Saudi Unicorns | Privacy Policy

Last updated: 02/12/2024

Mohammed Bin Salman Foundation (“Misk,” “we,” the “Foundation”) is a non-profit organization that aims to encourage learning and develop leadership skills among youth for a better future in the Kingdom of Saudi Arabia. To achieve these goals, the Foundation focuses its efforts on empowering Saudi youth through the design of programs and the establishment of partnerships based on three main pillars: education and technology, culture and arts, and entrepreneurship.

The Foundation provides its services through its website (misk.org.sa) and the associated sub-sites (collectively referred to as the ‘website’), which includes all other pages found on the homepage of Misk.

The Foundation is committed to protecting your privacy and complying with the highest standards of data protection, as specified in the Personal Data Protection Law of the Kingdom of Saudi Arabia (“KSA PDPL”).

This Privacy Policy outlines all the information that helps you understand how we use your personal data, such as your name, email address, and other contact information, reflecting our commitment to your privacy and the protection of your personal data. It is important to note that this Privacy Policy applies to all data processing activities carried out by the Foundation concerning the data collected during your browsing of the Misk website.

What is your personal data?

Personal data is information that enables you to be identified. It includes things like your name, date of birth, and your email address. For example, your email address will identify you because no one else will have the same email address as you. These are just a few examples of what your data is.

What personal data of yours do we have?

We collect any information that relates to an identified or identifiable individual, such as names, contact details, identification numbers, or online identifiers.

What Personal Data Do We Collect?

We collect various types of personal data to provide and improve our services, including but not limited to:


Identity Information:


  • Full name

  • Father’s name

  • Grandfather’s name

  • Gender

  • Nationality

Contact Information:


  • Residential address

  • Email address

  • Phone number


  • Demographic Information:


    • Date of birth

    • Country of residence


    Educational Background:


    • Educational history

    • Details of qualifications and certificates


    Employment History:


    • Previous and current employment details (if applicable)


    Personal Attributes:


    • Skills

    • Personal interests and hobbies


    Digital Presence:


    • Social media accounts


    Other Identifiable Information:


    • Personal photographs

    • Curriculum Vitae (CV)

    • Any other data that can directly or indirectly identify you.

How do we get your personal data?

We have this personal information because:


  • You may have provided it to us when you visited our website and created an account with us;

  • You may provide us with personal information when using our services or considering using our services;

  • You may have visited our website with cookies and other website tracking tools enabled;

  • You have made the information publicly available on social media websites where you have indicated that we can collect this information. You can control how much of your information social media websites make public by visiting these websites and changing your privacy settings;

  • We may have received it from third parties and/or governmental platforms or websites that provide services to us. [For example, when you submit your email address to show an interest in using our services, we receive information from a third party that provides us with automated fraud detection services.]

What do we use your data for?

We use your data so that we can do the following:


Purpose we use your data for

  • To provide you with our services.

  • To improve our website and service offerings.

  • To enhance our customer service.

  • To administer contests, promotions, surveys, or other site features.

  • To send you periodic emails on various subjects, including marketing and advertisements.

  • To ensure legal and regulatory compliance

Applicable good reasons

  • It is in our legitimate interests to provide you with our services.
    We are required to do so by our terms and conditions.

  • It is in our legitimate interests to improve our website and service offerings.

  • It is in our legitimate interests to enhance our customer service.

  • It is in our legitimate interests to offer these services to you.
    We are required to do so by our terms and conditions.

  • We will only send you such emails if you consent to receive them.

  • To meet legal obligations, such as tax reporting or responding to law enforcement requests.

Will we send you adverts and marketing materials?

We will only send you adverts and marketing materials when you have said we can do so. This will include adverts and promotions from our contest sponsors and promotional marketing partners that we think may be of interest to you.


However, if you say yes and later change your mind, you can ask that we stop sending you adverts and marketing materials. Should you change your mind, the email containing the advertisement will include an ‘Unsubscribe’ button so that you can cease receiving such data. Furthermore, you can also email us and ask us to stop sending you adverts at the email address contained at the bottom of this policy.


We Won’t Do Anything We’re Not Allowed to Do with Your Data


We will always be transparent with you about how we use your data and explain why we use it.


Our Use of Cookies and Similar Tools


A cookie is a small piece of technology stored on your computer, tablet, or phone whenever you visit a website. We use cookies on our website.


We use the following types of cookies on our website:

  • Strictly Necessary Cookies: These cookies are essential for the operation of our website and services. Without them, you would not be able to visit our website or use our services.

  • Performance Cookies: These cookies provide us with information on how our website is performing.

  • Functionality Cookies: These cookies allow our website to remember your preferences, such as language settings.

  • Advertising Cookies: These cookies are used to display relevant advertisements and promotions. We will only use third-party cookies with your consent. You can adjust your device settings to disable advertising cookies.

We use cookies for various purposes, including:

  • Providing our services

  • Identifying areas of our website that you visit

  • Enhancing the website experience

  • Measuring website popularity

  • Marketing our products and services to you

Why is it important to protect personal data?

Protecting personal data is essential. We do not want other people or companies to see your data if you do not want them to. We treat your data as being equally important to you and we protect your personal data and aim to preserve your individual rights, prevent harm, and ensure ethical handling of your information.

How We Protect Your Personal Data?

