Your Privacy Rights

This privacy policy sets out how Jameel Deep Tech Initiative uses and protects any information that you give us when you use this website.

We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. We are registered under the Data Protection Act 1998 and comply with the provisions of the Act.

We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from July 2014

1. Introduction

BRJ is committed to respecting your privacy and protecting your personal data.

  • We will be transparent about the information we are collecting about you and what we will do with it.
  • We will use your personal data for the purposes described below. Your personal data will not be processed in a manner inconsistent with the purpose of its collection or in cases other than those stipulated by applicable privacy laws.
  • We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reason or reasons we collected and need to process your personal data.  
  • We have measures to protect your personal data and keep it secure.
  • We will respect your data protection rights and aim to give you control over your own personal data.

You can access our full Privacy Policy below to help you to understand how we use your personal data. In it, we explain in particular the types of personal data we collect, how we collect and process it, what we may process it for and who we may share it with.

BRJ External Notice

2. Full Privacy Notice

2.1 Controller of Personal data

Any personal data processed in connection with this Privacy Policy is controlled by Bab Rizq Jameel Company Ltd (“BRJ”, “we”), having its CR Number 4030169294 with registered head office Prince Majed Street, Al Safa District, P.O Box 248, Jeddah 21411, Kingdom of Saudi Arabia. which is considered the “data controller” of your personal data under the KSA Personal Data Protection Law and its Implementing Regulations.   To contact our Data Protection Officer, please send a request using the contact details specified at the end of this Privacy Policy

2.2 What do we do? 

We are part of the Jameel Community Foundation in Saudi Arabia, which equips youth with market-ready skills, connects them to job opportunities, and promotes economic empowerment. By supporting trainees, job seekers, and employers, we help to reduce unemployment, stimulate economic growth, and improve living standards in alignment with national objectives. We offer a digital Mentorship Application designed to remotely connect individuals with experienced mentors across various industries. By registering applicants and experienced mentors in our Mentorship digital application we are able to help them with their consent to make contact and share insights on common interests.

2.3 What Do We Mean by Personal Data?

Personal data means any data, regardless of its source or form, that may lead to identifying you specifically, or that may directly or indirectly make it possible to identify you, including your name, personal identification number, addresses, contact numbers, license numbers, records, personal assets, bank and credit card numbers, photos and videos of you, and any other data of a personal nature.  

2.4 When Does This Policy Apply?

This Privacy Policy applies to personal data about you that we collect, use, or otherwise process in connection with your relationship with us and your use of our website and any online services offered through the website or device-based application.  

2.5 How We Collect and What Types of Personal Data Do We Collect About You?

2.5.1 Direct Collection

We collect and generally process personal data that you provide directly while interacting with us via website or device-based application.  

  • Through website or device based application: For Applicants

In that respect, we collect the following types of personal data:  

We will inform you at the time of collecting your personal data whenever the provision of such personal data to us is mandatory in order to allow us to achieve the purposes described below. Otherwise, the provision of the personal data is optional. If you do not provide the personal data, we require this may affect our ability to provide services for you.

2.5.2 Indirect Collection

We may also collect and process personal data about you indirectly when you use our services, our website.  

In that respect, we collect the following types of personal data:  

2.6 What Do We Use Your Personal Data for and Our Legal Basis?

We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reason or reasons we collected and need to use your data, as described below:

2.6.1 Processing Necessary to Provide Requested Services

Where necessary to provide the mentorship services you have requested, we will use your personal data to:

  • create, manage and maintain your user account on the BRJ Mentorship application.  
  • provide helpdesk and technical support, resolve your enquiries and otherwise administer our relationship with you as a mentorship platform user

2.6.2 Legitimate Interest

We may process personal data where necessary to ensure the security of our systems, prevent fraud, and protect the integrity of our services.

2.6.3 Compliance with Legal Obligations

In certain circumstances we may process your personal data to comply with laws or regulations. This includes:

  • complying with any law, regulation, court order or lawful request from a government, supervisory or law-enforcement authority that applies to our recruitment events, digital platforms or business operations.
  • retaining records and other documentation for the periods mandated by those laws so we can demonstrate compliance and respond to official audits or investigations.
  • fulfilling your Data Subject Rights requests, as required by applicable data protection laws.

