Cookies Policy

Kalsa with offices registered in Riyadh, Saudi Arabia as joint Data Controller in charge of data processing (hereinafter the “Controller”) of the website https://www.kalsa.com (hereinafter the “Website”), inform visitors of the Website (hereinafter the “Data Subjects”) about the General Data Protection Regulation (GDPR), pursuant to Art. 13 of European Regulation No. 2016/679.
The Controller is aware of the importance of processing Data Subjects’ personal data, hence he indicates which and how data are processed. By browsing the Website or indicating the willingness to use the services provided by the same, Data Subjects declare that they have read and accepted this policy (hereinafter “Policy”), thus granting their consent to the processing of their personal data by the Controller.
For any information, queries or requests relating to this Policy, the Data Controller provide the Data Subjects with the following email address: privacy@kalsa.com .

What are the Data Subjects’ rights in relation to the processing of personal data?

Data Subjects have the following rights:

  • The right to be informed if their data are being processed and, if so, to access their personal data
  •  The right to rectify their personal data
  •  The right to erasure (right to be forgotten) of their personal data
  •  The right to restrict the processing of their personal data
  • The right to data portability to receive – or have transmitted to another data controller – their personal data in a structured, commonly used and machine-readable format
  •  The right to object to the processing of their personal data
  • The right to withdraw the consent previously granted
  • The right to lodge a complaint with the competent authorities for breach of personal data processing.
How to exercise one’s rights

Data Subjects may exercise their rights by writing to the email address indicated above.
The Controller would like Data Subjects to exercise their rights without incurring any costs. However, to do so the Controller may require specific information to follow up on the Data Subjects’ enquiries in relation to their rights.
Enquiries are usually dealt with within 30 days from receiving them. However, if this deadline cannot be met (e.g. due to a high volume of requests or complexity of the response) it will be the Controller’s responsibility to inform the Data Subjects and keep them updated on the developments.

What are cookies?

A “cookie” is a text file created from websites on a data subject’s computer at the moment in which the latter accesses to a website. The purpose is to store and transport information. Cookies are sent from a web server (which is the computer that is running the website visited) to the Data Subject’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on the latter’s computer as well. They are then sent back to the website at the time of subsequent visits.
Without these cookies, the website may not function properly. Therefore, in some cases, they are technically necessary. In other cases, the Website uses cookies to make it easier for the Data Subjects to navigate or to allow them to use the services specifically requested.

What cookies does the Website use?

As specified in the following table, the Website uses both its own and third-party cookies:

Type
Purpose
Technical cookies
Some cookies are used to collect information on how the Website is used and whether there are error messages on certain pages. All information collected by these cookies is used only for the purpose of improving the user experience when browsing the Website.
Session cookies
The Website uses so-called session cookies (which are not persistently stored on the Data Subject’s computer and are deleted when the browser is closed). These cookies are strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient browsing of the Website.
Google Analytics Cookies(third-party cookies)
The Website uses Google Analytics Cookies to collect information about traffic on the Website and on how the latter is used by those who browse the Website.
The information collected by these cookies does not directly identify the Data Subjects, but may make the latter indirectly verifiable because the information collected is linked to a pseudonymous identification number associated with the device through which the Website has been accessed.
The information collected is aggregated in an anonymous manner and used to increase the operational efficiency of the Website and evaluate its performance.
Targeting and advertising cookies(third-party cookies)
This type of cookies tracks Data Subjects’ behaviour and allows the Data Controller to display relevant adverts.
Information relating to the Data Subjects’ browsing history may be linked together with information of other Data Subjects having similar interests.
Social Network Cookies (third-party cookies)
These cookies allow users to interact – through a special button – with social networks, or with other external platforms directly from the Website.
The interactions and information acquired from this Website are in any case subject to the Data Subjects’ privacy settings relating to each social network.
However, if a social network interaction service is set up (even if Data Subjects do not use it), this might collect traffic data relating to the pages on which it is installed. For more information on the processing of social network data, refer to the policy of the individual social networks.
Disabling and enabling Cookies

Preferences related to Cookies can be managed by the Data Subjects directly within their browser and prevent – for example – third parties from installing them. Previously installed Cookies can also be deleted through browser preferences, including Cookies giving consent to the installation of Cookies by this Website. It is important to note that disabling all Cookies may compromise the Website’s normal operation. Information on how to manage Cookies from the browser can be found at the following addresses:

Data Subjects may also exercise their right to object to the tracking if services are provided by third parties. This can be done by learning about the privacy policy of the third party, through the opt-out link – if explicitly provided – or by contacting the same directly.

Notwithstanding the foregoing – as indicated by the Data Controller – Data Subjects may use Your Online Choices (https://www.youronlinechoices.com/) and All About Cookies (www.allaboutcookies.org). Through this service it is possible to manage the tracking preferences of most advertising tools. The Data Controller, therefore, recommends that Users use this resource in addition to the information provided herein.

How long are personal data stored?

Cookies are kept for as long as necessary to achieve the above-mentioned purposes. For more details on the storage times of each cookies’ individual category (as indicated in the table above), the Data Subjects can contact the Controller by email at privacy@kalsa.com

Where do we keep personal data?

Controller keeps personal data in paper files stored at the headquarters, as well as on computer archives located within the European Union, but also outside it – if these are essential to the pursuit of the purposes indicated in letter a). In the latter case, the Controller ensures that companies established outside the European Union, process personal data with the utmost confidentiality in compliance with adequacy decisions adopted by the European Commission, any Privacy Shield or, if necessary, entering into agreements that guarantee an adequate level of protection.

How are personal data processed?

The Controller processes the Data Subjects’ personal data by adopting appropriate security measures aimed at preventing unauthorised access, disclosure, modification and destruction.
The processing of data is carried out through telematic procedures, electronic means and, alternatively, on paper by specially authorised internal personnel as well as external managers (if appointed), depending on the contractual agreements in place.
The processing can also be carried out through the use of automated means.

Policy Changes

Controller reserves the right to amend this Policy at any time. In case of changes, the Controller will upload the new policy on this page and the Data Subjects shall check the changes carried out on the Policy: Data Subjects will be able to review the Policy history by checking the date.
By continuing to use the Website following the changes to the Policy, the Data Subjects accept the new conditions and consent to the processing of data as modified.

 

 

Updated: 27 January 2021