Privacy Policy

Preface

We Doyen Food Technology Co. “we” “Service Provider”, “Controller” places a high priority on the protection of your data and treats it with special care. We handle the data you provide us with, whether through your use of our website, platform, or applications with complete confidentiality. This is done in full compliance with the Personal Data Protection Law issued under Royal Decree No. (M/19) dated 09/02/1443 AH and the Council of Ministers' Decision No. (98) dated 07/02/1443 AH and other relevant regulations in the Kingdom of Saudi Arabia. All data is processed under the provisions outlined in this Privacy Policy.

This Privacy Policy “the Policy” is a legally binding agreement between the client “you”, “User”, “Personal Data Owner” and Doyen Food Technology Company a private L.L.C. in the Kingdom of Saudi Arabia that provides food consulting services.

This Policy is designed to help you understand the protections afforded to your rights and data and ensure transparency regarding data collected during your visit to the digital platform, thereby enhancing trust and ensuring legal and ethical compliance.

This policy is an integral part of the “Terms and Conditions,” and accepting the contents of this policy includes and incorporates all mentioned in the terms and conditions. If you do not agree with all parts of this policy and all parts of the terms and conditions, then you are expressly prohibited from using “Fooditor” and must discontinue use immediately.

If you have any inquiries, concerns, or complaints regarding this policy or the data we hold about you, or if you wish to exercise your rights, please, contact us at (+966-556161684) or email (info@fooditor.sa).

1. Purpose of data collection:

We collect certain personal data for processing purposes after obtaining your explicit consent, in compliance with applicable regulations. We only collect the minimum amount of personal data necessary to fulfill the purposes for which it was collected, which is essential to provide specific services and functions.

The objective of collecting personal data directly aligns with the goals of the digital platform and does not conflict with any stipulated legal requirements. The platform’s purpose is to manage and archive documents related to food safety and defense activities within the establishment. This includes documentation of monitoring lists, receiving forms, daily follow-up programs, and tools for tracking food quality.

The service provider has the right to collect clients' data provided during their communication through "Fooditor," customer service, promotions, or while submitting a report. The service provider is committed to maintaining the integrity of the provided data, protecting it from misuse, and destroying data that is no longer required under the conditions of the Privacy Policy.

The client acknowledges and approves of the information collected by "Fooditor," how it is used, and the circumstances in which it is disclosed. Thus, the client shall review the terms and conditions of this document regularly. They also acknowledge the right of the service provider to use this data and make it available to qualified individuals or specialists who provide "Fooditor" services that are consistent with the client's transactions in "Fooditor."

2. Methods and content of data collection

The platform collects certain personal data with the explicit consent and knowledge of the client, to help us identify you directly or indirectly. This enables us to deliver and improve our services to better meet your needs. Additionally, the platform collects data and information regarding operational activities related to food safety and defense systems (the primary objective of the Fooditor platform) and their related documents. The data stored in "Fooditor" includes the following:

A – Personal Data:

No data is collected by any other means, and only data provided by the client during the registration process is collected. Clients are required to provide certain personal data and identifying information to comply with legislative and regulatory requirements. The requested information is the minimum required to activate the contractual relationship, which includes:

1.        Full name  

2.        Mobile number  

3.        Email address  

4.        Name, activity, and address of the establishment  

5.        Commercial registration number  

6.        Tax identification number  

7.        Any other related information  

The client, along with all the users associated with their accounts, will have a personal account to manage their platform access. To activate user accounts and manage passwords, each user will be asked to provide the following optional information

1.        Full name  

2.        Mobile number  

3.        Email address (mandatory for account activation)  

4.        Job title  

Personal data may also be collected directly when clients communicate with us via designated channels such as email, mobile number, or other customer service tools provided by the platform.

B – Operational Data:

The primary purpose of "Fooditor" is to manage food safety and defense systems within food establishments. This is achieved through documenting, organizing, and facilitating access to relevant data and activities. Accordingly, the client may choose to store data, documents, and optional information related to food safety and defense systems operations, including but not limited to:

1.        Official documents, such as municipal and civil defense permits.

2.        Employee documents, such as employment contracts, residency permits, certificates, and training records.

3.        Property documents, such as factory and warehouse lease agreements, ownership deeds, and pest control contracts.

