Privacy Policy for the Gurgoora Platform

Preamble

Gurgoora is committed to respecting the privacy of its users, customers, and visitors to its website and platform, and to protecting their personal data through reasonable technical and organizational measures, in line with the nature of its services, products, and applicable laws.

This Policy explains how Gurgoora collects, uses, stores, processes, shares, and protects personal data when the website, platform, systems, subscriptions, technical support, knowledge support, preferred customer programs, representative programs, or any other services provided by Gurgoora are used.

This Policy forms an integral and complementary part of the Terms and Conditions for the use and purchase of Gurgoora products and subscriptions, and any special terms relating to services, support, commissions, accounts, invoices, or payment methods.

Accessing the website, creating an account, purchasing a product or subscription, using any Gurgoora service, communicating with Gurgoora, or providing it with any data shall be deemed acceptance of this Policy to the extent permitted by applicable law.

Article One: Definitions

For the purposes of this Policy, the following words and expressions shall have the meanings set out below, unless the context requires otherwise:

Article Two: Scope of this Policy

This Policy applies to all personal data collected or processed by Gurgoora when using the website, platform, applications, systems, subscriptions, or related services.

It applies to ordinary customers, preferred customers, representatives, knowledge support providers, support requesters, visitors, trial users, purchasers, and persons communicating with Gurgoora through any of its channels.

It covers data collected directly from the user, automatically through website or platform use, or from permitted third parties such as payment providers, analytics tools, communication channels, or service partners, depending on the service used.

This Policy does not apply to external websites, services, or platforms not owned or operated by Gurgoora, even if linked from the website or platform.

Article Three: Data We May Collect

Gurgoora may collect different personal data depending on the service, transaction, or use, including without limitation:

Gurgoora may not collect all of this data from every user. Data is collected according to the service used, the data provided by the user, and the data necessary to operate the platform and fulfill contractual and legal obligations.

Article Four: Data Provided Voluntarily by the User

The user may voluntarily provide data when creating an account, purchasing a product or subscription, requesting support, joining a commission program, using a representative or preferred customer code, requesting payout, completing a form, sending a message, or uploading a file inside the platform.

The user acknowledges that the data provided must be accurate, correct, and up to date, and bears responsibility for any consequences arising from incorrect, incomplete, or unauthorized third-party data.

If the user provides data relating to another person or entity, the user acknowledges having the legal authority or required authorization to provide such data to Gurgoora.

Article Five: Data Collected Automatically

When using the website, platform, or systems, certain data may be collected automatically for operational, security, improvement, and analytical purposes, such as IP address, device type, browser, operating system, language, visit date and time, pages used, errors, logs, and session identifiers.

This data helps Gurgoora operate its services, protect accounts, detect failures, improve performance, prevent misuse, analyze service usage, and develop the user experience.

Gurgoora may use cookies or similar technologies as described in this Policy or in cookie settings where available.

Article Six: Purposes of Processing Personal Data

Gurgoora processes personal data for lawful and necessary purposes related to its services, including:

Creating and managing accounts, verifying user identity, and enabling access to products, subscriptions, and services.

Processing purchases, subscriptions, renewals, cancellations, licenses, product activation, and free or paid trials.

Issuing invoices and financial or tax notices, and complying with e-invoicing, tax, zakat, accounting, and applicable legal requirements.

Processing payments, tracking payment status, preventing fraud, handling refunds, and settling financial transactions.

Providing technical support, receiving tickets, handling failures, following up on errors, and documenting solutions.

Operating Knowledge Support, including managing tickets, retaining messages, managing ratings, resolving disputes, and calculating entitlements according to service terms.

Managing preferred customer, representative, referral, commission, discount, and incentive reward programs, including balances, entitlements, and payout requests.

Improving products and services, measuring performance, analyzing usage, developing features, and fixing errors.

Protecting the platform and users, preventing fraud, monitoring prohibited activity, investigating misuse, and enforcing terms and policies.

Communicating with the user about accounts, subscriptions, payments, invoices, support, important updates, or security alerts.

Sending offers, marketing messages, news, or updates where permitted, based on user consent or user settings.

Complying with legal obligations, competent authority requests, court orders, and tax or regulatory requirements.

Protecting the rights of Gurgoora, users, or third parties, defending claims, proving rights, and enforcing contracts and terms.

Article Seven: Legal Basis for Processing Data

Gurgoora processes personal data where there is a lawful or legitimate basis, including:

Performance of a contract or pre-contractual steps, such as account creation, purchase completion, subscription activation, support, or service management.

Compliance with legal obligations, such as invoicing, tax, accounting, record retention, and responding to competent authorities.

