العربية
Search
Close
Contact form
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Main
>
Data Protection Policy

Data Protection Policy

1. Introduction

Musanid (its subsidiaries, including each Musanid operating company - together, "Musanid") is committed to ensuring the protection of Personal Data of its Customers, Employees, Business Partners, and any other individual.
The Data Protection Policy (hereinafter, the "Policy") explains how Musanid processes the personal data of clients, suppliers, employees, and other categories of natural persons, describing the principles applicable to personal data processing within Musanid.
Musanid's mission and objective is to observe privacy/data protection legal obligations and uphold the highest standards in all data processing instances throughout the entire personal data lifecycle.
The Policy provides high-level guidance on Musanid's actions relating to personal privacy and data protection and serves as a statement of management’s commitment to meeting required standards.

2. Definitions

  • Personal Data: Any information regarding an identified or identifiable natural person.
  • Data Subject: The natural person identified or identifiable through personal data processing. An identifiable natural person can be identified directly or indirectly through elements such as a name, identification number, location data, online identifier, or other specific features related to physical, physiological, genetic, mental, economic, cultural, or social identity.
  • Processing: Any operation or set of operations performed on personal data or data sets, with or without automated means, such as collection, recording, organization, storage, adaptation, modification, extraction, consultation, use, disclosure, alignment, restriction, erasure, or destruction.
  • Recipient: The person or entity to whom personal data is disclosed, whether a third party or not.
  • Data Protection Officer/Responsible: The person at Musanid responsible for data protection compliance, whether officially appointed as a Data Protection Officer or assigned specific tasks in this area.
  • Record of Processing Activities: A registry created by Musanid to document the processing activities it performs.
  • Processor/Data Importer: A person or entity processing personal data on behalf of the controller/operator.
  • Controller/Operator: The person or entity determining the purposes and means of personal data processing.
  • Third Party: A person or entity other than the data subject, controller/operator, or processor, authorized to process personal data under the controller's authority.
  • Musanid Group: All operating companies wholly or partially owned by Musanid, unless explicitly excluded.
  • LATAM: Latin America.
  • MENA: Middle East and North Africa.
  • APAC: Asia Pacific region.
  • CIS: Commonwealth of Independent States.

3. Scope

Musanid processes personal data for various general purposes, listed in the record of personal data processing activities in the form of a registry. This Policy applies to all Personal Data Processing conducted for or by Musanid.
This Policy must be followed by all employees, contractors, consultants, and third-party personnel with access to Musanid resources.

4. Application of National Law

This Policy outlines principles for personal data processing to be observed within Musanid but does not replace applicable data protection laws in the countries where Musanid operates. Local legislation prevails if it contains divergent provisions or additional conditions. Specific requirements for reporting or authorization must also align with national legislation.

5. Principles of Data Processing

  1. Fair and Lawful Processing: Musanid ensures a legitimate business purpose and, where required, a legal basis for processing personal data.
  2. Data Minimization: Collection and retention are limited to what is strictly necessary.
  3. Transparency: Data subjects are informed about how and why their data is processed.
  4. Respect for Data Subject Rights: Musanid ensures the rights of data subjects, such as access, rectification, and erasure.
  5. Accuracy: Personal data must be up-to-date and complete.
  6. Security: Appropriate safeguards are applied, even when processed by third parties.
  7. International Transfers: Data is transferred in compliance with applicable laws.
  8. Accountability: Musanid demonstrates compliance with privacy obligations.

6. Rights of the Data Subject

Musanid observes the following rights of data subjects:

  • Right to Information and Transparency: Ensuring data subjects are informed about processing.
  • Right to Access: Allowing data subjects to access their data.
  • Right to Rectification: Enabling data subjects to correct incomplete or inaccurate data.
  • Right to Restrict Processing: Restricting data processing upon request.
  • Right to Erasure ("Right to Be Forgotten"): Deleting personal data under specific conditions.
  • Right to Data Portability: Providing a copy of personal data to the data subject or a third party.
  • Right to Object: Allowing objections to processing, including for direct marketing purposes.

7. Disclosure of Personal Data and International Transfers

  • Disclosure Purposes: Personal data may only be disclosed for lawful purposes or with the data subject's consent.
  • Processors/Data Importers: Third parties processing data on Musanid's behalf must ensure adequate protection.
  • International Transfers: Transfers to other countries must ensure equivalent protection levels.

8. Compliance

The Global Data Protection Officer owns this Policy. Compliance is ensured through audits, self-assessments, and monitoring. Violations may result in disciplinary actions or legal consequences.