privacy policy

Al Matar Al Arabi Travel and Tourism Company (“Al Matar,” “we,” or “us”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, share, store, and protect personal data obtained through our website (https://almatar.com), mobile applications, and offline interactions. This Privacy Policy applies to all visitors, customers, employees, and users of our digital platforms and services, collectively referred to as “you” or “the customer.”

By accessing our website, mobile applications, or engaging with us, you consent to the collection and use of your personal data as described in this policy. Al Matar strictly adheres to the KSA Personal Data Protection Law (PDPL) , which governs how personal data is handled within the Kingdom of Saudi Arabia.

Here you learn more about how to use almatar.com regarding the utilization of your personal information that we get to receive directly from your end through our website and or the mentioned versions of our applications. Users should take into consideration that these policies do not apply to the company partners, affiliates or any other party despite referencing them in our website, therefore, a user should learn about each party’s privacy policy before interacting with them. We collect several different types of information for various purposes to provide and improve our Service to you.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you

We collect different types of personal data depending on the interaction between you and Al Matar. This includes, but is not limited to:

• Contact Information:

  What we collect: Your full name, email address, phone number (mobile and landline), residential address, city, state, postal code, country, and IP address.
  Why we collect it: We need this data to communicate with you, process your bookings, issue invoices, and provide customer support.

• Passenger Information:

  What we collect: Passport details, National ID, visa information, nationality, gender, birthdate, travel preferences, seating preferences, and special dietary needs.
  Why we collect itc: This information is essential for processing your bookings, ensuring compliance with international travel regulations, and customizing your travel experience.

• Payment and Billing Information:

  What we collect: Billing name, billing address, payment method (we do not store credit card numbers). Credit card transactions are processed by our secure payment partner, CC Avenue.
  Why we collect it: To process payments, manage refunds, and send invoices.

• Transactional Data:

  What we collect: Records of bookings, cancellations, payments made, payment methods used, and services purchased.
  Why we collect it: To maintain accurate records of transactions for accounting, legal compliance, and customer service.

• Technical and Device Information:

  What we collect: Your device type, operating system, browser version, IP address, cookies, browsing activity, and any technical errors encountered while using our services.
  Why we collect it: To optimize your experience on our website, ensure system security, and gather statistical data on site usage.

• Cookies and Tracking Information:

  What we collect: Data related to your browsing behavior, including the pages you visit, the time spent on our website, and the actions taken. We use cookies, web beacons, and similar technologies to track this information.
  Why we collect it: To improve site functionality, personalize content, analyze usage trends, and enhance our marketing efforts.

• Sensitive Personal Data:

  What we collect: Medical conditions (e.g., for special assistance), disability status, or dietary requirements.
  Why we collect it: To comply with legal obligations and to ensure your health, safety, and comfort during your travel experience.
  Note: Sensitive personal data will only be processed with your explicit consent or when required by law.

We use the personal data we collect from you for a variety of business purposes. Below is a detailed explanation of how we process your information:

• Service Provision:

  Purpose: To process bookings for flights, hotels, and related services. This includes verifying your identity, confirming your reservation, and communicating with you about your travel arrangements.
  Legal basis: Contractual necessity — processing is required to fulfill our contractual obligations to you.

• Customer Support:

  Purpose: To provide assistance, respond to inquiries, and handle complaints or disputes.
  Legal basis: Legitimate interest — it is in our interest to ensure a smooth and effective customer support experience.

• Marketing and Promotional Communications:

  Purpose: To send you special offers, newsletters, and information about services or promotions that may be of interest to you. You may opt-out at any time by clicking “unsubscribe” in the email or contacting us directly.
  Legal basis: Your explicit consent.

• Compliance with Legal Obligations:

  Purpose: To comply with legal, tax, and regulatory requirements, including anti-money laundering (AML) laws and fraud detection regulations.
  Legal basis: Legal obligation — processing is necessary for us to comply with applicable laws.

• Security and Fraud Prevention:

  Purpose: To protect our business and customers from fraudulent activities, cyber threats, and unauthorized access.
  Legal basis: Legitimate interest — it is in our interest to safeguard our website, services, and users from fraud and security breaches.

• Service Optimization:

  Purpose: To improve our website, applications, and services by analyzing usage patterns, troubleshooting errors, and optimizing the user experience.
  Legal basis: Legitimate interest — processing data allows us to provide an efficient and functional service.

• Data Aggregation and Analytics:

  Purpose: To analyze aggregated, non-identifiable data for market research, product development, and improving customer service offerings.
  Legal basis: Legitimate interest — analyzing usage data helps us refine our services and meet customer needs.

- In order to provide you with the needed service, we need to know every traveler’s name. If you are making a reservation on behalf of someone, please get their approval first regarding using their personal information.

• To make reservations, book tickets and proceed with transactions.
• To offer a custom travel experience and provide a better travel experience.
• To reach a smoother user experience through collecting and analyzing users’ data.
• To improve our customer service.
• To provide more convenient and user-based offers and discounts.
• To be able to send you texts and email you in order to have a contact with you.
• To have a communication based on data with our authorities.

We share your personal data only in specific circumstances and in accordance with the KSA PDPL.

• Third-Party Service Providers:

  Who we share with: Payment processors, booking partners (e.g., airlines, hotels), IT service providers, customer service platforms, and marketing platforms.
  Why we share: To process transactions, fulfill bookings, and provide related services. All third-party providers are bound by confidentiality agreements to protect your data.

