At Siolla, this Privacy Policy has been prepared in accordance with the Saudi Personal Data Protection Law and the directives issued by the Data and Artificial Intelligence Authority (SDAIA). This Policy aims to clarify the types of data that we collect from you, the reasons for such collection, and how we process and safeguard that information throughout its retention by Siolla. We take data privacy and security very seriously; we believe that our users have the right to understand what information is collected and how it is used, and we ensure that you have full control over your data—including the rights to modify or delete it at any time. We are committed to providing the highest levels of security and transparency in the handling of your personal data, keeping it strictly confidential, and we value your privacy by never selling or sharing your personal information with any third party.
Siolla and/or its affiliated companies ("Siolla," "we," or "our") operate through Digital Siolla For Financial Technology in accordance with Commercial Registration No. (5900118362), with its headquarters located in Riyadh. We are licensed to provide automated advisory services under the supervision of the Financial Technology Lab, which is regulated by the Capital Market Authority. Our corporate headquarters is located at 6748 Abu Bakr Al-Siddiq Road, Al-Narjis, 13323, Riyadh, Kingdom of Saudi Arabia. We offer our services through our website (www.siolla.com) ("the Website") and/or our mobile application ("the App"). This Privacy Policy explains how Siolla collects, uses, and discloses the information gathered via our websites and mobile applications that are governed by this Policy – including, for example, the Siolla mobile application and any other interactive services (e.g., customer service and other communications) that you may engage in with Siolla (collectively, the "Services").
This Policy sets forth how Siolla collects, uses, and discloses the information obtained through our websites and mobile applications, which are subject to this Privacy Policy. For purposes of this Policy, a "User" is any individual who creates an account on our Website or App to utilize our software and/or to open an investment account, as well as to understand or assess our Services. This Privacy Policy, together with our Terms and Conditions, collectively governs your use of and engagement with our Website, App, and Services.
We collect the personal information that you provide to us when you use our Services or interact with us. The categories of information we collect depend on whether you are a current or former user. Examples of when we collect personal data include:
Whenever Siolla collects personal data, we strive to provide a link to this Privacy Policy along with any other relevant terms and conditions. If you visit the Website without logging in, Siolla may collect the following data:
Please note that the data we collect is used solely to generate preliminary statistics and to improve the appeal, content, and quality of our Website and Services, and not to personally identify you.
Siolla uses cookies—small pieces of computer code that enable our web servers to "recognize" users—for the following purposes:
In addition to cookies, we may use pixel tags (also known as "web beacons")—small graphic files that allow us to monitor the usage of our sites. You have the option to delete cookies from your device at any time by adjusting your browser settings; however, please note that cookies may be essential for accessing most content and features of the Website.
We may collect additional information when you link your registered account with financial institutions or other data sources ("Financial Data Sources"), or when you grant us access to personal data from these sources. By choosing to use our services to aggregate and analyze your account data, you explicitly authorize and direct Siolla to retrieve all account-related data available through the financial institution’s online portal, and you consent to periodic updates of this access, provided such linkage remains active in accordance with the guidelines and open banking policies issued by the Saudi Central Bank. Siolla works with financial institutions to collect, use, store, and process information related to our account aggregation services. We also collaborate with third parties, such as the National Information Center, to verify your identity and collect data for our KYC processes. Siolla does not have access to login credentials such as usernames and passwords used to link your third-party accounts, nor do we retrieve any account data after your credentials are submitted to the financial institution’s portal or the National Information Center’s system. Any account data accessible by Siolla is read-only and cannot be altered by us.
We may aggregate and/or de-identify information collected through our Services such that it is not linked to you or your device ("Aggregated or Anonymized Data"). Our Website and App may collect certain aggregated or anonymized data regarding your use or evaluation of our Services. Such data is not considered personal information and may be used for various purposes, including internal analysis and research. We may share this information with third parties for our aggregate purposes, provided it is designed in a way that prevents the identification of any individual.
Given the nature of our business, our Services are not provided to children. Siolla does not knowingly request personal information from or about individuals under the age of 18. If you are under 18, please do not submit any personal data to Siolla. Should a parent or guardian become aware that their child under 18 has provided personal data to us without consent, they should contact us immediately at Support@siolla.com, and we will delete such data from our systems, unless prohibited by applicable regulatory obligations.
