Privacy Policy

RSG collects personal data needed to provide its Services, including:

• Account Profile Data such as First Name, Last Name, Title, Email, Phone, Country / Region / City of Residence, Nationality, Date of Birth, Gender, Preferred Language.

• Behavioral Data such as IP Address, MAID (mobile advertising ID), website and app visits and interactions via cookies, website search history, customer rating, survey results, free form textual feedback, spending amount, selected services, interests, preferred resorts and experiences, email preferences, consent preferences, contact method preference.

• Booking Data such as Booking reference numbers, resort and room selection, amount spent, room preference, experiences reserved, mobility services selected, traveling from airport, arrival and departure dates, additional guest names.

Business Operations:

• Process and store data in our systems for providing our services and to improve our services and for quality and training purposes.

• Follow up on customer enquiries, requests and feedback via phone, email, SMS and WhatsApp.

• Activate essential cookies for website functionality.

• Survey data processing and contact over survey results through phone, email, SMS and WhatsApp.

Analytics:

• Analyze user behaviour in the website and mobile app and across direct communication channels, like email, phone, chat, SMS, WhatsApp, website and app push.

• Attribute customer interactions and conversions to specific marketing activities or campaigns via URL tracking and/or pixels at the user level.

• Create user profiles and segments based on user behaviour and/or profile information.

• Process survey data for statistical analysis and product & service enhancements.

• Process user personal data for profiling, behaviour analysis purposes and predictive models through the use of AI or algorithms.

Personalization:

• Personalize communications and offers via email, WhatsApp, phone, SMS and mobile/web push notifications.

• Personalize website and mobile app content based on profile and/or behavioural data.

• Personalize advertising campaigns based on profile and/or behavioural data.

• Personalize services based on customer feedback, requests or predictive models.

Marketing and Advertising:

• Send commercial emails, promos or newsletters.

• Communicate promotions or marketing campaigns via SMS or WhatsApp.

• Send push notifications through the website and app.

• Communicate specific offers over the phone.

• Activate customer feedback surveys and collect survey data.

• Share (hashed) personal data with advertising platforms to perform retargeting campaigns on online advertising platforms, for users who already visited the website, provided their personal details or otherwise interacted on other communication channels.

• Create custom advertising audiences based on prospective customers and booking customers for the purpose of look-alike targeting, suppression or custom targeting on online advertising platforms.

RSG does not use or share its customers information with others unless as described in this Privacy Policy. In certain circumstances, RSG will share your information with third parties, as necessary, or as otherwise required or permitted by PDPL. Specifically, RSG may share your information:

• With service providers and vendors for business purposes in its legitimate interests, or to perform a contract with you. Such third parties include: (i) data analytics vendors; (ii) security vendors; and (iii) website hosting vendors. These service providers assist RSG with many different functions and tasks, such as providing data storage and disaster recovery services.

• When RSG’s customer request to share certain information with third parties, with consent or to perform a contract with the customer. With the customer’s permission or upon the customer’s discretion, RSG will disclose the customer’s information to relevant third parties.

• With professional advisors, in RSG’s legitimate interests or as required by law. As necessary, RSG will share its customers’ information with professional advisors functioning as service providers such as auditors, law firms, or accounting firms.

• For legal and security reasons and to protect RSG’s services and business, in RSG’s legitimate interests or as required by law. RSG will share its customers’ information with regulators, law enforcement agencies, public authorities, or any other relevant organizations: (i) in response to a legal obligation; (ii) if RSG has determined that it is necessary to share customers information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries; (iii) to protect the interests of, and ensure the safety and security, of RSG, its stakeholders, a third party or the public; (iv) to exercise or defend legal claims; and (v) to enforce RSG’s terms and conditions.

• With RSG affiliates, in its legitimate interests. RSG may share its customers’ information with companies within its corporate group.

• In connection with an asset sale or purchase, a share sale, purchase or merger, bankruptcy, or other business transaction or re-organization, in RSG’s legitimate interests. RSG will share customers’ information with a prospective buyer, seller, new owner, or other relevant third party as necessary while negotiating or in relation to a change of corporate control such as a restructuring, merger, or sale of RSG assets.

• Analyze user behavior on the website and across direct communication channels, like Email, SMS, WhatsApp, Push; (ii) attribute conversions to specific campaigns via URL tracking and/or pixels at user level. (iii) create user profiles and segments based on user behavior; (iv) process survey data for statistical analysis and product enhancements; (v) process user personal data for profiling, behavior analysis purposes and predictive models using AI or algorithms.