Legitimate interests, such as protecting the platform, preventing fraud, improving services, handling disputes, preserving rights, and enhancing the user experience, provided this does not unjustifiably infringe user privacy.

User consent, such as marketing subscriptions, certain non-essential cookies, or processing data based on user choice.

Protection of legal rights and interests, such as documenting transactions, managing complaints, investigating violations, and defending claims.

Where processing is based on consent, the user may withdraw consent through available means. Withdrawal does not affect processing already carried out lawfully, nor processing necessary for contract performance or legal compliance.

Article Eight: E-Invoicing and Tax Data

Because Gurgoora is a company in the Kingdom of Saudi Arabia, tax registered, and subject to applicable e-invoicing requirements, it may be necessary to collect and process certain billing and tax data to issue invoices or financial or tax notices.

Such data may include customer or establishment name, tax number, address, country, product or subscription details, transaction value, tax, transaction date, invoice number, and any other data necessary for tax, accounting, or e-invoicing compliance.

The user acknowledges that incorrect or incomplete tax or billing data may result in an invalid invoice, delayed issuance, or inability to amend it, and the user is responsible for the accuracy of the data provided.

Gurgoora may retain invoice and transaction data for the period required by tax or accounting laws, or for any period necessary to protect rights and prove transactions.

Article Nine: Payment Data and Payment Providers

Payments may be processed through external payment providers such as bank cards, digital wallets, PayPal, Apple Pay, Google Pay, or other methods approved by Gurgoora.

When using an external payment method, the payment provider may collect and process certain payment data according to its own policies and terms. Gurgoora may not receive full bank card details or sensitive payment data, and usually receives only transaction confirmation, status, number, amount, or data necessary to document the transaction and serve the customer.

Gurgoora is not responsible for the privacy policies of independent payment providers. The user should review the policies and terms of the payment provider selected.

Gurgoora may use payment and transaction data for verification, fraud prevention, refunds, dispute settlement, accounting, invoicing, and legal compliance.

Article Ten: Technical Support and Knowledge Support Data

When technical support or knowledge support is used, Gurgoora may collect, store, and process the content of tickets, messages, attachments, ratings, files, and related communication records.

This data is used to provide support, process requests, follow up on failures, document solutions, improve service quality, manage disputes, assess support provider performance, and protect the rights of the parties.

In Knowledge Support, the support requester and support provider acknowledge that certain data, ratings, stars, or opinions may appear to the other party or other users within the platform according to the service mechanism and terms.

The user must not send sensitive, confidential, or third-party data through support tickets unless necessary and permitted to share it.

Gurgoora reserves the right to access support messages and attachments where necessary to manage the service, resolve disputes, protect users, or enforce terms and policies.

Article Eleven: Commission, Referral, and Preferred Customer Data

If the user participates in a representative, preferred customer, referral, commission, discount, or reward program, Gurgoora may process additional program-related data.

This data may include representative or preferred customer codes, referral links, linked customers, purchases resulting from referrals, sales value, discounts, commissions, balances, payout requests, withdrawal records, transfer fees, and entitlement status.

This data is used to manage the program, calculate commissions and rewards, prevent manipulation, prepare statements, settle entitlements, handle disputes, and comply with accounting or tax requirements.

Some referral data, representative codes, discount status, or the relationship between a purchase and referral code may appear within the system, purchase page, invoice, or dashboard according to the service and approved display mechanism.

Article Twelve: Cookies and Similar Technologies

Gurgoora may use cookies or similar technologies to operate the website and platform, maintain sessions, remember preferences, improve performance, analyze usage, personalize the experience, or measure campaign effectiveness.

Cookies are usually categorized as necessary cookies, functional cookies, analytics cookies, and marketing or advertising cookies where used.

The user can control cookies through browser settings or consent management tools where available.

Disabling certain necessary or functional cookies may cause some features not to work or may reduce the quality of the user experience.

Gurgoora does not use cookies to violate user privacy, but within the limits of operating, improving, analyzing, and lawfully marketing its services where permitted.

Article Thirteen: Sharing Data with Third Parties

Gurgoora does not sell users’ personal data as a standalone product to third parties.

However, Gurgoora may share certain data with other parties to the extent necessary to provide services, perform obligations, protect rights, or comply with laws, including:

Cloud hosting, infrastructure, and database providers.

Payment providers, banks, digital wallets, and payment processing services.

Email, SMS, notification, and communication providers.

Analytics, security, fraud prevention, and performance monitoring providers.

Accountants, legal advisors, auditors, and professional service providers.

Tax, regulatory, governmental, or judicial authorities where disclosure is legally required or necessary to protect rights.