At Siolla, your data privacy is treated as a paramount trust. We commit not to lease, sell, or trade your personal data with any third party for marketing or profit purposes. Your trust is the foundation of our relationship, and we are dedicated to protecting your data with the utmost security and confidentiality.
We use your personal information for a defined and secure set of business purposes that directly benefit you, including:
We adhere to the principle of data minimization by only collecting the information that is necessary to efficiently deliver our services and enhance your experience with Siolla.
In compliance with regulatory and security requirements, we engage trusted third-party providers for user identity verification. This process is essential for ensuring the safety of our platform and protecting our users from fraud or impersonation. By using Siolla’s Services, you authorize us to access your personal information through the National Information Center for identity verification purposes. We assure you that this process is executed securely and in an encrypted manner, with access to your data strictly limited to the necessary legal verifications.
Siolla employs state-of-the-art technologies to provide a seamless and integrated user experience across all devices used to access our Services. This may involve tracking your browsing activities across various websites and devices or applications, for example, matching your mobile browsing activity with that on your computer to deliver a consistent, personalized experience. Such analysis may include evaluating browsing patterns, geographic location, and device identifiers to correlate data between browsers and devices used by the same individual. This process assists us in:
This Privacy Policy exclusively applies to the Services, Websites, and Apps that are directly managed by Siolla. Our Website and Apps may include links to external websites, applications, and social media accounts that we provide for your convenience and access to additional useful information. It is important to note that Siolla:
Privacy policies of third parties may vary significantly from ours. Therefore, Siolla’s Privacy Policy does not cover any personal data you choose to share with these external entities. We recommend that you review the privacy policies of any external website or application before disclosing any personal information. In some cases, certain external parties may choose to share information about their users with us with their consent. Such sharing is governed by the external party’s privacy policy and not by our Policy; however, any data received in this manner will be treated with the same level of protection and confidentiality as if it were directly collected by us.
Siolla is committed to protecting your privacy and ensuring the confidentiality of your personal data in accordance with the highest legal and regulatory standards. Accordingly, we will not share or disclose your personal information (whether you are a current or former user) to any third party that is not affiliated with us, except in the following circumstances:
We may disclose your personal information as required by law when we reasonably believe that such disclosure is necessary to investigate, prevent, or address suspected illegal or fraudulent activities. This includes, without limitation, compliance with requests from law enforcement, national security requests, or court orders issued by competent authorities. We also reserve the right to disclose information in order to protect our rights, the rights of our users, or the property and safety of any party, or to maintain public safety, if a violation or risk affecting public order or national security is established.
In the event that Siolla undergoes a merger, acquisition, restructuring, sale, or transfer of assets, your personal information may be transferred to the acquiring or purchasing entity as part of such commercial transaction. This transfer will be conducted in accordance with applicable legal provisions and contractual agreements, with measures in place to ensure the confidentiality of the data in accordance with the standards prescribed by the Personal Data Protection Law.
We may share your personal information with third-party service providers for functions deemed essential for our business operations, such as technical support, data processing, fraud verification, customer support, and marketing. Contracts or agreements with these providers will impose strict confidentiality and security obligations, requiring them to implement robust technical and organizational measures that comply with the Personal Data Protection Law. These third parties shall be held legally accountable for any misuse of your personal information in accordance with our strict guidelines.
Siolla may transfer your personal information to trusted third parties for central operational purposes, such as to enable us to conduct core business operations, facilitate the delivery of our premium services, and support research and development activities aimed at enhancing our offerings. Prior to any data transfer, we rigorously assess the receiving party to ensure that they provide a level of protection that meets or exceeds the standards set forth in the Personal Data Protection Law and other applicable regulations, and that such transfers do not compromise national security or other critical interests. We require these external parties to furnish adequate assurances regarding their technical and organizational security measures to maintain the confidentiality and integrity of your personal data.
Siolla stores your personal data on secure servers provided by licensed cloud computing companies, both within and outside the Kingdom, in accordance with the aforementioned assessments. All personal data is archived in a secure environment and subject to stringent internal policies and best practices designed to protect it from misuse, loss, unauthorized access, alteration, or disclosure. Your personal data will be retained for a period of ten (10) years, which may be extended if necessary to fulfill the purposes for which the data was collected or if required by another law or regulatory mandate. Once the retention period expires, personal data will be securely destroyed using methods such as shredding or magnetic erasure, or it will be anonymized to prevent any future association with your identity.
