Privacy Policy for Gulf Technical Solutions

Effective Date: 1st October 2024

1. Introduction

Gulf Technical Solutions (“we,” “us,” “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we handle, process, and protect your information in accordance with the General Data Protection Regulation (GDPR) and other relevant data protection laws. This policy applies to all personal data collected from you through our website, related services, or customer interactions, ensuring transparency in how we manage and safeguard your data.

By accessing or using our website and services, you agree to the collection and use of your personal data as described in this policy. Please read it carefully to understand your rights and choices regarding your data. If you have any questions or concerns, contact us at:

  • Email: sales@gulftechsol.com
  • Address: 4427, Ibn Al Rumi Street, Al Hamra District, Jeddah, Kingdom of Saudi Arabia

2. Data Controller and Data Protection Officer

Gulf Technical Solutions is the data controller responsible for your personal data. As a data controller, we determine the purposes and means of processing your personal data. If you have questions about this policy, including any requests to exercise your legal rights, please reach out to our Data Protection Officer (DPO) using the contact details above.

3. Data We Collect

We collect various types of data, both directly from you and indirectly through your interaction with our website and services. This data includes, but is not limited to:

  • Identity Data: Name, username, title, date of birth, and gender.
  • Contact Data: Billing address, delivery address, email address, and phone numbers.
  • Financial Data: Payment details (such as credit or debit card details) used to process your transactions, which may be handled by a third-party payment provider.
  • Transaction Data: Details about payments to and from you, and other details of products and services you have purchased from us.
  • Technical Data: Internet Protocol (IP) address, browser type, device information, time zone settings, operating system, platform, and other technology on the devices you use to access our website.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

4. How We Collect Your Data

We collect your personal data through various methods:

  • Direct Interactions: You may provide data by filling out forms, creating an account, making a purchase, subscribing to our newsletters, requesting marketing materials, or communicating with us.
  • Automated Technologies or Interactions: When you interact with our website, we may automatically collect Technical Data and Usage Data about your equipment, browsing actions, and patterns. This data is collected through cookies, server logs, and similar technologies.
  • Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties, including analytics providers, advertising networks, and search information providers.

5. How We Use Your Data

We process your personal data for specific, lawful purposes in compliance with GDPR principles. Your data is used for the following purposes:

  • To Process Transactions: We use your Identity, Contact, and Financial Data to process payments, deliver your orders, and manage refunds.
  • To Manage Your Account: Your Identity and Contact Data help us create, maintain, and secure your account with us.
  • To Provide Customer Support: When you contact us with questions or concerns, we use your data to respond to and resolve issues.
  • To Improve Our Services: We use Technical and Usage Data to analyze and enhance the user experience, improve website functionality, and assess user preferences and behaviors.
  • To Send Marketing Communications: With your consent, we may use Contact and Marketing Data to inform you of special offers, promotions, and updates.
  • To Comply with Legal Obligations: We may process your data to comply with legal and regulatory obligations, including fraud prevention, tax compliance, and maintaining accurate records.

We will only use your data when we have a legal basis for processing, including when it is necessary for the performance of a contract, compliance with a legal obligation, our legitimate interests, or based on your consent.

6. Sharing Your Data

We may share your personal data with third parties only in limited and specific circumstances, as described below:

  • Service Providers: We work with third-party service providers who assist us in providing our services, including payment processing, delivery services, IT support, and marketing services. These providers only process your data on our behalf and under our instructions.
  • Affiliates and Subsidiaries: We may share data with affiliated companies for business and operational purposes, but only when relevant to providing or improving our services.
  • Legal Obligations: We may share your personal data with law enforcement, regulatory bodies, or other authorities if required by law or necessary to protect our rights or the safety of our users.
  • Business Transfers: If we undergo a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction.

We do not sell or rent your personal data to any third parties for marketing purposes.

7. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including for satisfying any legal, accounting, or reporting requirements. The retention period will vary based on the type of data and the specific processing purposes. In general:

  • Transaction Data will be retained for as long as needed to complete the transaction and for any required legal purposes.
  • Account Information will be retained while you have an active account with us.
  • Marketing Data will be retained until you withdraw your consent or opt out of receiving marketing communications.

After these retention periods, your personal data will either be securely deleted or anonymized for internal analytics purposes.

8. Your Data Protection Rights

Under the GDPR, you have rights regarding your personal data. These include:

  • Right of Access: You have the right to request copies of your personal data.
  • Right to Rectification: You may request that we correct any inaccuracies or incomplete information.
  • Right to Erasure: You have the right to request the deletion of your personal data, subject to certain conditions.
  • Right to Restrict Processing: You may request that we restrict the processing of your data under specific circumstances.
  • Right to Data Portability: You can request that we transfer your data to another service provider.
  • Right to Object: You have the right to object to our processing of your personal data under certain conditions, including for direct marketing.
  • Right to Withdraw Consent: Where we have relied on your consent for data processing, you may withdraw this consent at any time.

To exercise any of these rights, please contact us using the details provided above. We may need to verify your identity before processing your request, and we will respond within one month of receiving your request.

9. Security of Your Data

We take data security seriously and have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, misuse, alteration, or destruction. These measures include:

  • Encryption: We use secure servers and encrypt sensitive data during transmission.
  • Access Controls: Only authorized personnel have access to personal data on a need-to-know basis.
  • Regular Security Audits: We conduct routine security assessments to identify and address potential vulnerabilities.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission or storage is completely secure. Therefore, we cannot guarantee absolute security.

10. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to collect information about your browsing behavior and preferences. Cookies help us enhance website performance, analyze site usage, and tailor content to your preferences. You may control or disable cookies through your browser settings. However, disabling cookies may affect website functionality.

11. Links to Third-Party Websites

Our website may contain links to third-party websites. This Privacy Policy does not apply to those sites, and we are not responsible for their content, privacy practices, or security measures. We encourage you to review the privacy policies of any third-party sites you visit.

12. Children’s Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect or process personal data from children under 16 without parental consent. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete it in accordance with applicable laws.

13. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When changes are made, we will post the updated version on this page and update the effective date. We recommend reviewing this policy periodically to stay informed about how we handle your personal data.

14. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our handling of your personal data, please contact us at:

  • Email: sales@gulftechsol.com
  • Address: 4427, Ibn Al Rumi Street, Al Hamra District, Jeddah, Kingdom of Saudi Arabia

You also have the right to lodge a complaint with your national data protection authority if you believe that your data has been handled in a manner inconsistent with GDPR.