1. INTRODUCTION AND ACCEPTANCE

Solutions and Care Electronics Industries Company (“Me’kaaz,” “Company,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy governs the collection, use, disclosure, and protection of personal data across all Me’kaaz platforms, including our electronic monitoring devices, mobile applications available on the Apple App Store and Google Play Store, e-commerce store, website (www.mekaaz.com), and all associated services (collectively referred to as the “Platform” or “Services”).

This Privacy Policy has been developed in strict compliance with the Saudi Personal Data Protection Law (PDPL) issued by Royal Decree No. M/19 dated 09/02/1443H, and all relevant regulations established by the Saudi Data & Artificial Intelligence Authority (SDAIA). We are committed to adhering to all applicable data protection standards within the Kingdom of Saudi Arabia and international best practices for data privacy.

By accessing, using, or purchasing from our Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part of this policy, you must discontinue use of our Services immediately. Your continued use of our Platform following the posting of changes to this Privacy Policy constitutes your acceptance of those changes.

2. IMPORTANT DISCLAIMERS AND LIMITATIONS

2.1 Nature of Products and Services

Me’kaaz products, including but not limited to the Sanad smartwatch and any other wearable devices, are electronic monitoring and wellness tracking devices designed exclusively for general health awareness, lifestyle monitoring, and personal wellness purposes. These devices are NOT medical devices and are NOT intended, designed, or authorized for use in the diagnosis, cure, mitigation, treatment, or prevention of any disease, medical condition, or health disorder.

All measurements, readings, and data provided by our devices are for informational and reference purposes only. They should never be used as a substitute for professional medical advice, diagnosis, or treatment. Users must always consult qualified healthcare professionals for any medical concerns, health conditions, or before making any decisions related to their health and wellness.

2.2 Limitation of Liability

To the maximum extent permitted by applicable law, Me’kaaz, its affiliates, officers, directors, employees, agents, partners, and licensors expressly disclaim all liability for any direct, indirect, incidental, special, consequential, or punitive damages arising from or related to your use or inability to use our Platform, products, or services. This includes, without limitation, any damages resulting from reliance on information provided through our devices, errors or omissions in data, interruption of service, loss of data, unauthorized access to your information, or any other matter relating to our Services.

You acknowledge and agree that you use our Platform and products entirely at your own risk. We make no warranties or representations regarding the accuracy, reliability, completeness, or timeliness of any data or information provided by our electronic monitoring devices. Under no circumstances shall Me’kaaz be liable for any health-related decisions, medical emergencies, personal injuries, or adverse health outcomes that may result from the use or misuse of our products or reliance on data provided by our devices.

3. INFORMATION WE COLLECT

3.1 Information You Provide Directly

When you create an account, make purchases, or interact with our Platform, you may provide us with various types of personal information. This includes your full name, email address, mobile phone number, physical address, date of birth, gender, nationality, and preferred language. For account security purposes, we collect your chosen username and encrypted password. When making purchases through our e-commerce store, we collect billing information, shipping addresses, and payment method details, though payment processing is handled by secure third-party payment processors who maintain their own privacy policies.

We also collect profile information that helps personalize your experience, including height, weight, fitness goals, dietary preferences, activity levels, and general wellness objectives. If you choose to use emergency features, you may provide emergency contact information including names, phone numbers, and relationships of individuals to be contacted in case of emergency situations.

3.2 Information Collected Automatically

Our electronic monitoring devices automatically collect various types of data during normal operation. This includes physiological measurements such as heart rate, pulse readings, blood oxygen saturation levels (SpO2), body temperature readings, sleep patterns, and activity metrics including steps taken, distance traveled, calories burned, and active minutes. The devices also track movement patterns, exercise sessions, and sedentary time to provide comprehensive wellness insights.

When you use our mobile applications and website, we automatically collect technical information including your device identifier, IP address, browser type and version, operating system, mobile network information, time zone settings, and device settings. We gather usage data such as pages visited, features accessed, click patterns, session duration, interaction frequency, and feature preferences to improve our services and user experience.

