Privacy Policy

It is the unprotected or confidential public information that the portal processes regardless of its source, form, or nature - open data falls under public information .

Agreement on the Privacy Policy

Using the Open Data Portal means, you accept the privacy policy, and regulations and conditions that control the Portal. If you do not agree on this policy, you should not use any of Data.gov.sa services.

Users Data Collection

Once you visit Data.gov.sa, our servers automatically gather your IP address (The IP address is the number associated with your computer, and it allows other computers connected to the Internet to identify the source of data, in addition to collecting information about the user's browser and search engine, and the date and time of visiting the URL that transfer the user to Data.gov.sa, but without identifying the user.)

Links to Other Websites and Online Third Parties

The privacy policy applies to the Open Data Portal (Data.gov.sa) only. When transferring to another website through (Data.gov.sa), you should carefully read their privacy policy to know how information security and privacy procedures are followed there.

Types of Collected Data
  1. Cookie Files

We may save Cookie Files on your computer when you first visit our portal. Cookie files are a kind of data that helps specify you as a user. It can be used to enhance your use of the portal and to better understand your need.
Most browsers accept cookies as a default. You can reset your browser to not accept all cookies, or to notify you before. Be aware that we may/may not link information saved within the cookies with any identifying information entered through the portal.

  1. Personal Information

The personal data we collect from you will include: your nameو your email address, and your organization Data.gov.sa commit to the main principles and general rules of the protecting of personal data, in addition to the main principles and general rules of data sharing.

The Purpose of Collecting Data

Using the IP address helps us solve any problems arising on our servers, including statistics about the utilization of the portal. We never permit any party, other than the technical team of the Data.gov.sa portal, to know your IP address.

Secure Information Transmission

We assure all users that this portal relies on the highest security standards to protect their information. We work diligently on encrypting information regarded as, in addition to any data that should be kept confidential, pursuant to legal requirements.

Protecting Personal Information

We are committed to doing all that we can to keep your data secure. To prevent unauthorized access or disclosure we have put in place technical and organizational procedures to secure the data we collect about you.
We protect your data using varying levels of encryption. We also make sure that any third parties that we deal with have an obligation to keep all personal data they process on our behalf secure. Our technical staff is only permitted to handle this data to provide such services of Data.gov.sa portal as are consistent with your needs. There is Freedom of Information and Protection of Private Data Law under review by the Advisory Shura Council.

User’s Right

Any user, who has previously provided us with personal information, has the full right to:

  • - Access to the information.
  • - Obtain the information.
  • - Correct or modify the information.
  • - Withdraw the agreement and delete the information.
Contact Us

If you have any questions about our privacy policy, need help, or lodge a complaint, please let us know through:

The Privacy Policy Updates

Data.gov.sa has the right to update and change its privacy policy at any time as needed. To check the last update, please click the update date at the bottom of this page.

Additional Information

The privacy policy on Data.gov.sa portal is governed by the following main principles issued by Saudi Data and Artificial Intelligence Authority (SDAIA):

The Main Principles of Personal Information Protection
  • First: Responsibility

That the privacy policies and procedures of the control authority are defined, documented, and approved by the entity’s primary administrator (or whoever he delegates), and published to all parties concerned with their application.

  • Second: Transparency

That a notification about the policies and procedures related to the control authority is prepared to indicate the purposes of processing the personal information in a specific, clear and explicit manner.

  • Third: Choice and Consent

That all possible options are determined for the owner of the personal information, and obtain his consent (implicit or explicit) regarding the collection, use or disclosure of his data.

  • Fourth: Limit Data Collection

That the collection of personal data be limited to the minimum amount of data that fulfil the purposes specified in the privacy notice.

  • Fifth: Limit Data Use, Retention, and Disposal

That the processing of personal data be restricted to the purposes specified in the privacy notice for which the data subject gave his implicit or explicit consent, and to keep it as long as necessary to fulfil the specified purposes or as required by the laws, regulations and policies in force in the Kingdom, and to destroy them in a safe manner that prevents leakage or loss, misappropriation, misuse, or unauthorized access of a system.

  • Sixth: Access to the Data

That the means by which the data owner can access his personal data for review, update and correction are identified and provided.

  • The seventh: limiting Data Disclosure

That the disclosure of personal data to external parties is restricted to the purposes specified in the privacy notice for which the data subject gave his implicit or explicit consent.

  • Eighth: Data Security

That personal data be protected from leakage, damage, loss, misappropriation, misuse, modification, or unauthorized access according to what is issued by the National Cybersecurity Authority and the competent authorities.

  • Ninth: Data Quality

That the personal data is saved accurate, complete, and directly related to the purposes specified in the privacy notice.

  • Tenth: Monitoring and Compliance

To monitor the application of privacy policy and procedures of the control authority, and to address inquiries, complaints and disputes related to privacy.

The Main Principles and General Rules for Sharing Data
  • - We provide publishable data from the right sources and guarantee that it is not duplicated or conflict with any other data.
  • - We provide data for practical justified goals, aiming to achieve public interests without causing any harm to the entities 'activities, individual's' privacy, or environmental safety.
  • - The access to data by properly qualified and trained persons.
  • - All necessary information for data exchange shall be shared, including the required data, the purpose of collecting it, means of its transmission, methods of preservation, controls used to protect it, and the mechanism of disposal.
  • - The security controls stipulated in the data sharing agreement are applied.
  • - Appropriate security controls are applied to protect and share data in a secure and reliable environment, according to the relevant laws and regulations.
  • - Ethical practices are applied during the data sharing process to ensure that its use in a framework of fairness, integrity, honesty and respect.
You can read more about the policies and principles on the following links

National Data Governance Interim Regulations

The main principles and general rules for protecting personal data

The main principles and general rules for data sharing

Related regulations

Electronic Transactions Law

The Anti-Cyber Crime Law

Cybersecurity controls and guidelines

vote: 
Average: 1 (2 votes)

Comments

No result available!