• Send marketing and/or commercial emails, promos, or newsletters; (ii) communicate promotions or marketing campaigns via SMS or WhatsApp; (iii) send push notifications through the website and app; (iv) communicate specific offers over the phone; (v) activate customer feedback surveys and collect survey data; (vi) share (pseudonymized) personal data with advertising platforms to perform a retargeting campaign on Paid Media for users who already visited the website or otherwise interacted on other communication channels; (vii) create Lookalike audiences of prospective customers and/or converted customers to activate campaigns on online advertising platforms.

As RSG is based in the Kingdom of Saudi Arabia, the Personal Data that it collects from its customers will be transferred to, stored, and processed within the Kingdom of Saudi Arabia. Where permitted by the PDPL, RSG may also transfer its customers’ information internationally as necessary for it to provide the services to its customers, including to RSG’s service providers.

RSG will take all reasonable steps necessary to ensure that its customers’ information is treated securely and in accordance with this Privacy Policy and applicable privacy laws.

RSG will retain your Personal Data as follows:

• Customers information will be retained for as long as needed to provide RSG Services to the customer.

• If a customer contact RSG requesting permeant disposition of their information, RSG will keep the information for 5 years after the customer contacts RSG or RSG will also retain and use its customers information to the extent necessary to comply with RSG’s legal obligations, resolve disputes and enforce RSG’s terms and conditions, other applicable terms of service, and RSG policies. After these periods, RSG may store its customers information in an aggregated and anonymized format, and it may use this information indefinitely without further notice to its customers.

RSG collects, uses, and discloses Personal Data to provide its customers with the product or service they have requested and to offer them additional products or services RSG believes its customers might be interested in. The purpose for which we collect Personal Data will be identified before or at the time RSG collects the information. RSG may collect Personal Data to provide a service, where an individual’s consent may be implied. Implied consent is consent that is not given explicitly, but which can be inferred based on the individual’s actions and the facts of a particular situation as part of the process of delivering the service.

Knowledge and consent are required for the collection, use or disclosure of Personal Data unless otherwise required or permitted by law. Customers always have the choice to provide their Personal Data to RSG. However, the customer decision not to provide certain information may limit RSG’s ability to provide them with RSG’s products, service, or may limit functionality.  However, there are specific cases in which information will be processed even without the data owner’s consent. These cases are specified by the PDPL as per the following:

• If the Processing serves actual interests of the customer, but communicating with the customer is impossible or difficult.

• If the Processing is pursuant to another law or in implementation of a previous agreement to which the customer is a party.

• If the Controller is a Public Entity and the Processing is required for security purposes or to satisfy judicial requirements.

• If the Processing is necessary for the purpose of legitimate interest of the Controller (RSG in this case), without prejudice to the rights and interests of the customer and provided that no Sensitive Data is to be processed.

The Personal Data collected will be limited to those details necessary for the purposes identified by RSG. With the customer consent, RSG may collect Personal Data from them in person, over the telephone or by corresponding with to customers via mail, or the internet. Other possible methods of the collection of Personal Data (not limited to), direct interactions, using RSG products or services, social media interactions, browsing the website, applying for a job, registering to become a supplier, etc.

Personal Data may only be used or disclosed for the purpose for which it was collected unless the customer has otherwise consented, or when it is required or permitted by law.

Personal Data will only be retained for the period required to fulfill the purpose for which we collected it or as may be required by law and as forementioned in section 6 of this policy.

Personal Data will be protected by security safeguards that are appropriate to the sensitivity level of the information. RSG takes all reasonable precautions to protect its customers’ Personal Data from any loss or unauthorized use, access, or disclosure.

RSG will make information available to its customers about its policies and practices with respect to the management of its customers’ Personal Data.

RSG would like to make sure its customers are fully aware of all their data privacy rights, in which RSG customers are entitled to the following:

• Right to know / information: A customer has the right to know about RSG (data controller) contact details, the exact reason the data is being collected, the methods being used for data collection, and whether this collected data will be shared.

• Right to request access or copy: A customer has the right to access their Personal Data from RSG (data controller) and obtain a copy of it in a clear and readable format, in conformity with the content of the records. In most cases this will be at no cost, however a, ’reasonable fee’ for the administrative costs of complying with a request if it is manifestly unfounded or excessive, or if a customer requests further copies of their data may be assessed at the time of the request.
• The right to request correction / rectification: A customer has the right to request that RSG (data controller) correct any information they believe is incomplete, inaccurate, or obsolete. The customer also has the right to request RSG to complete the information they believe is incomplete.

• The right to destruction / erasure: A customer has the right to request that RSG (data controller) erases their personal data. The reasons can range from rescinding the customer’s consent for data collection to the data no longer serving the purpose for which it was collected.
• The right to limit/restrict processing: A customer has the right to limit or object to the processing of their Personal Data by RSG (data controller) or any of its contracted data processors.

