🌍Privacy Policy & Acceptable Use Policy
Mashaariq Al Thahabiya – Sana
شركة مشارق الذهبية – سنا (Mashariq Al Thahabiya – Sana)
Welcome to the official website of Mashaariq Al Thahabiya – Sana.
We value the trust of pilgrims and our partners. This Privacy & Acceptable Use Policy explains how we collect, use, and protect your data, and it sets the rules for using our platform. By using this site, you agree to comply with this policy and with the regulations of the Ministry of Hajj and Umrah.
Section I — Privacy Policy
1) Who We Are
-
Website: https://sana.mashariq.com.sa
-
Controller: Mashaariq Al Thahabiya – Sana operates this platform to deliver electronic services for international pilgrims.
2) Information We Collect
We may collect:
-
Personal Data: full name, passport number, nationality.
-
Contact Data: email address, phone number.
-
Payment Data: details required to process financial transactions.
-
Health Data: (e.g., vaccinations or relevant medical status when required).
-
Technical Data: IP address, browser type, device information, cookies.
3) How We Use Your Information
Your data may be used to:
-
Manage bookings and services (accommodation, transportation, catering).
-
Provide technical support for e-services.
-
Communicate with you regarding your requests and services.
-
Ensure cybersecurity and prevent fraud.
-
Comply with the Ministry of Hajj and Umrah requirements and applicable Saudi regulations.
4) Sharing Your Information
We may share your data with:
-
The Ministry of Hajj and Umrah and other competent government authorities.
-
Authorized service providers (transportation, accommodation, catering).
-
Security or judicial authorities where legally required.
5) Information Security
We implement appropriate technical and organizational measures, including:
-
Encryption of data in transit and at rest.
-
Firewalls and intrusion detection/monitoring systems.
-
Multi-factor authentication for sensitive access.
-
Least-privilege access controls.
6) Your Rights
Subject to applicable law, you may:
-
Access your personal data.
-
Request correction of inaccurate data.
-
Request deletion (unless retention is legally required).
-
Withdraw consent to processing (where processing is based on consent).
-
Request data portability where feasible.
7) Data Retention
We retain data only as long as necessary to provide the service or as required by law/contract, after which it is securely deleted.
8) Cookies
We use cookies to facilitate sign-in, remember preferences, enable analytics, and enhance security. You can disable cookies in your browser settings, though some features may not function properly.
9) Policy Updates
We may update this Privacy Policy. Material changes will be communicated through the platform.
Section II — Acceptable Use Policy (AUP)
1) Scope & Purpose
This policy governs use of Sana’s website, portals, APIs, and applications by pilgrims, delegates, employees, contractors, and partners (“Users”). Its purpose is to protect the service and data, and to ensure compliance with Saudi law and Ministry of Hajj and Umrah regulations.
2) Definitions (Brief)
-
Personal Data: information identifying a person (e.g., name, passport number).
-
Access Credentials: username, password, verification codes, API keys/tokens.
-
Malicious Software: viruses, trojans, ransomware, spyware, or any harmful code.
3) Eligibility & Account Security
-
Access is limited to authorized users.
-
Keep your credentials confidential; do not share or reuse them on other services.
-
Enable multi-factor authentication where available.
-
Report suspected account compromise immediately: support@mashariq.com.sa
4) Permitted Uses
-
Use the platform solely for Hajj-related services (registration, updates, tracking).
-
Provide accurate, up-to-date information and upload only the required documents.
-
Comply with all relevant regulations and Hajj requirements.
5) Prohibited Practices
You must not:
-
Share, sell, or transfer your account/credentials.
-
Attempt unauthorized access, vulnerability scanning, or control bypass.
-
Upload/distribute malware or harmful content.
-
Manipulate records, forge documents, or impersonate others.
-
Scrape/extract data at scale or outside authorized features.
-
Post illegal, abusive, inciting, or hate content.
-
Use the platform for non-Hajj purposes, advertising, or spamming.
-
Infringe intellectual property rights.
6) Content & Data Handling
-
Upload only content you are legally entitled to share and that is necessary for the service.
-
Do not disclose others’ personal data without explicit legal authorization.
-
Follow the Privacy Policy for all processing activities.
7) Devices, Networks & Remote Work
-
Keep devices updated, with anti-malware enabled and screen-lock active.
-
Avoid public/shared devices; if unavoidable, log out and clear the session.
-
Do not use insecure networks or obfuscation tools to conceal misuse.
8) Third-Party Services
-
Embedded services/content are subject to their own terms.
-
You remain responsible for complying with this AUP when interacting with third-party services via our platform.
9) Monitoring, Audit & Retention
-
Sana may monitor and log activities to ensure security and compliance.
-
Logs may be retained to meet legal or contractual obligations.
10) Security Incidents & Reporting
-
Report any security incident or suspected vulnerability immediately to:
support@mashariq.com.sa -
Do not disclose vulnerabilities publicly; follow responsible disclosure.
-
Follow any temporary mitigation instructions during incident handling.
11) Enforcement & Sanctions (Progressive)
-
Warning/notice → Temporary restriction → Account suspension → Termination → Notification to authorities → Legal action.
-
Sana may block IPs, revoke tokens, or require password resets.
12) Appeals
-
You may submit an appeal within 10 business days of notification to:
support@mashariq.com.sa
Include supporting documentation.
13) Policy Changes
-
Sana may update this AUP. Continued use constitutes acceptance of updates. Material changes will be communicated via the platform.