3.3 Location Information

Location data is collected only when explicitly required for specific features and with your express consent. This primarily applies to emergency SOS functionality where precise GPS coordinates are necessary to dispatch help or notify emergency contacts. Location data may also be used for activity tracking features such as outdoor running or cycling routes, but only when you actively choose to use these features. You maintain complete control over location permissions and can disable them at any time through your device settings.

3.4 Information from Third-Party Sources

We may receive information about you from third-party sources in limited circumstances. This includes verification information from payment processors to confirm transaction legitimacy, publicly available information used for identity verification and fraud prevention, and data from analytics providers that help us understand usage patterns and improve our services. If you choose to connect your Me’kaaz account with third-party fitness or wellness applications, we may receive information based on the permissions you grant to those integrations.

4. HOW WE USE YOUR INFORMATION

4.1 Primary Service Provision

The primary purpose of collecting your information is to provide and maintain the core functionality of our electronic monitoring devices and associated services. We use your data to enable real-time monitoring of wellness metrics, synchronize information between your devices and applications, generate personalized insights and recommendations based on your activity patterns, and maintain historical records of your wellness data for trend analysis. This information allows us to provide you with meaningful feedback about your daily activities, sleep quality, and general wellness patterns.

We process your data to enable the emergency SOS features that may be critical in urgent situations. When activated, these features use your location and emergency contact information to facilitate rapid assistance. We also use your information to ensure the technical functionality of our devices, including firmware updates, bug fixes, and performance optimizations that enhance your user experience.

4.2 Communication and Support

Your contact information enables us to provide comprehensive customer support and maintain necessary communications about your account and devices. We send important service announcements regarding system maintenance, security updates, and changes to our terms or policies. With your consent, we may send promotional communications about new products, features, or special offers that may interest you. All marketing communications include clear unsubscribe options, and you can manage your communication preferences through your account settings at any time.

We use your information to respond to customer service inquiries, technical support requests, and feedback submissions. This helps us resolve issues quickly and improve our overall service quality based on user experiences and suggestions.

4.3 Analytics and Improvement

We analyze aggregated and anonymized user data to understand usage patterns, identify popular features, and discover areas for improvement. This analysis helps us optimize app performance, develop new features based on user needs, enhance device accuracy and reliability, and improve user interface design for better accessibility. We conduct internal research using anonymized data to advance our understanding of wellness monitoring technologies and develop innovative solutions for health awareness.
Statistical analysis of user behavior helps us identify and fix bugs, prevent system errors, and ensure optimal performance across different devices and operating systems. We never use personally identifiable information for these analytical purposes without explicit consent.

4.4 Legal and Regulatory Compliance

We process personal data as necessary to comply with applicable laws and regulations in the Kingdom of Saudi Arabia, including requirements set forth by SDAIA and other regulatory authorities. This includes maintaining records for tax and accounting purposes, responding to lawful requests from government agencies, and cooperating with law enforcement when required by law. We also use information to enforce our terms of service, protect against fraudulent or illegal activities, and safeguard the rights and safety of our users and others.

5. DATA SHARING AND DISCLOSURE

5.1 We Do Not Sell Personal Data

Me’kaaz has never and will never sell, rent, or lease your personal information to third parties for their marketing purposes. We do not engage in the sale of personal data as defined under the PDPL or any other applicable privacy legislation. Your trust is paramount to our business, and we are committed to protecting your privacy rights.

5.2 Authorized Sharing Scenarios

We share your information only in specific, limited circumstances necessary for service provision and with appropriate safeguards in place. When you explicitly consent to sharing, such as authorizing family members to view your wellness data or connecting with third-party applications, we facilitate that sharing according to your preferences. During emergency SOS activation, we share necessary information including your location and relevant health metrics with designated emergency contacts or emergency services to ensure rapid assistance.

We engage carefully selected service providers who assist in operating our Platform, including cloud infrastructure providers for secure data storage, payment processors for transaction handling, customer relationship management systems for support services, and analytics providers for service improvement. All service providers are contractually obligated to protect your information and use it only for the specific purposes we authorize.