• Legal and Regulatory Authorities:

  Who we share with: Law enforcement, governmental agencies, or courts.
  Why we share: To comply with legal obligations, respond to legal requests, or protect our legal rights.
  Example: We may be required to share booking data with the Saudi government under specific travel regulations.

• Business Transfers:

  Who we share with: Successors or acquirers in the event of a business sale, merger, or acquisition.
  Why we share: In the event of such a transaction, customer data may be transferred as part of the business assets.
  Example: If our business is acquired, customer data may be transferred to the new owner.

• Marketing and Advertising Partners:

  Who we share with: Third-party platforms for targeted advertising and marketing purposes.
  Why we share: To deliver personalized advertisements and promotions that are relevant to your interests.
  Example: We may use your browsing behavior to display customized advertisements for travel services on other websites.

• With Your Consent:

  Who we share with: Any third parties to whom you have explicitly consented to share your data.
  Why we share: You may request us to share your information with third parties for specific services or offers.

When you install “almatar” app we collect the following data:

• The information you get to provide us with, either by creating an account or through connecting your social media account to the website. Hence, we get to collect information like (First and Last Name, Email Address and Phone Number)
• The information you get to enter while using any of our services, for example:
  • Personal information like (Email Address, Name, Phone Number, IMEI and IP Address)
  • Travel information like trip details.
  • Reservations information like destination and dates.
  • Other information like browsing experience through the app and the website.
• In addition to collecting and using your information after getting your permission.

• To help you book a trip or make a reservation and to contact us in case of any issue.
• To sign you up on our website and/or application, so that you can benefit from our services. You get to cancel your subscription anytime through contacting us.
• For further questions feel free to email our friendly support team.

Data protection in almatar application

• IMEI
  IMEI is the serial number of every phone. We receive that number when our app gets installed on a cell phone, so that we can identify the number of downloads and the clicks on our ads.
• IP address
  We collect the IP address to help preventing violation attacks that might cause damages to our website and our operation.
• Applying GPS after getting your permission
  When you use almatar app, you can allow reaching your location through GPS to locate hotels and airports. If you chose to allow GPS, we will randomly collect information about your location updates to get them recorded in our servers. You can cancel it anytime in your phone settings.
• Reading texts after getting your permission
  We read your phone texts after getting your permission to verify your account.
  We use the information we collect to be familiar with the problems a user faces and to fix website and application bugs. Sometimes we send this information to trusted service providers to help us provide a better service.
  Also, we collect information about cell phone activities to help identify the points that matter to our users, so that we can improve it.
  You can always control the amount of information your cell phone sends to us through changing your phone settings or even remove the application entirely and continue using our services through our website.

We take the security of your personal data seriously and have implemented robust security measures to protect your information. These include:

• Technical Measures:

  Encryption: All sensitive data, including payment details, is encrypted both in transit and at rest using industry-standard protocols.
  Firewalls: We use firewalls to protect our systems from unauthorized access and cyber threats.
  Access Control: Access to personal data is restricted to authorized personnel only, and all staff handling personal data undergo regular security training.

• Organizational Measures:

  Policies: We have established internal policies and procedures to ensure compliance with the KSA PDPL and other applicable regulations.
  Incident Response: In the event of a data breach, we will notify affected individuals and regulatory authorities as required by law.

• Retention of Data:

  We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable law. When your data is no longer required, it will be securely deleted or anonymized.

As a data subject under the KSA PDPL, you have specific rights regarding your personal data. These rights include:

• Right to Access:

  You have the right to request access to your personal data and receive a copy of the data we hold about you.

• Right to Rectification:

  You have the right to request corrections to any inaccurate or incomplete data we hold about you.

• Right to Erasure (Right to be Forgotten):

  You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent.

• Right to Restrict Processing:

  You have the right to request limitations on how we process your personal data under certain circumstances.

• Right to Data Portability:

  You have the right to
  request that we provide you with a copy of your personal data in a structured, commonly used, and machine-readable format, or that we transfer your data to another data controller.

• Right to Object:

  You have the right to object to the processing of your personal data if the processing is based on our legitimate interests or for direct marketing purposes.

• Right to Withdraw Consent:

  If we process your personal data based on your consent, you have the right to withdraw that consent at any time.
  To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days in accordance with the KSA PDPL.

For any data protection-related inquiries, you may contact our Data Protection Officer (DPO) using Subject: Privacy Concern / Data Deletion / Access Request

Data Protection Officer

Email: [email protected]

Address: Al Matar Al Arabi Travel and Tourism Company

P.O. Box 12313, Riyadh 3701

Al Matar may transfer personal data to countries outside Saudi Arabia if necessary to fulfill our contractual obligations or comply with legal requirements. When transferring data internationally, we will ensure that adequate safeguards are in place, including the use of standard contractual clauses or equivalent protection measures, to protect your personal data.

This Privacy Policy was last updated on [insert date]. We reserve the right to update this policy at any time to reflect changes in our data practices or legal obligations. Any updates will be published on this website, and we will notify you of significant changes where required by law.

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:

• Session Cookies. We use Session Cookies to operate our Service.
• Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
• Security Cookies. We use Security Cookies for security purposes.

Again, we stress that agreeing to visit our Privacy Policy page on a regular basis necessarily implies your acceptance to the edits we make in both our website and our official application, which is available in three versions (IOS, Android and Windows). Users should take into consideration that these policies do not apply to the company partners, affiliates or any other parties despite refereeing to them in our website, therefore, a user should learn about each party’s privacy policy before dealing with them. If you have any questions, kindly email us at: [email protected]