Home Privacy policy

Privacy policy

Privacy policy

Privacy policy

Privacy Policy 

The Saudi Authority for Accredited Valuers ("the Authority") is committed to the privacy and confidentiality of personal data of users of its website ("the site") and its digital platforms and mobile applications dedicated to providing the Authority's services. Protecting this privacy is a top priority in accordance with the provisions outlined in the Personal Data Protection Law issued by Royal Decree No. (M/19) dated 9/2/1443 AH and its executive regulations ("the Law"). 

This privacy policy aims to inform you about the general rules regarding the processing of personal data, your rights as a data subject, the mechanism for exercising your rights, the personal data collected, the methods of data collection, the purposes for which your personal data is used, and the legal grounds for collecting and processing your personal data. 

The Authority does not collect your personal data when you visit the site and digital platforms unless you knowingly and voluntarily choose to provide this data. The Authority uses your personal data to achieve the purpose of its processing, such as obtaining information or providing services in accordance with the Authority’s activities. By using the Authority's site and associated platforms and applications, you acknowledge that you have read and agreed to the privacy policy and any ongoing amendments as needed based on the nature of the work. 

The Authority takes appropriate and suitable measures to securely maintain the personal data it holds, ensuring protection against loss, unauthorized access, misuse, modification, and unauthorized disclosure. Key measures in place include, but are not limited to: 

  • Strict procedures and measures to protect information and technology security to prevent fraud and unauthorized access to our systems. 
  • Regular updates of protection procedures and controls according to the best standard practices. 
  • Training and qualifying employees on respecting the confidentiality of personal data. 
  • Collecting the minimum amount of personal data necessary to serve its purpose. 
  • Applying a high level of data protection in accordance with the requirements of the National Cybersecurity Authority, including encrypting data and protecting it from leakage, loss, misuse, or any unauthorized access or updates. 

Visitors to the site and beneficiaries of the Authority’s services should continuously review the terms and principles of privacy and confidentiality to be aware of any updates. It is noted that the management of the site and its associated platforms and applications is not obliged to announce any updates made to these terms and principles. 

The Authority is not liable under any circumstances for any direct, indirect, incidental, consequential, special, or exemplary damages arising from the use or inability to use the site and its associated platforms and applications. This privacy policy is an integral part of the terms and conditions for using the site and all associated platforms and applications and the direct services available on the site. 

Shape 

First: Definitions 

Personal Data: Any statement—regardless of its source or form—that can lead to identifying an individual or makes it possible to identify them directly or indirectly, including but not limited to: name, personal identification number, addresses, contact numbers, license and registration numbers, personal property numbers, bank account and credit card numbers, and static or moving images of the individual, as well as other personal data. 

Data Subject: The individual to whom the personal data relates. 

Legal Grounds: The legal basis upon which the Authority relies in its activities that require the collection and processing of personal data. 

Data Processing: Any operation performed on data by any means, manual or automated, including collection, recording, storage, indexing, arrangement, coordination, storage, modification, updating, merging, retrieval, use, disclosure, transfer, publication, sharing, linking, blocking, erasure, and destruction. 

Second: Purpose and Legal Grounds for Collecting Personal Data 

The Authority's need to collect, process, and store personal data is ongoing to fulfill its duties and obligations outlined in its regulations issued by Royal Decree No. (M/43) dated 09/07/1433 AH, including establishing the regulations and standards necessary for property valuation, economic entities, equipment, movable assets, etc., developing the valuation profession, and raising the level of its workers. 

Therefore, the data obtained by the Authority, according to its nature of work, is considered the Authority’s property to implement regulations and legislation related to the Authority's functions and enable other government entities in the Kingdom of Saudi Arabia to provide government services related to the Authority’s work. This necessitates that the Authority retains and processes and uses the data in accordance with its statutory powers without time constraints or the ability for the data subject to withdraw consent for data processing. 

The Authority collects and uses personal data for several purposes in compliance with relevant regulations and laws, including but not limited to: 

  • Providing training, membership, licensing, and all other services related to the Authority's activities. 
  • Sending notifications, messages, and educational materials to users and all stakeholders benefiting from the Authority's services. 
  • Managing, developing, and improving the services available to users and all stakeholders benefiting from the Authority’s services. 
  • Responding to requests, inquiries, or complaints. 
  • For research and analysis purposes. 
  • Monitoring and detecting violations of the terms of use as well as other potential abuses when using the site. 
  • Improving the site’s performance, software security, systems, and network. 
  • Authenticating user identity upon login. 

Legal Grounds for Collecting Your Personal Data: 

  • According to the legal bases deemed appropriate by the Authority. 
  • Achieving a public interest that does not contradict the rights of personal data subjects. 
  • Any of the competencies specified in the Authority's organization. 
  • Meeting legal or regulatory requirements. 
  • Executing an obligation in which the data subject is a party. 
  • Protecting vital interests or preventing vital harm. 
  • Protecting national security. 

The Authority may process personal data for additional purposes other than those for which it was collected, as needed and in accordance with the Law provisions. 

Third: Personal Data Collected by the Authority 

The Authority collects personal data from visitors to the site and users of its services and associated platforms and applications directly or indirectly, which includes the following: 

  1. Upon visiting the Authority's site, its server logs the user's Internet Protocol (IP) address, the date and time of the visit, and the URL address of any website from which you were referred to the site. 