2.6.4 Consent

We rely on your explicit consent in order to:

  • send you direct marketing e-mails, SMS or notifications about programs, webinars or areas of interest.  
  • share your profile as a mentor with applicants who may request virtual meetings via chat or video, only where you choose to engage and accept such requests. When you engage with an applicant, that applicant acts as an independent data controller and processes your personal data in accordance with applicable laws, including the Personal Data Protection Law (PDPL).
  • share your profile as an applicant with a mentor, only where you request a meeting with them and choose to engage. When you engage with a mentor, that mentor acts as an independent data controller in accordance with PDPL.
  • share chat history from mentorship sessions where you explicitly consent to such sharing. The recipient will act as an independent data controller and process your personal data in accordance with applicable laws, including the Personal Data Protection Law (PDPL).
  • place non-essential cookies, pixels and similar tracking technologies on your device based on your consent obtained through our cookie banner, and use them for interest-based advertising across third-party sites, as explained in our Cookie Policy. You may manage your cookie preferences at any time through our cookie banner or application settings.
  • In case we use your data for any automated decision-making, we will obtain your consent.

You can withdraw your consent to such processing at any time, from within the Mentorship application, or alternately contact us by sending a request using the contact details specified at the end of this Privacy Policy.

Please note that if you tell us that you do not wish to receive further marketing communications, you will still receive service related communications that are necessary for example, responses to your enquiries, notifications about your account or payment status, updates on changes to our website or the services you’ve requested, and any follow-up or dispute resolution messages related to your interactions with us.  

2.7 How Long Do We Keep Personal Data?

Personal data will be retained only for as long as necessary to fulfil the purposes for which it was collected.

Personal data may be retained for a limited period for future opportunities. However, certain data may be retained for longer periods, up to ten (10) years, where required to comply with legal or regulatory obligations or for the establishment, exercise, or defense of legal claims, in accordance with our data retention policy.

If you wish to know more about our retention policy and retention periods that apply to your personal data, please send a request using the contact details specified at the end of this Privacy Policy. Our Cookie Policy and Retention Policy are available on our website and within the Mentorship application and are regularly reviewed to ensure alignment with this Privacy Policy and applicable laws.

2.8 Who Do We Share Your Personal Data With?

For the purposes referred to under this Privacy Policy, we share your personal data with data processors acting strictly on our documented instructions and providing us with the services necessary for the achievement of the purposes described above. Our third-party processors are:

  • Project development and maintenance partner– Personal data is shared regularly to support ongoing development and maintenance of our digital platforms and services.
  • Database support partner– Personal data is disclosed regularly to ensure secure storage, maintenance, and performance of our data systems.
  • Applications – our systems that enable storage of personal data and applications that enable you to exercise your data subject rights.
  • Recruitment technology provider– Personal data is shared occasionally during recruitment activities to support hiring processes through their technology platform.

These third parties are only permitted to use your personal data to the extent necessary to enable them to provide their services to us. They are required to follow our instructions and to comply with appropriate security measures to protect your personal data

Your personal data may also be shared with other entities acting as independent data controllers who determine their own purposes and means of processing. These include:

  • any legal or government authorities or agencies, or third parties such as law firms and courts, in connection with claims, disputes, litigations or investigations.  
  • third parties, such as the police and regulatory authorities, to protect our rights, property, or the safety of our customers, staff and assets. 
  • anti-fraud screening service providers to process payments and (where necessary) to carry out fraud-screening; other websites so that they know that you have visited our websites (see our Cookie Policy here)
  • any other third party pursuant to your express consent.  

For further information, you should consult the privacy policies of these independent controllers as provided to you. We do not sell personal data to third parties, and we only allow third parties to send you marketing information where we have your consent to do so. 

2.9 Do we Transfer Your Personal Data Outside KSA?  

Where personal data is transferred outside the Kingdom of Saudi Arabia, such transfers shall be carried out in accordance with applicable data protection laws and regulations, ensuring that an adequate level of protection is maintained.

Appropriate safeguards will be implemented, including the execution of Standard Contractual Clauses (SCCs) or other equivalent legal mechanisms, to ensure that personal data remains protected to a standard not less than that required under applicable laws.