Technical support or knowledge support providers or ticket parties, to the extent necessary to manage support, show ratings, or settle disputes.

Partners or contracted parties providing a service requested or approved by the user.

Any other party in the event of restructuring, merger, acquisition, or sale of part of the business, provided data is handled with appropriate protection and in compliance with law.

Gurgoora seeks to ensure that sharing is limited to need and legitimate purpose, proportionate to the service and legal or contractual obligations.

Article Fourteen: Transfer of Data Outside the Country

Due to the nature of digital and cloud services, some personal data may be stored, processed, or transferred inside or outside the Kingdom of Saudi Arabia depending on server locations, service providers, operating tools, support, payment, or analytics.

When transferring or processing data outside the country, Gurgoora seeks to take appropriate protective measures and select providers with reasonable security and organizational controls, in compliance with applicable laws.

The user acknowledges that digital services may require cross-border processing, especially when using international payment methods, cloud services, communication tools, support, or analytics.

Article Fifteen: Data Retention and Retention Period

Gurgoora retains personal data for the period necessary to achieve the purposes for which it was collected, provide services, perform contracts, comply with legal obligations, resolve disputes, or protect rights.

Retention periods vary by data type and service. Account data may be retained while the account is active; invoice and transaction data may be retained for periods required by tax and accounting laws; and support data may be retained as needed to prove and improve the service and resolve disputes.

When data is no longer needed, or the required legal or contractual period ends, Gurgoora seeks to delete, destroy, anonymize, or securely archive it, unless retention is necessary for legal obligations, existing claims, or legitimate rights protection.

Some data may not be deleted immediately if linked to invoices, payments, financial records, disputes, legal requirements, or temporary backups. In such cases, it will be handled under appropriate controls until the reason for retention ends.

Article Sixteen: Data Protection and Information Security

Gurgoora takes reasonable technical and organizational measures to protect personal data from unauthorized access, unlawful use, loss, damage, alteration, or unauthorized disclosure.

These measures may include encryption, permission management, encrypted passwords, login records, backups, system monitoring, access restrictions, and security updates, depending on capabilities and data nature.

However, the user acknowledges that no electronic transmission or storage method is absolutely secure, and Gurgoora cannot guarantee absolute protection from all risks, but seeks to take appropriate and reasonable measures to reduce them.

The user must maintain the confidentiality of login credentials, not share passwords or account data, and notify Gurgoora immediately upon suspicion of unauthorized account use.

Article Seventeen: User Rights Regarding Data

The user may, under applicable laws and to the extent permitted, request that Gurgoora enable certain rights regarding personal data, including:

Requesting to know whether Gurgoora processes the user’s personal data.

Requesting access to personal data or receiving a copy to the extent possible and permitted.

Requesting correction, update, or completion of inaccurate or incomplete data.

Requesting deletion or destruction of data where it is no longer necessary or deletion is legally permitted.

Requesting restriction of certain processing or objecting to it where there is a legal basis.

Withdrawing consent for consent-based processing, without affecting prior lawful processing or processing necessary for contract or legal compliance.

Requesting suspension of marketing messages or unsubscribing from them.

Submitting a complaint to Gurgoora regarding processing, or to a competent authority where legally available.

Gurgoora may request additional information to verify identity before executing certain requests, in order to protect data and prevent unauthorized disclosure.

Gurgoora may reject or delay certain requests where legally permitted, including cases related to tax or accounting obligations, disputes, rights protection, fraud prevention, or competent authority requirements.

Article Eighteen: Marketing and Promotional Messages

Gurgoora may send marketing messages, offers, or updates about products, subscriptions, services, or new features where permitted, based on user consent or user settings.

The user may unsubscribe from marketing messages at any time through an unsubscribe link, account settings, or by contacting Gurgoora.

Unsubscribing from marketing messages does not include necessary messages related to the account, invoices, payments, subscriptions, security, support, or legal notices, which Gurgoora may continue to send when necessary.

Article Nineteen: Content Published by the User

Some Gurgoora services may allow the user to publish ratings, comments, opinions, questions, answers, or content inside the platform or related to services.

The user acknowledges that published content may appear to other users or the public depending on the service and platform settings.

The user must not publish personal or sensitive data relating to the user or others unless legally entitled to do so, and must not publish content that violates law, public morals, or Gurgoora terms.

Gurgoora may delete, hide, or restrict any content containing unnecessary personal data, abuse, defamation, violations, sensitive information, or content it considers inappropriate or contrary to policies.

Article Twenty: Children and Minors’ Privacy

Gurgoora services are not directed to children or minors who do not have legal capacity to contract or use paid services.