• The right to data portability: A customer has the right to request that RSG (data controller) transfer the data that it has collected to another organization, under certain conditions.

• Automated individual decision: A customer has the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects unless it is necessary for entering into, or performance of a contract between the customer and RSG (data controller), or at the customer’s explicit consent.

In certain circumstances permitted by regulation, or law, RSG will not disclose certain information to its owner. For example, RSG may not disclose information relating to a customer if other individuals are referenced or if there are legal, security or commercial proprietary restrictions.

If a customer makes a request related to any of the above rights to which they are entitled, RSG will fulfill these requests within 30 calendar days and record all data subject requests received. RSG will inform its customers of required extensions for fulfillment of raised requests should the resolution of the request require more than 30 calendar days.

Complaints

If a customer has any complaints about how we process their information, they may contact us at Privacy@RedSeaGlobal.com and we will respond to their request as soon as possible.

Contact RSG

If a customer has any questions regarding this policy, please do not hesitate to contact RSG at Privacy@RedSeaGlobal.com

Contact Appropriate Authority

Should a customer wish to report a complaint or if the customer feels that RSG has not addressed their concern in a satisfactory manner, they may contact The Saudi Data & Artificial Intelligence Authority (“SDAIA”) at Suggestions@sdaia.gov.sa

By using this website, you signify your acceptance of the use of cookies on this website, as set out in this cookie policy. If you do not accept the use of cookies on this website as described, please stop using this website or disable the relevant cookies. Your continued use of this web site following the posting of changes to this cookie policy will mean that you accept those changes.

1. What are Cookies?

Cookies are text files generated by a website and placed on your computer or on any other device you are using to access the website. Point 2 of this section and the table below contain further details about the cookies used on this website and their purposes.

No cookies on this website capture a user’s name or other information that would identify the user personally. They merely identify a computer or other device. All information collected by cookies on this website is aggregated and therefore anonymous.

Information collected by the cookies on this website will not be disclosed to third parties.

Session cookies do not store information on the hard disk of your computer or other device and they expire at the end of your browsing session i.e. when you close your browser window the session cookie and information it collected is deleted. Persistent cookies are stored on your computer or other device, and they remain there after you close your session until you delete them manually or until your browser deletes them based on the pre-determined period contained within the persistent cookie’s file. This website uses Session cookies and not Persistent cookies.

This website uses both first party and third-party cookies, below contains more detailed information about the use of third-party cookies in particular analytics cookies.

“Strictly Necessary Cookies” for functionality of this website’s platform. These cookies are essential in order to enable users to move around this website and use its features.

“Performance Cookies” which collect information about how users navigate this website, for instance which pages users access most frequently.

“Functionality Cookies” which allow this website to remember choices you make.

“Targeting or Advertising Cookies” used to deliver adverts relevant to an identified machine or other device (not a named or otherwise identifiable person) which are tailored to interests associated with the website activity tied to that machine or device. These cookies are also used to limit the number of times a user sees an advertisement as well as to help measure the effectiveness of the advertising campaign. They may also remember that this website has been visited from a device and share that information with marketing organizations.

For more general information about cookies and how to disable them through your browser, visit www.allaboutcookies.org.

To manage your cookie preferences access Cookies Settings.

2. Does the policy apply to linked websites?

Our websites may contain links to other websites. This cookie policy only applies to this website so when you link to other websites you should read their own cookie policies.

3. How do we update this Cookie Policy?

We conduct regular reviews of this Cookie Policy, and any updates will be published on this webpage.

Red Sea Global (“We”, “Our”, “Us”) is committed to protecting and respecting your privacy. We are a closed joint stock company owned by the Public Investment Fund of Saudi Arabia with an office at Building 7071, King Abdullah Financial District (KAFD), Al-Aqiq 2827, Riyadh 13519, Saudi Arabia, and for the purpose of applicable data protection laws, we are the “Data Controller”.

This Privacy Policy sets out the basis on which we will process any information and data we collect from you, or that you provide to us, in connection with your use of our website at www.visitredsea.com (the “Website”) and in connection with the property information services we provide to you (together, the “Services”).

Please read this Privacy Policy carefully so that you understand your rights in relation to your information, and how we will collect, use and process your information. This Privacy Policy supplements any other privacy related notices and policies we may provide to you from time to time and is not intended to override them. If you do not agree with this Privacy Policy in general or any part of it, you should not access the Website, use our Services or otherwise provide your information to us.

Our Website and Services are not intended for children, and we do not knowingly collect data relating to children. Children (below 18 years old) must not use the Services.

We change our Privacy Policy from time to time and we will note on our Website when our Privacy Policy has been updated. Please check the Website regularly for notices of changes to our Privacy Policy. Updates to our Privacy Policy will apply only to information collected after the date of the change.