4.        Device and equipment records, including serial numbers, descriptions, dates, and responsible personnel.

5.        Records of other assets, such as vehicles.

6.        Supplier information, including names and addresses associated with the establishment.

7.        Invoice details and related data.

8.        All other documents, data, or records archived through the digital platform related to the establishment.

9.        Records and details of any other relevant operations related to food safety and defense systems.

C – Indirect Data:

When visiting the platform, your IP address is collected automatically. An IP address serves as a unique identifier for the device you use to connect to the internet and helps route data to and from your device. This data includes information such as browser type, version, and visit time, without identifying your personal identity. Collecting this information aids in improving the user experience, diagnosing server issues, and conducting statistical analyses (e.g., visitor accounts).

The platform may store cookies on your device during your visit. [Cookies are small data files that uniquely identify you as a user, helping to improve your browsing experience]. While most browsers are set to accept cookies by default, you may choose to block or alert them against cookies by adjusting your browser settings. However, restricting cookies may limit access to certain services available through "Fooditor."

3. Processing, storing, and deleting data

Personal data is stored and processed on our authorized servers. We take steps to ensure that the personal data we collect is processed in accordance with this policy and applicable law, regardless of where the data is located.

We collaborate with third parties such as cloud hosting services, suppliers, and technology support providers located around the world to meet the needs of our business and clients. We take appropriate steps to ensure that personal data is processed, secured, and transferred securely, protecting the confidentiality, availability, and integrity of our clients’ personal data.

The service provider uses appropriate organizational and technical measures to protect personal information. Our security policies and procedures are closely aligned with widely accepted international standards and are regularly reviewed and updated as necessary to meet the needs of our business, technological changes, and regulatory requirements.

We retain personal data for as long as it is reasonably necessary for technical, legal, or business purposes. When determining data retention periods, we consider applicable laws, contractual obligations, and the expectations and requirements of our customers. When we no longer need personal data, we securely delete or destroy it.

Terminated subscriptions will have their data retained for 45 days. Clients can cancel their subscriptions and delete all associated data at any time through the platform’s functions without contacting us. Please note that once a subscription is canceled, all data will be permanently deleted and cannot be recovered by either the client or the service provider.

Clients can completely delete their organization accounts from the platform by contacting technical support via email or using the support function within the platform. Once a client’s account data is deleted, it cannot be recovered by either the client or the service provider.

Client account managers can delete their personal accounts from the platform by contacting technical support via email or using the support function within the platform. All other users in a client’s account can delete their personal accounts at any time through the platform's functions and without referring back to us. Here, it must be noted that deleted personal accounts will lose all data in them, and neither the user nor the service provider will be able to retrieve it.

4. User consent

Personal data will not be processed, modified, or repurposed without the client's consent in accordance with the terms specified in Article 12 of the Executive Regulations of the Personal Data Protection Law. The client may withdraw consent for data processing at any time, with relevant regulatory guidelines determining the necessary conditions for such withdrawal.

Personal data may be processed without consent in certain cases, such as when processing serves a legitimate interest, and contacting the client is not feasible, when required by another law or pre-existing agreement, or when requested by a government agency for security or judicial purposes. Processing without consent is also permitted to protect the legitimate interests of the service provider, provided it does not infringe on the rights or interests of the client and exclude sensitive data, as stipulated by the regulations.

5. Rights of the Personal Data Owner

1.        The client has the right to know that their personal data is being collected and stored by the platform, and to understand clearly and transparently the purpose, method, and limits of data usage, storage, processing, and destruction. They also have the right to know about the parties with whom this data might be shared, as detailed in this Policy.

2.        The client is entitled to easy and direct access to their data and information via the digital platform, and access is restricted solely to the user for the protection of their rights.

3.        The client may amend or update inaccurate or incomplete data directly through the digital platform at any time, except for invoices. If an issued invoice requires correction or data update, the user must contact support channels provided by the platform, as modifications to invoices are restricted to authorized support personnel.

4.        The client has the right to request the complete deletion of their personal data once the purpose for which it was collected has been fulfilled. After fulfilling the specified purpose, the data will be permanently erased. However, the platform reserves the right to retain anonymous data, unrelated to any identifiable owner, in compliance with the Personal Data Protection Law, for statistical or operational purposes.

6. Limitations on the use of personal data:

The service provider shall not sell, share, or lease personal data to third parties (except as provided in this policy) without the client's consent. The client's input of the required data to benefit from the service is regarded as consent for "Fooditor" to collect the entered data. If the client does not agree to this privacy policy, they should not accept this document.

