. International Data Transfer
The company primarily stores data within the Kingdom of Saudi Arabia, and it is not transferred or processed outside the Kingdom.
10. Policy Updates
This Privacy Policy may be updated periodically to reflect changes in our practices or compliance requirements. The updated version will be available on our website, and you will be contacted regarding important updates.
Effective Date: January 7, 2025
11. Contact Us
If you have any inquiries regarding this privacy policy or your data:
Email:Care@gopay.sa
Phone:8001180024
Address:Sultan Business Center, Al Ma'athar Al Shamali, Riyadh, Kingdom of Saudi Arabia.
We value your trust and are committed to protecting your privacy at all times.