Privacy Policy

static hero image

Introduction

Jeddah Airports Company was established in 2022 as a part of the aviation sector privatization program in the Kingdom of Saudi Arabia. The company manages and operates King Abdulaziz International Airport (KAIA) in Jeddah in accordance with the highest quality, safety and security standards, in line with developing the airport infrastructure and carrying out expansion projects for new services and facilities, along with the existing facilities. The company is also committed to working closely with partners and stakeholders at both local and global levels in order to ensure providing a unique traveller experience, with ensuring customer satisfaction concerning all services and products provided thereof.

At Jeddah Airports Company (JEDCO) or "we", we have set out our Privacy Notice to ensure that you are fully aware of the practices and policies related to the personal data protection and security while interacting with our website. This Privacy Notice describes the types of personal data we collect, how we use it, entities we share it with, and the choices you can make regarding the personal data collection, use and disclosure, in accordance with the Personal Data Protection Law and its regulations in force in the Kingdom, under which this Notice has been formulated therewith.

  1. 1. Personal data we collect

    1. 1.1 Main Personal Data
      • Full Name
      • Date of Birth
      • Nationality
    2. 1.2 Contact Information
      • Email Address
      • Phone Number
      • Postal Address
    3. 1.3 Technical Data
      • IP Address
      • Browser Type and Version
      • Device Information
      • Cookie Identifiers
      • Browsing History
    4. 1.4 Browsing Data
      • Pages Visited
      • Links Clicked
      • Time Spent on Pages
      • Navigation Patterns
      • Form Interactions
    5. 1.5 Preference Data
      • Language Preferences
      • Communication Preferences
      • Saved Searches
      • Personalization Settings
    6. 1.6 Geographic Data
      • GPS Location
      • The user's geographical GPS location from which the visitor enters our website

  • 2. The Way We Collect Your Personal Data

    We collect your personal data in two primary ways:

    2.1 Directly when you fill out website forms and registrations:

    • Newsletter Subscriptions
    • Contact Forms
    • Feedback Surveys
    • Account Creation

    2. 2 Indirectly via automated collection:

    • Analytics Using Some Techniques
    • Cookies and Similar Technologies
    • Web Beacon
    • Server Logs

  • 3. We Collect Your Personal Data for the Following Purposes

    • Personalize your website experience, such as personalizing content based on your preferences and customizing language and content.
    • Conduct analytics and necessary improvements, such as analyzing user behavior patterns and improving site performance and user service quality.
    • Communicate and provide relevant updates, such as processing your requests and inquiries and sending service updates.
    • Ensure website security, such as preventing unauthorized access and ensuring compliance with relevant regulations.

  • 4. Legal Basis for Collecting and Processing Your Personal Data

    • Approval: In case you have given explicit approval to the data collection and use of your personal data.
    • Legal Obligation: To comply with relevant legal or organizational obligations.
    • Vital Interests: To protect your vital interests or the vital interests of another individual.
    • Legitimate Interest: To pursue our legitimate interests (or those of any third party) when these interests outweigh any prejudice to your data protection rights.
    • Public Interest: To meet the requirements of public authorities or for purposes of public interest.

  • 5. Your Rights in Relation to Your Personal Data

    You have the following rights in relation to your personal data:

    • Right to Be Informed: The data subject is entitled to know how we collect their data, the legal basis for collecting and processing it, how it is processed and reserved, and with whom it is shared.
    • Right to Access Your Personal Data: Request access to the personal data we reserve about you.
    • Right to Request Access to Your Personal Data: You are entitled to request access to your personal data reserved in a readable and clear format, if technically possible, through the channel you request.
    • Right to Request Amendment of Your Personal Data: Request amendment of any inaccurate or incomplete data.
    • Right to Request Destruction of Your Personal Data: Destruction request of your personal data under certain circumstances.
    • Right to Cancel Your Consent to the Processing of Your Personal Data: You are entitled to cancel your consent/approval to the processing of your personal data at any time unless there are legal justifications that require otherwise.

    In case the data subject wishes to exercise one of these rights, he is entitled to that through the means of communication specified in the “Contact Us” section, noting that the response period will not exceed (30) days from the date of the request receipt.

  • 6. Sharing Your Personal Data

    When sharing your personal data, we ensure that it is shared in a secure and reliable environment, in accordance with the relevant regulations, rules, and policies, both systematically and technically.

    6.1 Service Providers:
    • Platform Support and Maintenance Providers.
    • Cloud Hosting Providers.
    • Analytics Providers.
    • Customer Support Tools.
    6.2 Regulatory Authorities:
    • The General Authority of Civil Aviation and the Holding Airports Company.
    • Government Agencies (where legally required).
    6.3 Connecting with Third Parties:
    • Payment Processors (in the future).
    • Identity Verification Services.
    • Email Service Providers.

  • 7. Personal Data Storage and Retention

    In accordance with the Personal Data Protection Law issued by the National Data Management Office (NDMO), your personal data will be reserved and processed within the Kingdom of Saudi Arabia to ensure the preservation of the national digital sovereignty of this data.

    We retain your personal data only for the necessary duration to achieve the purposes for which it was collected, or as required by law and our regulatory obligations. This personal data is destroyed immediately after the purpose for which it was collected has been fulfilled, or upon the request of the data owner through secure methods and techniques.

    Retention of personal data may be required even after the purpose for its collection has been fulfilled in the following cases:

    • If there is a legal justification for retaining it for a specific period, provided it is destroyed after the expiration of that period or the completion of the purpose for which it was collected.
    • If the personal data is closely related to a case pending before a judicial authority, and retention is required for that purpose. It will be destroyed after the completion of the judicial procedures related to the case.
    • If all means of identifying the personal data owner have been removed.

  • 8. Updates to the Privacy Notice

    To ensure that we continue to provide the best possible experience under the highest level of protection for your personal data, we reserve the right to update the Privacy Notice when necessary and appropriate.

    Any update to this Privacy Notice shall be available here (where you have reviewed and agreed), so you should review the Privacy Notice periodically to ensure that you are fully aware of the latest version.

  • 9. Contact Us

    We are keen to maintain the privacy of your personal data. In the event you have any inquiries or requests regarding what is stated in this notice, kindly contact our Data Governance Department at: [email protected].