Privacy policy

Introduction

Welcome to the privacy policy of مولكم. We are a Saudi company providing ecommerce solutions and we are committed to protecting user privacy to high international standards.

This policy applies to:

• Merchants: who use our platform to create and manage stores.
• Customers: who shop from stores built on our platform.
• Visitors: who browse our website.

Data we collect

We collect different types of data to provide and improve our services:

Account data

• Full name and email address
• Phone number and address
• Business name (for merchants)
• Payment information (encrypted and protected)

Usage data

• Order and transaction history
• Products added or updated
• Your interactions with platform features
• Pages visited and time on site

Technical data

• IP address and browser type
• Operating system and device type
• Cookies
• Geolocation (with your permission)

Content you provide

• Product images and descriptions
• Logos and trademarks
• AI-generated content
• Messages and notes

How we use your data

We use your data for the following purposes:

• Providing services Create and manage your account, process orders, enable payments.
• Improving your experience Personalize content, suggest features, improve the UI.
• Communicating with you Important updates, order notifications, and support.
• Security and protection Detect fraud, prevent abuse, protect your rights and ours.
• Analytics Understand how services are used to keep improving them.
• Legal compliance Meet applicable laws and regulations.

We will not use your data for direct marketing without your explicit consent.

Legal basis for processing

We process personal data on the following legal bases:

• Contract performance Data needed to deliver the services you requested (store setup, orders).
• Consent Where you explicitly agree to processing for specific purposes (e.g., marketing).
• Legitimate interests To improve services, prevent fraud, and keep the platform secure.
• Legal obligation When the law requires us to process data (e.g., taxes and invoices).

Data sharing

We never sell your personal data. However, we may share data in the following cases:

Service providers:

• Payment gateways (Tap, Mada) - to process payments
• Cloud hosting - to store data
• Analytics services - to understand usage
• Email services - to communicate with you

Legal requirements:

We may disclose data in response to lawful requests, to protect our legal rights, or in emergencies to protect safety.

Business transfers:

In a merger or acquisition, data may transfer to the new entity with the same level of protection.

Assurance: All third parties we share data with are contractually required to protect it and use it only for defined purposes.

Data security

We take strong measures to protect your data:

• Encryption Data encrypted in transit (TLS 1.3) and at rest (AES-256).
• Authentication Multi-factor authentication and hashed passwords.
• Monitoring Continuous monitoring for threats and suspicious activity.
• Limited access Data access is limited to authorized staff.
• Backups Regular backups stored securely across locations.
• Testing Periodic security testing and ongoing updates.

Your responsibility: You must keep your password secret and notify us immediately of any unauthorized access.

Your rights

Under Saudi PDPL and GDPR principles, you have the following rights:

• Right of access Request a copy of personal data we hold.
• Right to rectification Correct inaccurate or incomplete data.
• Right to erasure Request deletion of your personal data ('right to be forgotten').
• Right to portability Receive your data in a machine-readable format.
• Right to object Object to certain processing activities.
• Right to restrict processing Request limits on how we use your data.
• Right to withdraw consent Withdraw consent where processing is consent-based.

How to exercise rights: email privacy@mollkom.com and we will respond within 30 days.

Cookies

We use cookies to improve your experience:

• Necessary Required for the site to work (login, cart).
• Functional Remember preferences (language, settings).
• Analytics Help us understand how you use the site.
• Marketing Used to show relevant ads (only with consent).

Managing cookies: you can adjust browser settings; disabling some cookies may affect functionality.

Data retention

We retain data for the following periods:

After retention ends, we delete or irreversibly anonymize data.

International data transfers

As a Saudi company serving customers globally, we may need to transfer data outside Saudi Arabia:

Transfer safeguards:

• Transfer only to jurisdictions with adequate protection.
• Use approved standard contractual clauses (SCCs).
• Ensure recipients meet the same protection standards.
• Encrypt all data in transit.

For EU users: we follow GDPR transfer requirements and approved EU Commission mechanisms.

Children's privacy

Our services are not directed at children under 18, and we do not knowingly collect their data.

If you are a parent or guardian and believe your child provided personal data, contact us at privacy@mollkom.com and we will delete it promptly.

Policy updates

We may update this policy from time to time to reflect changes in practices or law.

• We will publish updates on this page with a new date.
• For material changes, we will email a notice.
• Continued use means you accept the updated policy.
• We encourage you to review this page periodically.

Contact us

If you have privacy questions or concerns, contact us:

• Data protection officer (DPO) privacy@mollkom.com
• General support support@mollkom.com
• Address Kingdom of Saudi Arabia

We aim to respond to privacy inquiries within 30 days.

Right to complain: If you are not satisfied with our response, you may lodge a complaint with the competent authority (Saudi Data & AI Authority - SDAIA).