A minor may not use Gurgoora services, create an account, or purchase products or subscriptions except with the consent of a parent, guardian, or legal representative, and according to applicable laws in the minor’s country of residence.

If Gurgoora becomes aware that it has collected personal data of a minor without required consent or a proper legal basis, it may delete such data, disable the account, request guardian consent, or take appropriate action.

Article Twenty-One: External Links and Services

The Gurgoora website or platform may contain links to external websites, services, or applications not owned or operated by Gurgoora.

Gurgoora is not responsible for the privacy practices, content, or policies of such external websites or services.

When the user moves to an external website or service, the user is subject to that party’s privacy policy and terms, and should review them before providing data.

Article Twenty-Two: Automated Decisions and Analytics

Gurgoora may use technical or analytical tools to improve performance, detect errors, prevent fraud, rank certain results, show alerts, or personalize the user experience.

Gurgoora does not intend to make purely automated decisions with a significant legal effect on the user without a suitable basis or human review where required.

Some data may be used to classify risks, detect unusual use, protect accounts, or improve services. The user may contact Gurgoora regarding any objection or inquiry about a decision or action affecting the account.

Article Twenty-Three: Legal Disclosure and Protection of Rights

Gurgoora may disclose certain personal data if required by law, regulations, orders of competent authorities, courts, tax authorities, or regulatory authorities.

It may also disclose or retain data where necessary to protect the rights of Gurgoora, its users, or third parties, investigate fraud, misuse, or violations, defend legal claims, enforce agreements, or collect amounts due.

Disclosure in such cases shall be limited to what Gurgoora considers necessary and proportionate to the lawful or legitimate purpose.

Article Twenty-Four: User Obligations

The user must provide accurate and up-to-date data, not use third-party data without right, not impersonate another person, and not use the platform in a way that unlawfully collects, publishes, or discloses personal data of others.

The user must maintain confidentiality of account data and password and must not allow others to use the account without authorization.

The user must not upload or send sensitive, confidential, or unnecessary data inside the platform, support tickets, or ratings unless necessary for the service and the user has the right to share it.

The user is responsible for any data, files, or content sent or published through the platform, and for any consequences arising from inaccurate data or violation of this Policy.

Article Twenty-Five: Updates to the Privacy Policy

Gurgoora may amend or update this Policy from time to time in line with changes in services, laws, legal requirements, or operational requirements.

The updated version will be published on the website or platform, and users may be notified of material changes by email, inside the account, or by any suitable means.

Continued use of the website, platform, or services after publication of an update shall be deemed acceptance of the updated Policy, unless applicable law requires separate express consent.

The user is advised to review the Privacy Policy periodically.

Article Twenty-Six: Language of the Policy

Gurgoora may provide this Policy in multiple languages to make it easier for users around the world to understand.

In the event of any discrepancy or conflict between the Arabic version and any translated version, the Arabic version shall prevail to the extent permitted by law, unless Gurgoora expressly states otherwise or local laws require otherwise.

Article Twenty-Seven: Contact Regarding Privacy

The user may contact Gurgoora regarding any inquiry, request, or complaint relating to privacy or personal data through the contact methods approved on the website or platform.

Privacy contact details are as follows:

Gurgoora may request sufficient information to verify identity before executing access, correction, deletion, or any other personal data request.

Article Twenty-Eight: Automated Support Tools and AI Assistance

Gurgoora may use technical or automated tools, including artificial intelligence tools or automated assistants, to help operate technical support, knowledge support, live chat, request routing, response suggestions, and service quality improvement.

Ticket content, chat messages, attachments, or usage data may be processed to the extent necessary to provide support, generate suggestions, improve response quality, monitor safety, prevent misuse, or route the request to a suitable staff member when needed.

The use of these tools does not prevent the user from requesting human review where such review is required or appropriate according to the nature of the request, dispute, or service impact.

Gurgoora will use these tools within the purposes of operation, support, improvement, and protection, and in accordance with this Policy and other applicable platform terms.

Article Twenty-Nine: Final Acknowledgment

By using the Gurgoora website, platform, products, subscriptions, or services, the user acknowledges having read this Policy, understood its content, and agreed to it.

The user acknowledges that Gurgoora may process personal data for the purposes described in this Policy and to the extent necessary to provide services, perform contracts, comply with laws, protect rights, and improve the experience.

The user acknowledges that failure to provide certain necessary data may result in inability to create an account, complete a purchase, issue an invoice, provide support, or use certain services.

The user acknowledges having rights relating to personal data under applicable laws, and may contact Gurgoora to exercise such rights or submit a privacy inquiry or complaint.

The user acknowledges that continued use of the services after updating this Policy constitutes acceptance of the updated version, unless separate consent is required by law.