2.10 What Are Your Legal Rights in Relation to The Personal Data We Hold About You?

Under the applicable privacy laws, you have certain rights in relation to your personal data. Responses to exercise your rights will be provided within 30 days (or such other period under applicable law). You can exercise your rights by contacting via email at brjdpooffice@communityjameelsaudi.org

If your request is particularly complicated, we may extend the deadline for responding by a further 30 days (or such other period permitted under applicable law), but we will let you know if this is the case.

We will handle all requests in accordance with applicable law. However, depending on the right you wish to exercise, and the nature of the personal data involved, there may be legal reasons why we cannot grant your request. Further explanation of those rights and the exceptions to them are set out below.  

Details of how to exercise your rights are set out in the section below “How can you exercise your legal rights and change how we use your data?”.  

Your rights include the following:  

  • Right to access your personal data;
  • Right to be informed about our processing of your data [this Privacy Policy provides this information];  
  • Right to obtain personal data in a readable and clear format;  
  • Right to request correction, completing or updating of personal data;  
  • Right to request the destruction/erasure of personal data.  
  • Right to withdraw consent  

In any case, you also have the right to lodge a complaint with the competent data protection authority in accordance with applicable law if you consider that the processing of your personal data carried out by us infringes the applicable privacy laws.    

2.11 How Can You Exercise Your Legal Rights and Change How We Use Your Data?

In order to exercise any of your rights mentioned above, or if you have any questions or complaints about our use of your personal data, please send a request using the contact details specified at the end of this Privacy Policy. We may ask for some additional information to confirm your identity, which will only be used to process your request.

In your request, please try to make clear which right(s) you would like to enforce and provide any details which may help us answer your request.  

Where you fully or partially lack legal capacity (for example you are a child under 18) your legal guardian may be required by applicable law to exercise your rights on your behalf.

2.12 Security of Your Personal Data

To protect against the loss, misuse and alteration of the information under our control, we have in place appropriate physical, electronic and managerial procedures. For example, our servers are accessible only by authorized personnel and your information is shared with respective personnel on need-to-know basis to complete the transaction and to provide the services requested by you.

We also employ data encryption, anonymization, and coding methods to ensure that your personal data remains secure during storage and transmission. The level of security measures applied is adjusted based on the sensitivity and volume of the personal data we collect.

Although we will endeavor to safeguard the confidentiality of your personal data, transmissions made by means of the Internet cannot be made absolutely secure.  

To make sure your access to our services is secure, you should not share your log-in details with anyone else. When you finish using our services, you should log out if others may be able to access your computer or device. This is especially important if you are using a publicly accessible computer.

Be aware that there is an Internet fraud practice known as ‘phishing’ which is the illegal gathering of personal data by deception. Unsolicited emails are sent to individuals from lists illegally gathered by a third party, and recipients are asked to enter or reconfirm bank or password details into a cloned or illegal copy website.

3. How will we inform you of changes to this privacy policy?

If we change this Privacy Policy, we will let you know about the changes by publishing the updated version on our website. If such a change to the Privacy Policy requires your consent, you will have a choice to consent as to whether or not we may use your personal data in this different manner.  

We are committed to protecting and respecting your privacy and will continue to do so in any future changes we make to this Privacy Policy.

The Privacy Policy was last updated April 2026

4. How to get in touch with us and your right to complain to our supervisory authority?

4.1 How to get in touch with ALJ?

If you want to exercise any of your rights, or if you have any questions about this policy or our use of your personal data, please contact the Data Protection Officer.  

The Data Protection Officer for BRJ can be contacted via email at brjdpooffice@communityjameelsaudi.org

4.2 How to get in touch with SDAIA?

If you are not satisfied with how we handle your complaint, or if we fail to respond within 30 days, you have the right to file a complaint with the Saudi Data & Artificial Intelligence Authority (SDAIA).    

Email - Info@sdaia.gov.sa.  

Registered Office
Jameel Deep Tech Initiative, Saudi Arabia, Mulla Niazi Road, Jeddah 21411, KSA

Supported and Organized by

In Partnership with

A Network Member of

Delivery Partner

© Jameel Deeptech Initiative 2026. Saudi Arabia, Mulla Niazi Road, Jeddah 21411, KSA. All rights reserved. Privacy  /  Terms  /  CONTACT US