We have a range of tools and features in place that will help keep your data secure. This includes physical, electronic, and administrative procedures to ensure that your data is safeguarded. We will obtain clear and explicit consent from you before collecting, using, or sharing personal data, except where legal exemptions apply. We use the personal data necessary for the intended purpose, and only for legitimate reasons. We will implement appropriate technical and organizational measures to protect personal data from unauthorized access, use, disclosure, or loss. This may include encryption, access control, and regular security audits as per the PDPL.


We do things to make sure that other people can’t see your data without your permission. We work hard to protect your data. It is one of the most important things we do. Only you should know your password with us. Make sure that nobody else knows it. Check that no one can see your password when you type it.


We will do our best to protect your data. We’ll always do what the law says we must do to keep your data safe. Unfortunately, even where we do our best, information on the Internet can never be totally safe. For these reasons, we cannot promise that your data will always be safe. If someone breaks into our office, our computers, or our databases and gets hold of your data, we will let you know where the law tells us to. We’ll always do our best to help you with any relevant problems.


Disclosure of Your Information


We are dedicated to safeguarding your personal information. We will not sell, rent, or share your data with third parties without your explicit consent, except as necessary for the purposes of this challenge. Disclosure of your personal information may occur if required by law or in response to a valid legal request, as permitted by the PDPL.


Sharing Your Data


We sometimes need to share your data with other people or companies. Here are some examples:


  • Business Transitions: In the event of an acquisition or merger involving our Foundation, we will notify you of any changes regarding your data.

  • Service Providers: We collaborate with reputable companies that assist us in running our operations and managing your account. For instance, we may share order details with fulfillment partners to ensure you receive your requested items.

  • Operational Support: Your data may be shared with third parties that help deliver our services, including those that host and maintain our IT infrastructure or process payments.

  • Legal and Compliance: We may share your information with professionals such as lawyers and accountants to ensure we adhere to legal standards.

  • Regulatory Compliance: We may disclose your data to government entities or regulators to demonstrate our commitment to compliance and accountability.

Data Transfer


We only share your data with other companies and people when we know they protect it in the same way that we do.


It is important that you know where we send your data. We will send it to people and companies that are in Saudi Arabia or other countries around the world. Whenever we do need to transfer your data, we will make sure that it is protected. In some circumstances, the law will dictate that we need to take extra steps to protect your data before we can do this. These steps may include:


  • Ensuring that the recipient agrees to comply with rules similar to those outlined in this privacy policy.

  • Agreeing to follow standards set by regulatory authorities.

  • Complying with mechanisms approved by a data protection regulator.

If You Are Under 18


We try our best to make sure that we are not collecting personal data from people who are under 18 years old. If you are under 18, please speak to your parents or guardians about using our services before signing up. We need to make sure that your parents or guardians are happy for us to collect your personal data before we can provide you with our services.


If you are a parent or guardian of someone under 18 who has provided us with personal data, please contact us at the email address contained at the end of this policy.


Know Your Rights


We will honor your rights where these are set out in the law. In some situations, the law might say that you can ask us lots of things about your data.


  • You can ask to see your data. This is known as requesting access to your data. You can also ask for a copy of this data.

  • You can ask us to correct your data. If you think we’ve got any of it wrong, we can fix it. You can also ask us to change your data if some of the information changes, such as if you get a new email address or mobile phone number.

  • You can ask us to stop using your data for certain reasons or ‘object’ to us using it. Even if you said it was okay for us to use your data in a certain way, if you change your mind, just let us know. We’ll let you know if we can stop using it. We’ll make sure we keep a note of your concerns even if we can’t stop using your data for the reason you asked.

  • You can ask us to destroy your data. We’ll do this as long as the law says we can.

  • You can ask us to stop using computers to make decisions about you. Sometimes a company can use a computer to make automatic decisions. You can ask us to make sure that a human is in charge of making important decisions about you.

Where the applicable laws allow you to ask, we might still be unable to do these things. For example, if you ask us to destroy all of your data, we can’t do that straight away. We must keep some of your data for three years from when you ask us to destroy it. This is because there are laws that tell us we have to do this to keep you safe. We will always explain to you if something like this happens. We’ll never consciously try to hide what we do with your data.


How Long We Can Keep Your Data


We need to keep your data while you use our products or services. However, we may need to keep your data for longer if the law says we have to. So even if you ask us to destroy your data, we may not be able to do that straight away.


When we no longer need your information, and the law says we do not need it, we delete it from our systems.

Will we ever change our privacy policy?

Sometimes, we are required to make changes to our privacy policy. This could be because the law changes or a new law is introduced which changes how we are required to handle data. The date this policy was last updated can be found at the beginning of the policy. We will also tell you whenever we are required to make changes to this policy.

How to contact us?

If you have any questions regarding your data, please email us at: [email protected]


By using the Saudi Unicorns website, you acknowledge that you have read, understood, and agreed to this privacy policy and consent to the collection, use, and disclosure of your personal information as described herein.


Complaint or Objection Filing Method


If you have any concerns or believe we are not complying with the Personal Data Protection Law, you may file a complaint with the Data Protection Officer (DPO) at: [email protected].


If you are dissatisfied with how we process your complaint or if we fail to respond within 30 days, you may escalate your complaint to the Competent Authority, which is the Saudi Data and AI Authority (SDAIA).


SDAIA Address
Kingdom of Saudi Arabia
Riyadh
Website
Saudi Data & AI Authority (sdaia.gov.sa) National Data Governance Platform “DGP” (dgp.sdaia.gov.sa)