(Data Protection)
The Saudi Authority of Internal Auditors (SAIA) is a professional body dedicated to advancing the internal auditing profession in the Kingdom of Saudi Arabia and elevating the standard of its practice in line with the highest professional standards. This is achieved through the enhancement of knowledge, the development of skills, and the support of practitioners in the field, thereby contributing to improved performance quality and greater reliability in the business environment. SAIA seeks to contribute to fostering the principles of transparency and governance, and to support entities and individuals connected with the profession, in a manner that enhances the efficiency and sustainability of professional practices. SAIA attaches the utmost importance to the protection of personal data and the safeguarding of its privacy. SAIA is committed to processing such data with strict confidentiality, in accordance with the highest security standards, and to taking the necessary measures to protect it. This Policy is intended to clarify the manner in which personal data is collected, used, and protected.
Cookies
SAIA uses cookies on its website with the aim of enhancing the user experience, facilitating browsing, and tailoring content and services to suit users' needs.
These files may also be used to collect data relating to how the website is used, helping to analyze performance and improve the quality of services provided, without directly identifying the user. Users may disable cookies through their browser settings, or upon their first visit to the website.
Collection of Personal Information
SAIA collects personal data to the extent necessary to provide its services appropriately, either directly from the data subject or from the entity that nominated them for registration in events or training programs. Such collection takes place upon the completion of registration requirements or when required to deliver the requested service. Such data is processed and used in accordance with the approved policies and controls, and for the purposes for which it was collected.
Categories of Data Collected
•Account Data:
Includes the basic data required when creating an account or personal profile through SAIA's website.
• Payment Data:
Includes the data necessary to complete payment transactions or process refunds.
• Data Received from Third Parties:
Includes data obtained from other entities as a result of using services that require it, such as government services where applicable (such as the National Unified Access service and others).
• Cookies and Analytics Data:
Includes data relating to website usage and performance analysis.
• Geolocation Data:
Includes data relating to the user's geographic location when using certain services.
• Academic Qualifications Data:
Includes data relating to academic qualifications submitted to avail of SAIA's services.
Data Storage, Retention, and Destruction
SAIA retains personal data for an appropriate period for the purposes of delivering services adequately, analyzing preferences, and improving the quality of services provided, in addition to informing users of products and services that may be of interest to them. Data is retained for the period necessary to fulfill these purposes and is subsequently destroyed upon the conclusion of the purpose for which it was collected, or upon request by the data subject, in accordance with the applicable laws and regulations.
Data Sharing
SAIA is committed to maintaining the confidentiality of personal data and to refraining from disclosing it, except in cases permitted or required by law, or for the purpose of serving the public interest, or for research or study purposes, in a manner that does not compromise individuals' privacy and in accordance with the relevant laws and regulations.
The entities with which data may be shared include the following:
- The Institute of Internal Auditors (IIA), to establish an international account.
- Government and non-governmental entities, such as the Ministry of Human Resources and Social Development (through the Digital Government Authority).
- Entities cooperating with SAIA pursuant to data-sharing agreements, such as universities, educational institutes, and other relevant entities.
Rights of the Data Subject
• Right to Be Informed: Data subjects have the right to know the methods by which their personal data is collected, processed, stored, and destroyed, and the entities with which it may be shared.
• Right of Access to Personal Data: Data subjects have the right to request a copy of their personal data free of charge, through the channels specified herein.
• Right to Rectification of Personal Data: Data subjects have the right to request the rectification of their personal data where it is inaccurate or incomplete, through the means specified herein.
• Right to Erasure of Personal Data: Data subjects have the right to request the erasure of their personal data in specified circumstances, unless there are statutory or contractual requirements necessitate its retention.
• Right to Withdraw Consent: Data subjects have the right to withdraw their consent to the processing of their personal data at any time, unless legal or contractual purposes require continued processing.
Contacting the Personal Data Protection Officer at SAIA
For complaints or inquiries relating to this Privacy Policy or the handling of personal data, please contact SAIA's Personal Data Protection Officer via email at ----- or by telephone at -----.
Updates to the Privacy Policy
SAIA reserves the right to amend this Privacy Policy from time to time without the need to provide prior notice. Such amendments shall become effective and binding as of the date of publication.