contact@kaabaroom.com

Privacy policy

Privacy Policy for kaabaroom (English Version)

Last Updated: May 29, 2026

Welcome to kaabaroom ("Website", "Service", "we", "us", or "our"), operated through the domain kaabaroom and its related products and services (collectively, "Services").

We are deeply committed to protecting your privacy and processing your personal data in full compliance with the Saudi Arabian Personal Data Protection Law (PDPL) issued by Royal Decree No. (M/19) and its executive regulations. This Privacy Policy outlines how your personal data is collected, protected, and used, as well as the rights available to you under Saudi regulations.

1. Legal Basis for Processing

We process your Personal Data based on the following statutory grounds under the PDPL:

  • Your Explicit Consent: Given when registering or using our platform.

  • Contractual Necessity: To process, manage, and execute your travel, hotel, Hajj, or Umrah bookings.

  • Legal Obligation: To comply with regulatory requirements set by Saudi authorities, including the Ministry of Hajj and Umrah, the Ministry of Tourism, and SDAIA.

  • Legitimate Interests: To ensure website security, optimize user experience, and prevent fraudulent transactions.

2. Automated Information Collection

When you visit kaabaroom, our servers automatically record data sent by your browser or device. This may include:

  • Device IP address, browser type, and operating system version.

  • Language preferences, referring web pages, pages visited on our site, time spent, and access dates.

This automated data is used solely to prevent abuse, maintain cybersecurity, and generate aggregated statistical metrics to improve platform functionality.

3. Collection of Personal Information

You can explore the Website without revealing your identity. However, to access certain booking features, you will be required to provide specific Personal Data, including:

  • Identity Data: Full name, nationality, country of residence, and passport/ID details (for travel and pilgrimage bookings).

  • Contact Data: Email address, phone number, and physical address.

  • Account Details: Username and encrypted passwords.

  • Dependents' Data: Information about family members or travel companions (provided that you have obtained their prior consent).

4. Data Disclosure and Sharing

We do not sell or rent your Personal Data to third parties for marketing purposes. We only share data with:

  • Trusted Service Providers: Such as hotels, airlines, and transport companies to complete your requested bookings.

  • Statutory Authorities: We will disclose Personal Data if required by Saudi law, court orders, or official directives from regulatory bodies.

5. Data Retention & Localization

In accordance with Saudi regulatory standards:

  • Personal Data is securely stored within environments that maintain highest cybersecurity standards. Cross-border data transfers comply strictly with the rules stipulated by the PDPL.

  • We retain your Personal Data only for the duration required to fulfill the purposes mentioned in this Policy or as mandated by Saudi financial and regulatory record-keeping laws. Once expired, data is securely destroyed or anonymized.

6. Your Rights under the Saudi PDPL

As a data subject in Saudi Arabia, you hold the following statutory rights:

  • Right to be Informed: To know the legal basis and purpose behind collecting your data.

  • Right of Access: To request a copy of your personal data held by us.

  • Right to Correction: To request updating or rectifying inaccurate or obsolete data.

  • Right to Destruction (Erasure): To request deletion of your data when the purpose of collection ceases or when consent is withdrawn (subject to legal or contractual retention exemptions).

  • Right to Withdraw Consent: To revoke your consent for data processing at any time.

7. Data Security

We employ robust technical, administrative, and physical safeguards to defend your personal data against unauthorized access, loss, or alteration. However, please note that no transmission method over the internet is completely bulletproof, and users are responsible for keeping their account credentials confidential.

8. Data Breach Notification

In the unforeseen event of a security breach resulting in unauthorized access or leakage of your Personal Data, kaabaroom will immediately notify the Saudi Data and AI Authority (SDAIA) and the competent regulatory bodies within the statutory timeline. Impacted users will also be notified directly via email along with recommended mitigation steps.

9. Children’s Privacy

We do not knowingly collect Personal Data from individuals under the age of 18. If we discover that a minor has provided us with unauthorized personal information, we will immediately purge it from our systems.

10. Cookies and Marketing Communications

  • We use cookies to enhance, track, and personalize your experience. You can modify your browser settings to reject cookies, though it might limit certain website features.

  • You may opt-out of our marketing or newsletter communications at any time by clicking the "Unsubscribe" link in our emails. You will continue to receive operational and transactional emails concerning your bookings.

11. Amendments and Acceptance

We reserve the right to modify this Privacy Policy to reflect regulatory changes under Saudi Law. Material revisions will be highlighted on the main page of kaabaroom. Continued use of the platform after updates take effect represents your explicit binding acceptance of the revised policy.

12. Contacting Us

To exercise your data subject rights or if you have any questions regarding this Privacy Policy, please reach out to us via the Contact Form available on the website.

 

Get Updates & More

Thoughtful thoughts to your inbox

Kaaba Room

Tell. + 0595409895

Email. contact@kaabaroom.com

Kaaba Room 2026-2030