1 We are Imdady and our address Riyadh, Kingdom of Saudi Arabia, 2059 Makkah Branch Rd, Riyadh , 4th floor, Kingdom of Saudi Arabia telephone 0537565625 with email contact (“Imdady”, “we”, “us”, “our”). Imdady is a business name of Future Gates. Imdady provides the following products and services (“Products”):
. Imdady RMS – a cloud based restaurant management solution (RMS) including the provision of websites and KIOSKs
1.2 In providing the Products Imdady will process personal data. This document sets out how Imdady processes personal data for both Imdady RMS and Imdady Pay. This includes personal data collected when you use our website (“Website”) and Products (together, “Services”).
(a) sets out the types of personal data we collect about you;
(b) explains how and why we collect and use your personal data;
(c) explains how long we keep your personal data;
(d) explains how we will share your personal data – when, why and who with;
(e) explains the different rights and choices you have when it comes to your personal data;
(f) explains the security measures we apply to protect your personal data;
(g) explains how we may contact you and how you can contact us.
3.1 We collect the content, communications, and other information you provide when you use our our Services, including when you sign up for an account (if relevant) or communicate with us including by email. This includes your name, email address, phone number, name of your business (where relevant), and location/country and payment information (where relevant),
3.2 We also collect additional, specific personal data depending on the Products you are using:
. For Imdady Pay we need to carry out customer due diligence and KYC which
collection and processing of the following information:
o ID Validation: ID number, place of issue, expiry date, date of issue.
o CR Validation: CR number, UNN, entity name, issue date, expiry date, business type, place of issue, owner name, manager name.
o Other information: outlet name, address, contact person, contact details, and other information you may supply us with during the onboarding process.
. For Imdady RMS the information we collect includes:
o CR information (CR number, UNN, entity name, issue date, expiry date, business type, place of issue , owner name, manager name, as relevant)
o ID information (ID number, place of issue, expiry date, date of issue, as relevant)
o VAT registration information
o Recordings of sessions/meetings
o Any other information you provide us with
3.3 In addition we also collect the following personal data:
(a) Usage: we collect information about how you use our Services, such as the the time, frequency and duration of your browsing activities, and how you use the features provided by the Services.
(b) Device information: we collect information on the devices you use, such as the model and kind of the device you are using to access our Services, the operating system, hardware and software version together with other technical information (e.g. your IP address).
(c) Your opinions about our products and services: information you share rating your experiences and satisfaction with the provision or receipt of our products or services or otherwise dealing with us.
5.1We collect your personal data directly from you i.e. this is the personal data you provide to us when using our Services or communicating with us, We also collect your personal data by deploying cookies as described above. We may also collect personal data from you when you visit our offices (e.g. through the use of CCTV). We may also collect personal data from your organisation, any relevant third party partners and (in the case of Imdady Pay) from government entities as follows:
. ID information collected from ELM (a government entity) though an API integration
. CR information collected from WATHIQ (a government entity) though an API integraton
6.1 We use your personal data for the following purposes:
(a) send you information in connection with the our products and services
(b) respond to your communications and requests;
(c) to manage our relationship with you or your organisation;
(d) to manage our relationship with third party partners and referrers;
(e) billings and payment;
(f) deal with any disputes;
(g) provide our Services to you;
(h) to validate you under KYC, AML, sanctions screening and carry out due diligence;
(j) customize the content and services we provide through our Services and more generally;
(k) help us better understand your interests and needs and those of your organisation, and improve our Services;
(l) engage in analysis, research, and reports regarding use of our Services;
(o) secure our Services and our systems;
(p) comply with any procedures, laws, and regulations which apply to us;
(q) establish, exercise, or defend our legal rights;
(r) prevent and detect crime and fraud;
(s) protect health and safety and to ensure security;
(t) comply with contractual requirements; and
(u) carry out our internal business purposes, such as corporate transactions, audits, and data analysis
7.1 The length of time for which we retain personal data typically depends on the purposes for which we collected and use it and/or as required to comply with applicable laws. Once we no longer need to keep your personal data we will take reasonable steps to erase it from our systems and ensure it is erased from those systems where it is processed on our behalf.
We may share your personal data with the following:
(b) New owner: if the ownership or control of Imdady, or all or part of the Services changes, we may transfer your information to the new owner.
(c) Third party service providers and partners: we may work with third-party partners (including IT providers and developers) to:
. improve and provide our Services,
.to develop, offer and provide products and services which we consider will be of interest to you,
. to make payments.
Where we share your information with these persons we will do so to the extent required for the above purposes. We will impose restrictions on how these persons can use and disclose the data we provide in accordance with applicable laws and regulations.
(d) Government authorities: Imdady may share your personal data with various government authorities in response to enquiries you may make and to assist us in carrying out our operations and responding to enquiries. Also we may share your personal data with various government entities in response to legal proceedings; to establish and/or enforce our rights (including under our terms and conditions) or to protect our property; to defend against legal claims; or as otherwise required by law; we retain the right to raise or waive any legal objection or right available to us. We may also share your personal data when we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities.
(f) Banks, payment providers and payment technology providers: where you use Imdady Pay we will share your information as follows:
. Bank: basic information such as merchant name, address, city, UNN number/CR number, and terminal number information is shared to setup the merchant in banking system
. POS hardware vendor: basic information such as merchant name, address, city, contact number, and terminal information is shared with POS hardware vendor to install the payment hardware at merchant location
. AMEX: if a merchant requests to enable the AMEX service, similar informaiton to that above is also shared with AMEX to enable the service
SAMA (Central bank): regulatory reporting which typically includes, merchant name, terminal,
and volume, and complaints.
11.1 We consider the confidentiality and security of your personal data to be of the utmost importance. Imdady takes a variety of technical, administrative, and physical measures to protect your information from disclosure to or access by third parties. Please note that we do not guarantee the security of personal data, as no method of internet transmission or storage is completely secure.
12.1 Please note that we review our privacy practices from time to time, and that these practices are subject to change. Any change, update, or modification will be effective immediately upon posting on our Website or where we update you by email. You must read and accept the Policy every time it is updated. Otherwise, your use of the Services is not permitted.
13.1 You have certain rights under and in accordance with applicable laws and regulations including:
The right to have access to your personal data – the right for you to have access to it and obtain a copy of it
(c) The right to request correction, completion or updating of your personal data that Imdady controls.
(d) The right to request the destruction or deletion of your personal data which Imdady no longer needs to process for the purposes for which it was collected.
14.1 If you are unhappy with how we’ve handled your personal data or have further questions on the processing of your personal data, contact us here.
By written notice to:
The Data Protection Office
Riyadh, Kingdom of Saudi Arabia, 2059 Makkah Branch Rd, Riyadh , 4th floor.