The service provider gives the utmost priority to protecting its clients' data. It is also committed to protecting client privacy and using personal data for the following purposes:

a.        Enable the client to benefit from the services of “Fooditor” optimally to present the best.

b.        Create an account or profile in “Fooditor”.

c.        Data processing and activation of personal data to ensure that it is active and owned by the client.

d.        Receive and respond to the clients’ questions, complaints and inquiries.

e.        Enable to comment and evaluate the service provided.

f.        Provide the client with information about the requested services from “Fooditor” for internal business purposes in order to improve the service.

g.        Personalize content, recommendations, and advertisements provided by “Fooditor” or third parties.

h.        Manage and process the Services.

i.        Inform the client of any changes that may occur in this document.

j.        Undertaking research to improve the platform or to analyze market trends, using anonymized customer data

k.        Compliance with regulatory and legislative obligations; and for any other purposes that may be disclosed when data is provided with the consent of the client in accordance with this document.

The service provider may have to hire other companies to perform tasks that are not within the jurisdiction of "Fooditor" and may require access to the client's personal information to perform their tasks and functions, including but not limited to (geographic location, language used, operating system), provided that it is not used for other purposes.

7. Sharing and Disclosure of Personal Data

The service provider commits to not disclosing personal information to any third party outside of the platform. Personal data will not be sold, traded, or exploited in any form, ensuring the protection of the client’s rights. We are committed to securing all data provided by the client, storing it in a secure environment protected against unauthorized access, use, or disclosure, in accordance with the highest standards of privacy and protection.

The service provider is committed to maintaining the privacy and confidentiality of all personal data and will not disclose this information to any party unless required by law or in good faith when it is necessary to comply with legal obligations, protect the rights of the platform, or for related parties.

The service provider may disclose client data to the extent permitted in the following cases:

a.        To any of the members and employees of the platform.

b.        to third parties at:

1.        Assignment or sale of “Fooditor” to third parties, or entry of new partners.

2.        To protect against credit risks, fraud, and hacking.

3.        To protect intellectual property.

4.        To ensure the integrity of “Fooditor” or what is related to it.

5.        To comply with regulations and laws, or when a judicial ruling requires that or a decision of public authorities.

8. Methods and measures for data protection

Our data collection methods are direct, clear, and secure, free of deception and fraud. We are dedicated to safeguarding your privacy on the internet, and thus, the digital platform's server type is cloud-based, meaning all personal data and information are stored in safe cloud storage. The platform is fully compliant with the Saudi Personal Data Protection Law, and we are committed to taking technical and organizational precautions to prevent data loss, misuse, or alteration.

When transferring data in "Fooditor" networks and servers, the service provider is keen to protect that data inside and outside the Internet by encrypting sensitive information and keeping personal information in a secure physical environment. In case of a breach of that data – God forbid – "Fooditor" shall inform the client immediately.

The service provider undertakes to retain the data for the period required by the nature of the service provided through "Fooditor" and for authorized and permitted purposes, except that it shall be disclosed according to regulations and legislation or with the client's written consent. "Fooditor" also undertakes that the data is protected in a security manner commensurate with their nature and importance, and that it shall not be traded or sold to others in a manner that contradicts the client's privacy. However, it does not guarantee that it will remain fully confidential.

In our commitment to providing optimal service, the technical support team's access permissions are limited solely to resolving technical issues within a user's account. Technical support personnel are not authorized to view personal documents or data related to the establishment or the user. The client voluntarily grants these permissions to technical support, restricted exclusively to addressing technical problems.

9. Amendments to the Privacy Policy

The last amendment to this Policy was made on 5/6/1446 Hijri. The digital platform reserves the right to amend, add, or change any terms of this Privacy Policy as necessary. Any changes to this Policy will be indicated here, and the platform will regularly notify the client of any updates.

The Arabic language is an authoritative version of this Policy. In the event of any dispute in interpreting any provision in another language, the Arabic text shall prevail.

10. Consent to the Privacy Policy

You acknowledge that you have read and agree to all the terms and conditions of this Policy. Your use of the platform signifies your acceptance of this Policy and its governing terms and conditions. If you do not agree to this Policy, you must refrain from using any content or services provided through the platform.

11. Disclaimer

“Fooditor” may contain links that direct you to other websites. The digital platform disclaims any liability for external or linked sites and bears no responsibility for visitors’ use of these sites or any issues that may arise from such use. It is recommended to review the privacy policy and content of external websites before using them. Our site may also include ads from other websites, such as Google Ads, and this data is utilized for analytical tools to monitor and enhance platform performance and services.

The service provider shall not be held liable for any damage arising from the use of the platform, the application and/or the website; including direct, indirect, incidental, consequential, special, or exemplary damages, or any data loss resulting from using the digital platform.