Most websites place a small file on the visitor's hard drive (browser) upon visiting, called "Cookies." Cookies are text files that contain information allowing the website that placed them to retrieve them when needed during the user's next visit. The stored information may include: 

  • Remembering the username and password if available on the site. 
  • Saving the page settings if available on the site. 
  • Saving the colors chosen by the user if available on the site. 
  1. Personal data you provide to the Authority when benefiting from services, such as registering on the Authority's platforms and applications, or data you provide when creating your user profile or applying for a job or training. This includes, but is not limited to, name, personal identification number, address, contact numbers, email, educational qualifications, bank account and credit card numbers, and static or moving images of the individual, as well as other personal data. 
  2. Personal data and information exchanged through communication between the Authority and beneficiaries of the services, including requests for customer support services, inquiries, feedback, and complaints received from you. 
  3. Personal data received by the Authority from other sources, such as government entities and other entities that may provide the Authority with personal data necessary to provide its services or to meet any security or criminal requirements. 

By providing your personal data and information through the Authority's site and all associated electronic platforms and applications, you fully consent to the storage, processing, and use of that data by the Authority and government entities in the Kingdom of Saudi Arabia. You are also solely responsible for the accuracy and validity of the data you send through the Authority's site or its associated platforms and applications. 

Fourth: Disclosure of Personal Data 

The Authority has the right to disclose personal data collected directly or indirectly to the following entities: 

  • Other public entities to achieve public interest purposes, security purposes, implement another system, meet judicial requirements, protect public health or safety, protect the life of an individual or individuals, or protect their health. 
  • Data processors of the Authority to achieve a legitimate interest of the Authority without infringing on the rights of the personal data subject or conflicting with their interests. 
  • Any entities inside or outside the Kingdom of Saudi Arabia to implement any local or international agreements serving any legitimate interest of the Authority or any public interest without violating the Law provisions. 

Fifth: Retention of Personal Data 

The Authority safely stores your personal data at its headquarters within the Kingdom of Saudi Arabia or through secure solutions in cloud services. Personal data is retained indefinitely as stipulated in Section Two of this policy. 

Sixth: Disclaimer 

The site and services provided by the Authority are available for your personal use, and your access and use of these services are subject to the terms outlined in the privacy policy and the laws of the Kingdom of Saudi Arabia. Your access to and benefit from these services and the site constitutes unconditional acceptance of the terms of this policy. This acceptance takes effect from the date of your first use. 

Seventh: Links to Other Sites 

The Authority's site and associated platforms and applications may occasionally contain links to and from other sites that may not be affiliated with the Authority. If you follow any of these links to access those sites, you should review the privacy policies of those sites accessed through any link. The Authority is not responsible in any way for the methods of collecting, processing, and protecting personal data by those sites. 

Eighth: Rights of Personal Data Subjects 

The Authority makes the necessary efforts to provide high-quality services to all personal data subjects, ensuring their rights as outlined in the Law: 

  • Right to Know: Includes your knowledge of the legal justifications and legal basis or actual need for collecting your personal data. This privacy policy has been prepared to inform you and ensure your awareness of all your rights, controls, and purposes for which your personal data is collected. 
  • Right to Access Your Personal Data: Includes the ability to view and obtain a copy in a readable and clear format, in accordance with the Authority's powers to restrict access or set a specific period for exercising this right. 
  • Right to Request Correction of Your Personal Data: You have the right to request the Authority to correct, complete, or update your personal data while adhering to the provisions of this right in the Law. 
  • Right to Delete Your Personal Data: The data subject has the right to request the Authority to delete their personal data in accordance with the provisions of the Law. The Authority will take the appropriate decision after reviewing the request, and if the request is denied, it will be based on one of the following reasons:  
  • Compliance with a legal obligation. 
  • Protecting archiving purposes in the public interest. 
  • The personal data is related to financial or legal claims. 
  • Right to Withdraw Consent for Processing Your Personal Data: The data subject can exercise this right as stipulated in the Law and in a manner that does not conflict with the Authority's regulations and does not impede the implementation of the Authority's procedures. 

Unless otherwise stipulated by law, the data subject shall not be required to pay any fees for exercising these rights. In case a request is made to exercise any of these rights, the Authority will respond to the data subject within ten working days from receiving the complete request. 

For more details on processing your personal data and how to exercise your rights, you can contact the personal data protection officer at the Authority using the contact information provided in this policy. 

Ninth: Contacting the Personal Data Protection Officer at the Authority 

In accordance with the Law and without contradicting the Authority's regulations, we welcome all requests, inquiries, questions, and complaints regarding the privacy policy or the rights of data subjects by contacting the Data Management Office at the email: DMO@taqeem.gov.sa

Tenth: Related Laws and Policies 

The Authority has issued this privacy policy in compliance with the Personal Data Protection Law and its executive regulations, as well as policies and controls issued by the National Data Management Office and relevant laws in force in the Kingdom of Saudi Arabia. You can refer to the following links for more information: 

  • Personal Data Protection Law 
  • Executive Regulations of the Personal Data Protection Law 
  • Policies issued by the National Data Management Office 
  • Controls issued by the National Data Management Office 
  • Controls issued by the Cybersecurity Authority