Siolla, along with its approved external service providers, is committed to upholding the highest cybersecurity standards and governance practices. We invest in state-of-the-art technical, administrative, and financial measures to maintain a secure infrastructure for our systems, networks, and databases to protect the information described above from leakage or misuse. While we deploy extensive safeguards, no electronic transmission or storage system is completely secure; therefore, we cannot guarantee absolute security of your personal data. As a user, you are responsible for not sharing your passwords or verification codes and for safeguarding these credentials against unauthorized access, including by any personnel at Siolla. If you become aware of any unauthorized use of your account or any security threat, you agree to notify us immediately.
Siolla offers a range of self-service features to comply with our obligations under the Personal Data Protection Law regarding responses to data subject requests at no additional cost. You have the following rights with respect to your personal data:
If you wish to exercise any of the rights mentioned above, please contact us at data.privacy@siolla.com. Siolla will act on any such request within thirty (30) days without undue delay and maintain a record of these requests. In certain circumstances, this period may be extended by an additional thirty (30) days, provided that you are informed in advance of the extension and the reasons for it.
You have several options regarding the disclosure and use of your personal data as described in this Privacy Policy. You may choose to decline to provide certain personal data to Siolla; however, this may preclude your access to certain features and services on our Website and App that require such data.
You may withdraw your consent for the use of your personal data for marketing purposes at any time by contacting us via the email address provided in the "Contact Us" section. However, please note that unsubscribing from providing personal data will not allow continued access to Siolla’s services. In such cases, you may be required to close your account to cease providing personal data for any new purpose. Even if you revoke your consent, we may still collect and use non-personal data related to your interactions with our services for legal and regulatory purposes as described above.
Siolla may use your personal data to communicate important information regarding our Services, such as service-related notifications, blog posts, or other beneficial updates. If you decide at any time that you no longer wish to receive marketing communications from us, please follow the unsubscribe instructions provided in those communications or contact us at Support@siolla.com. Please note that you cannot unsubscribe from administrative communications such as regulatory notifications, invoices, service updates, or changes to our Terms or this Privacy Policy. We process do-not-contact requests for email lists, phone numbers, and other communication channels in accordance with applicable law.
We may send you push notifications through our mobile application. You may opt out of receiving such notifications at any time by adjusting the settings on your mobile device. We may also collect location-based information if you use our mobile application; you can disable such collection by altering your device settings.
Once you delete your account, it can be recovered during 30 days from initiating the process, after the 30 days none of your data will be retrievable. We advise you to carefully consider the deletion process before initiating it. If you wish to open a new account using the same identity associated with a deleted account, please contact us at Support@siolla.com.
Steps for Account Deletion:
Data subject to deletion includes all data you have entered into the application, your personal information, and any data you have shared through open banking integration.
Siolla reserves the right to update this Privacy Policy at any time in accordance with our sole discretion and in compliance with applicable legal and regulatory requirements. In the event of any significant changes to this Privacy Policy, we will notify you as required by law. We encourage you to periodically review this Privacy Policy to understand how we are using and protecting your personal data, as well as to remain informed about any modifications to our Privacy Policy. Your continued use of Siolla’s Services after the posting or notification of any changes shall be deemed acceptance of such modifications and all amended terms. Any changes to this Privacy Policy shall become effective immediately upon posting or otherwise providing notice, and each version of this Privacy Policy will be clearly dated to indicate its effective date.
This document constitutes the entire Privacy Policy for Siolla and its affiliated companies, covering all Services, Websites, and Apps that we operate. It governs all aspects related to the collection, use, and disclosure of your personal data, as well as the measures in place to ensure its security and integrity.
This Agreement has been prepared in both Arabic and English. In the event of any discrepancy or conflict between the two versions, the Arabic version shall prevail and be deemed the authoritative text.
If you have any questions, inquiries, or concerns regarding this Privacy Policy, or if you wish to request modifications or deletion of your personal data or unsubscribe from communications, please contact us using one of the following methods:
For further details regarding the processing of your personal data and the exercise of your rights under this Policy, you may also contact us via email at privacy@siolla.com
By adopting these practices and policies, Siolla strives to maintain the highest levels of transparency and security in handling your personal data, fully complying with all applicable laws and regulations.