Prince Sattam bin Abdulaziz University affirms its absolute commitment to protecting the privacy of users of its electronic platforms and safeguarding the confidentiality of personal data submitted through the University portal, smart device applications, surveys, registration forms, or any other approved means of communication. The University does not collect any personal data unless it is voluntarily provided by the user, nor does it use such data for any purpose inconsistent with the legitimate purpose for which it was collected, or for any use beyond the scope of service delivery or request processing.
Collection and Storage of Data
When using the electronic portal, the University may request personal data, including: name, address, email address, phone number, banking details, and other information that identifies the user. Demographic and usage data may also be collected, such as the sections visited, device and browser type, and Internet Protocol (IP) address, in order to improve services and provide an effective user experience.
All data is securely stored on the University’s protected servers, with information encryption and backup systems in place to preserve data integrity.
Information Security and Transmission Integrity
The University is committed to implementing the highest cybersecurity standards adopted in the Kingdom of Saudi Arabia to ensure the protection of data and electronic services available through the website. The University reserves the full right to take legal action and file claims against anyone who causes harm to the website, in accordance with the Anti-Cyber Crime Law and other relevant regulations.
Personal Data Collected
The data that may be collected includes, but is not limited to: name, national identification number, address, contact numbers, bank account and credit card numbers, still or moving images, employee numbers, university numbers, and any other data of a personal nature.
Purposes of Collecting Personal Data
Personal data is collected for purposes such as registration, request follow-up, and processing inquiries, suggestions, and complaints submitted by the user.
Failure to provide essential data may result in the inability to complete registration or access electronic services.
Protection of Personal Data
The University is committed to handling personal data with strict confidentiality and shall not access or process it except with the explicit consent of the data subject, or where there is a legal basis permitting disclosure in accordance with the regulations in force in the Kingdom.
Data Sharing and Disclosure
The University is committed not to disclose personal data except in the following cases:
- To trusted contracted parties performing specific tasks on behalf of the University, such as website hosting, analytics, or the provision of academic and administrative services.
- Where disclosure is required by law, or for the protection of public security, property rights, or personal safety.
Aggregated anonymized data may be shared with the University’s partners for statistical purposes and website usage analysis.
Methods of Data Collection
- Data provided directly by the user through registration channels or electronic requests.
- Data collected automatically through cookies during website use.
Personal Data Collection and Processing System
Data is collected and processed based on the consent of the data subject, who retains the right to withdraw such consent at any time, unless there is another lawful basis permitting continued processing. To request withdrawal of consent or for any inquiry related to personal data, users may contact the Data and Artificial Intelligence Office – The General Administration of IT.
Rights of the Personal Data Subject
The data subject or legal guardian has the right to:
- Know the reasons for data collection and its purpose.
- Access, correct, or update the data.
- Request the destruction of the data once it is no longer needed, in accordance with applicable regulations.
- Object to data processing in cases not permitted by law.
Data Retention and Disposal
Personal data is stored within the Kingdom of Saudi Arabia on the University’s servers in accordance with the highest national and international cybersecurity standards, ensuring protection against unauthorized access.
The data shall be destroyed five years after the date of storage using methods that ensure it cannot be recovered or accessed.
Geolocation
The user’s consent may be requested to share location data in order to benefit from certain digital services that require this feature.
Amendments to the Privacy Policy
The University reserves the right to amend or update this policy at any time without prior notice. The date of the latest update shown at the bottom of the page shall be the reference for the most current version.
Consent to the Privacy Policy
Use of Prince Sattam bin Abdulaziz University’s portal constitutes explicit acceptance of all the provisions and controls stated in this policy. If the user does not agree, the user should refrain from using the website’s services.
External Links
The University portal provides links to other websites in order to meet users’ needs. The University would like to note that it is not responsible for the content of those websites or the suitability of their use, nor does it bear any liability arising from browsing them or benefiting from their services. The user bears full responsibility for any actions or transactions carried out when accessing any website through the links available on this website.
Cookies
The website may use cookies stored on the user’s device for the purpose of improving service quality, facilitating the browsing experience, and understanding patterns of platform use. Users may adjust their browser settings to reject cookies or receive notifications when they are sent; however, some services may be affected if cookies are disabled.
Related Laws and Regulations
To review the policies and controls referred to in this document, please refer to:
Policies issued by the National Data Management Office