5.3 Legal Obligations and Rights Protection

We may disclose your information when required by law, including in response to valid legal processes such as court orders, warrants, or subpoenas from Saudi Arabian authorities. We cooperate with law enforcement agencies and regulatory bodies when legally required, while ensuring that any disclosure is limited to what is necessary and lawful. We may also share information to protect our rights, property, and safety, or that of our users and the public, including exchanging information for fraud protection and credit risk reduction.

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred to the successor entity. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy. Any successor entity will be bound to protect your information consistent with this Privacy Policy and applicable law.

6. DATA RETENTION AND DELETION

6.1 Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Active account information is retained for the duration of your account plus a reasonable period to allow for reactivation. Wellness and monitoring data is kept according to your preferences, with options for automatic deletion after specified periods. Transaction records are retained as required by Saudi Arabian tax and commercial laws, typically for a minimum of five years.

When you request account deletion, we initiate a process to remove or anonymize your personal information from our active systems within thirty days, subject to legal retention requirements. Some information may be retained in encrypted backups for a limited time to prevent fraud and ensure system integrity, but this data is not actively processed and is permanently deleted according to our backup rotation schedule.

6.2 Data Deletion Rights

You have the right to request deletion of your personal information at any time through your account settings or by contacting our privacy team. Upon receiving a valid deletion request, we will delete or anonymize your personal data unless retention is necessary for compliance with legal obligations, establishment or defense of legal claims, or completion of transactions you initiated. We will notify you if we cannot fully comply with a deletion request and explain the reasons for any retained data.

7. DATA SECURITY MEASURES

7.1 Technical Safeguards

We implement comprehensive technical security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. All data transmission between devices, applications, and our servers is protected using industry-standard TLS 1.3 encryption protocols. Data stored on our servers is encrypted at rest using AES-256 encryption. We maintain secure data centers with physical access controls, environmental monitoring, and redundant systems to ensure data availability and integrity.

Our systems undergo regular security assessments, vulnerability scanning, and penetration testing by qualified third-party security firms. We implement strong authentication mechanisms, including optional two-factor authentication for account access. Access to personal data within our organization is restricted based on the principle of least privilege, with comprehensive audit logs maintained for all data access events.

7.2 Organizational Measures

All Me’kaaz employees undergo privacy and security training upon hiring and receive regular updates on data protection best practices. We maintain strict confidentiality agreements with all personnel who have access to personal information. Our privacy and security policies are regularly reviewed and updated to address emerging threats and comply with evolving regulations.
We have established incident response procedures to quickly address any suspected security breaches. In the unlikely event of a data breach that poses risk to your rights and freedoms, we will notify affected users and relevant authorities as required by the PDPL and SDAIA regulations, typically within 72 hours of becoming aware of the breach.

7.3 User Responsibilities

While we implement robust security measures, the security of your information also depends on your actions. You are responsible for maintaining the confidentiality of your account credentials, using strong and unique passwords, keeping your devices and applications updated with the latest security patches, and promptly notifying us of any unauthorized access to your account. We strongly recommend enabling two-factor authentication and regularly reviewing your account activity for any suspicious actions.

8. YOUR RIGHTS UNDER THE PDPL

8.1 Access and Portability Rights

Under the Saudi Personal Data Protection Law, you have the fundamental right to access your personal information held by Me’kaaz. You can request a copy of all personal data we process about you, including the categories of data collected, purposes of processing, and any third parties with whom we share your information. We provide data export functionality through your account dashboard, allowing you to download your wellness data in commonly used formats for portability to other services.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance from us. We facilitate data portability through standardized export formats and, where technically feasible, direct transfer to other services you designate.

8.2 Correction and Accuracy Rights

You have the right to correct inaccurate or incomplete personal information we hold about you. Most personal information can be updated directly through your account settings. For information that cannot be self-corrected, you can submit a correction request to our privacy team with appropriate verification. We will investigate and correct verified inaccuracies within thirty days of receiving your request, and notify any third parties to whom we disclosed the incorrect information where feasible and required by law.

