Personal information

Information provided by the client (such as: name, e-mail, mobile phone number, date of birth, nationality, gender, income, place of work, etc.).

Sensitive data

Sensitive data is information whose penetration may result in harm to an individual or organization. This includes, but is not limited to, personally identifiable information (PII), financial information, health information, and any data that requires special protection under applicable laws and regulations.

Financial information

Information provided by the customer when paying electronically for services or products (such as credit card information, account details) for the purpose of verifying and executing the payment process for any of the Experia services or products.

Purposes of data use

• Enable us to provide the right products and services to the customer
• To verify the identity of the user when ordering services
• To send the latest offers of Experia products and services to customers؛
• To develop services and products offered to customers
• Communicate with customers and resolve and address queries or complaints
• * To meet legal and regulatory requirements.
• Our use of Google Workspace APIs is to facilitate user actions. We emphasize that Google Workspace APIs are not used for the development, optimization or training of general/non-customized artificial intelligence and/or machine learning models.

Data protection mechanisms

We implement industry standard security measures to protect sensitive data from unauthorized access, disclosure, modification, or destruction. These measures include encryption, access controls, periodic security assessments, compliance with relevant data protection regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) among others.

Data processing procedures: we collect, process, store and transfer sensitive data in accordance with strict procedures designed to minimize risks and ensure data integrity. Sensitive data is stored in secure environments, access to which is limited only to authorized personnel. We adhere to the principles of data minimization, and we retain sensitive data only for as long as necessary to achieve the purposes for which it was collected.

User consent and control

We obtain explicit consent from users before collecting or processing sensitive data, and provide them with options to control their data-related preferences. Users can opt out of certain data processing activities or request the deletion of their sensitive data by contacting us through the available channels.

Sharing with third parties

We may share sensitive data with trusted third parties or partners for specific purposes described in this Privacy Policy. These third parties are contractually obliged to comply with similar data protection standards, and are prohibited from using sensitive data for any other purpose.

Data breach notification

In the event of a data breach involving sensitive data, we will notify the affected users and the relevant authorities immediately in accordance with applicable laws and regulations. We have put in place procedures to detect, respond to and mitigate data breaches, in order to limit the harm that may be caused to individuals and organizations.

In compliance with all relevant regulations and decisions that will protect user information and data, we retain the information for as long as we deem appropriate to achieve the purpose of collection.

The user has the right to access and view his personal data through the website, and he also has the right to update his personal information if it is incorrect, inaccurate or outdated.

We emphasize that the protection of personal data is a top priority, we are committed to taking all reasonable technical and organizational precautions to prevent the loss, misuse or misrepresentation of information, and we will store the collected information in secure servers. This information will only be disclosed as required by the laws and regulations in force in the kingdom of Saudi Arabia.

We undertake not to sell, share, trade, rent or disclose any information to any external third party except affiliated companies without the client's permission, and the third party is also obliged to maintain the confidentiality of information and access it to the extent necessary to provide services and products.