Your privacy is important to us. This Privacy Notice explains what personal data we process, how we process it, and for what reasons.
Please note that we will ask for your consent before using your personal data for a purpose other than those that are set out in this Privacy Notice.
We are NEOM Company. NEOM Company is a legal entity that is based in the Kingdom of Saudi Arabia and is responsible for building NEOM. As a business entity in Saudi Arabia we comply with the laws of Saudi Arabia as well as other global laws and regulations that NEOM Company might have to comply with.
This privacy notice explains how we use information about you and how we protect your privacy.
NEOM Company is responsible for ensuring that we:
- only collect and use the personal information necessary to provide you with a service, or for our interaction with you
- maintain the highest standards necessary to protect your personal information
Our contact details
Our Data Privacy Office monitors NEOM Company’s compliance with the law and provides advice.
If you have any concerns or questions about how we look after your personal information, contact our Data Privacy Office at the following email address:
What personal information do we collect ?
Personal information is anything that identifies and relates to a living person. It can include information that when put together with other information can identify a person.
At NEOM, and in alignment with the principle of data minimisation, we collect personal data only when needed. The data collected may vary depending on your relationship with NEOM.
We usually collect the following information:
- contact details such as your phone number, Email, address ...etc
- CCTV footage taken from our premises
- information you provide which is required to access and use our systems and receive our services
- technical information (e.g. IP address / Cookies / system or service-specific technical information)
- if you are a job applicant, we will collect additional information such as employment history, date of birth, nationality and other relevant information to enable us to conduct background checks
Where do we get your personal information ?
We get most of the personal information we use from the following resources:
- yourself, and from what we learn about you through your interactions with us
- the technology you use to access our systems and receive our services
- information from publicly available sources within the boundaries of the law
- in certain situations, we might obtain data from additional resources to the ones mentioned above (e.g. background checks in the hiring process)
Why do we need your personal information?
We only use data for the purpose it was collected for, and we may need to use your personal information to:
- carry out our internal business purposes, such as corporate transactions, audits, and data analysis
- comply with legal or contractual requirements
- ensuring public safety and security on premises
- deliver services and support to you
- provide you with access to our systems to enable you to receive our services
- help investigate any worries or complaints you have about our services
- help with research and planning of new services and improve current services
- prevent and detect crime and fraud
We sometimes store small files called cookies on your computer or other device to help improve your experience on our website. We collect web statistics automatically about your visit to our site based on your IP address. This information is used to help us in improving your experience on our website.
Who do we share your personal information with
We only share information if necessary and in compliance with applicable regulations, for example:
- sometimes we have a legal duty to provide personal information to other organisations. This includes disclosures we are required to make by law, and to detect or prevent fraud
- we may share your personal information with a range of organisations to store personal information on our behalf or help deliver our services. When we do this, we always have an agreement in place to make sure that the organisation complies with data protection law to keep your information safe
- we also share some personal information within NEOM Company to ensure the successful delivery of services
When we share your information, we make sure the organisation it is sent to has the required level of data protection in place and we take additional steps to protect your information.
How we protect your information
We work hard to ensure that the records we hold about you are looked after securely, and are only available to those who have a right to see them. One of the ways we do this is by implementing technical and organisational measures, such as:
- controlling access to systems and networks
- training of staff so they understand how to look after your information
- putting in place controls over where data is stored
- deleting personal information when it is no longer needed
How long do we keep your personal information
Your personal data is only stored for as long as it is necessary, according to defined retention periods, for the purposes for which it was collected, and for satisfying any legal, regulatory, accounting or reporting requirements. This length of time may vary depending on individual circumstances. We regularly review our data retention period to ensure we are not keeping your data for longer than necessary.
Your rights in relation to your personal information that we collect and use
Under applicable laws, you may have certain rights in relation to your personal data. These rights may include:
- right to access the personal data we hold of you
- right to receive your personal data in NEOM Company’s possession
- right to be informed of the purpose concerning the collection and processing of your personal data
- right to restrict processing in certain cases
- right to rectify and update your personal data in NEOM Company’s possession
- right to ask for your personal data in NEOM Company’s possession to be deleted
- right to withdraw your consent and object to processing
The data subject rights listed above may be subject to certain exemptions, such as:
- when the request contradicts a legal obligation (e.g. we need to keep processing your information in accordance with employment law)
- when compliance with the performance of a contract or to enter into a contract becomes impossible in the absence of your consent
- when we do not control your data (in this case, we can tell you who is your Data Controller and we can help you redirect your request to them)
- when your information may be related to a potential crime: (e.g. your data may be essential for the prevention or detection of a crime, for example fraud, money laundering, or suspicious transactions)
- when the information is necessary for the establishment, exercise or defense of legal claims
How to exercise your rights
You can exercise any of these rights, ask questions about how we use your personal data or complain by contacting us at:
Privacy Notice changes
In the future, we may revise or amend this Privacy Notice at any time by amending this page. All changes will be made here so you will always know what information we gather, how we might use that information and whether we will disclose it to anyone