We take reasonable steps to ensure the accuracy of the information we collect and process. However, you are responsible for ensuring that the information you provide to us is accurate, complete, and current. Promptly updating your information helps ensure you receive the full benefit of our services and appropriate communications.

8.3 Objection and Restriction Rights

You have the right to object to certain processing of your personal data, particularly for direct marketing purposes or processing based on legitimate interests. When you object to marketing communications, we will immediately cease such communications while maintaining your account for service provision. You can manage marketing preferences through your account settings or by following unsubscribe instructions in any marketing communication.

You may request restriction of processing in certain circumstances, such as when you contest data accuracy, believe processing is unlawful, or need the data for legal claims. During restriction periods, we will store but not actively process the restricted data except with your consent or for legal requirements.

8.4 Consent Withdrawal

Where we process your personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. You can withdraw consent for specific processing activities through your privacy settings or by contacting our privacy team. Note that withdrawing consent for certain processing may limit functionality or prevent us from providing certain services.

8.5 Complaint Rights

If you believe we have not adequately addressed your privacy concerns or have violated your rights under the PDPL, you have the right to lodge a complaint with the Saudi Data & Artificial Intelligence Authority (SDAIA). We encourage you to contact us first to resolve any concerns, as we are committed to addressing all privacy issues promptly and fairly. Contact information for SDAIA and complaint procedures are available on their official website.

9. CHILDREN’S PRIVACY

Our Platform and services are not directed to individuals under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children under these ages without verifiable parental consent. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at Support@mekaaz.com. Upon verification, we will promptly delete such information from our systems.

For minors between ages 13 and 18, we recommend parental involvement in account creation and usage. Certain features may require parental consent depending on local laws and regulations. Parents and guardians can request access to their minor child’s information and request deletion through our support channels with appropriate verification.

10. INTERNATIONAL DATA TRANSFERS

While Me’kaaz primarily operates within the Kingdom of Saudi Arabia, we may transfer personal information to service providers located in other countries to provide and improve our services. Any international data transfer is conducted in compliance with PDPL requirements and SDAIA regulations regarding cross-border data transfers.

We ensure appropriate safeguards are in place for international transfers, including contractual clauses requiring recipient organizations to protect your data consistent with Saudi Arabian privacy standards. We conduct assessments of data protection laws in recipient countries and implement additional safeguards where necessary to ensure adequate protection levels. You will be notified if we intend to transfer your data to a country that may not provide adequate data protection, and such transfer will only occur with your explicit consent or where permitted by law.

11. THIRD-PARTY SERVICES AND LINKS

Our Platform may contain links to third-party websites, applications, or services that are not operated by Me’kaaz. These third-party services maintain their own privacy policies and data practices over which we have no control. We are not responsible for the privacy practices or content of these third-party services. We strongly encourage you to review the privacy policies of any third-party services you access through our Platform.

When you choose to connect our services with third-party applications or platforms, you may be granting those parties access to certain information. Review the permissions carefully before authorizing any third-party connections. You can manage and revoke third-party access through your account settings at any time.

12. CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make material changes to this Privacy Policy, we will notify you through prominent notice on our Platform, via email to your registered address, or through in-app notifications at least 30 days before the changes take effect.

The “Effective Date” at the top of this Privacy Policy indicates when the latest version became effective. Your continued use of our Platform after changes become effective constitutes acceptance of the revised Privacy Policy. If you do not agree with any changes, you must discontinue use of our services and may request deletion of your account and associated data.

13. CONTACT INFORMATION

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us through the following channels: Privacy Team
Solutions and Care Electronic Industries Company (“Me’kaaz”)
Email: Support@mekaaz.com
Phone: +966 539 599 259

For privacy-related requests including access, correction, deletion, or data portability, please use our dedicated privacy portal at www.mekaaz.com/privacy. We aim to respond to all privacy inquiries within 30 days. For complex requests, we may require additional time and will keep you informed of progress.