At HALA we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and disclose your personal data when you use our services or interact with us through our digital platforms.

We encourage you to read this policy carefully to understand our practices regarding your personal information, as well as your rights and choices in relation to it.

This policy applies to all personal information collected from current and prospective clients, as well as visitors to our website, in connection with the use of the Company’s services (“Services”).
In the course of your use of the Services, the Company may collect, use, and process certain categories of personal data, which may include, but is not limited to, the following:

(a) Identification and Contact Information: This includes your full name, national identification number, passport number, date of birth, telephone number, email address, and residential or mailing address.

(b) Account and Transactional Information: This comprises details relating to your user accounts, profile settings, contact lists, transactional history, income information, account balances, payment records, account activity, and any other financial data relevant to your interactions with the Company, its affiliates, or any third parties.

(c) Professional or Occupational Information: Including your current job title, employer name, and any information pertaining to your professional, commercial, or employment status.

(d) Geolocation Data: Such as your precise or approximate geographic location, as may be derived from your device’s Internet Protocol (IP) address, Global Positioning System (GPS), or other device-based location services. Subject to your device settings and permissions, such data may be collected even when the Services are not actively in use.

(e) Regulatory and Compliance Data: Including, without limitation, information and documentation gathered pursuant to Know Your Customer (KYC) procedures, Anti-Money Laundering (AML) obligations, sanctions screening, or other applicable legal and regulatory requirements.

(f) Voluntarily Submitted Data: Any additional personal information that you may choose to disclose to the Company on a voluntary basis, whether through registration forms, customer support interactions, or otherwise through your use of the Services.

The Company retains the personal data provided by the user within their profile for as long as the account remains active, or until such data is modified or deleted by the user through their account settings. The user acknowledges and agrees that the Company may access, process, and retain such data in accordance with the provisions of this Privacy Policy.

Certain services or products offered by the Company may require direct communication with the user via the registered email address or contact numbers in order to verify specific details, process service requests, or provide necessary support.

The Company reserves the right to collect and process certain personal information from users, including but not limited to, full name, address, phone number, and email address. The Company may also collect technical and transactional data related to the user’s interaction with the Services, such as Internet Protocol (IP) address, internet domain, browser type, user agent, and other relevant metadata.

Such collection may include the use of cookies or similar tracking technologies for analytical purposes or to enhance the user experience, as well as any additional information voluntarily submitted by the user through their interaction with the platform.
The Company reserves the right to collect and process certain personal information from users, including but not limited to full name, address, phone number, and email address. The Company may also collect technical and interaction-related data associated with the user’s use of the Services, such as IP address, internet domain, browser type, user agent, and other relevant information collected automatically, including through the use of cookies or similar technologies.

Subject to applicable laws and regulatory exceptions, users have the right to request access to the personal information retained by the Company, as well as to request corrections or updates where necessary. In such instances, the Company reserves the right to take appropriate measures to verify the identity of the user or any legally authorized representative, in order to ensure that no information is disclosed to unauthorized parties.

In certain limited circumstances, the Company may be unable to provide users with access to their personal information. These circumstances include, but are not limited to, the following:

a. Where disclosure is prohibited by law or by order of a governmental, regulatory, or judicial authority.

b. Where the information is related to ongoing or anticipated legal proceedings.

c. Where disclosure would infringe upon the privacy or safety of others.

d. Where providing access would compromise competition or reveal competitive strategies.

e. Where disclosure would involve sensitive commercial or operational decisions affecting the Company or third parties.

The Company is committed to maintaining the confidentiality of client information and shall not disclose or share any personal data with third parties without the client’s express consent, except as permitted or required under the laws and regulations of the Kingdom of Saudi Arabia, and in the following circumstances:

a. Pursuant to orders from competent authorities within the Kingdom, including any court, governmental, or regulatory body, for the purpose of complying with legal or regulatory obligations.
b. To parties to whom disclosure is authorized or required under applicable laws and regulations.
c. To the Company’s accountants, auditors, legal advisors, and other professional consultants.
d. For the settlement of securities transactions or verification of payment processes.
e. To other financial institutions, such as banks, where necessary.
f. To any entity where disclosure is required to protect the Company from legal or administrative claims or liabilities arising from inaccurate or misleading information provided by or on behalf of the client.
g. To service providers engaged by the Company to perform specific functions, support operations, or assist in facilitating business activities.
h. To debt collection agents, licensed credit information providers, or insurance companies.
i. To any member of the corporate group or affiliated service provider for the purpose of delivering products or services, enhancing user experience, or promoting relevant financial investment offerings.
j. The Company may contact the user and/or send notifications via various channels such as SMS, email, or phone, regarding its products and services.

Access to clients’ personal information is restricted to a designated group of qualified employees, and solely for specific operational purposes related to the provision of services or the performance of required tasks. Authorized personnel are made aware of the importance of maintaining the confidentiality and privacy of such information.

The Company has implemented electronic, administrative, and physical safeguards to protect personal information, in accordance with internal policies and industry-standard practices in the financial and investment sectors. This Privacy Policy remains applicable regardless of whether the client is online or offline.

By accessing any of the Company’s electronic channels, the user provides explicit consent to the collection, transfer, processing, use, and storage of their personal information in accordance with this Privacy Policy. If the user does not agree to any of the terms outlined herein, they must refrain from using the electronic channels.

For further information or assistance, users are encouraged to contact the Company directly via the designated email address info@hala.capital, where appropriate support will be provided.

The Company and all its personnel are committed to implementing a comprehensive and strict information security policy to ensure the protection of users’ personal data, in accordance with the applicable laws and regulations in the Kingdom of Saudi Arabia. Access to personally identifiable information is strictly limited to authorized employees who have formally committed to maintaining the confidentiality of such information.

Personal data is used solely for legitimate internal purposes, including enhancing the user experience, supporting internal teams in understanding individual needs and business trends, and improving the products and services offered by the Company. The Company affirms that such information will not be sold or disclosed to any third party under any name or for any purpose.

The Company makes every effort to ensure the accuracy and quality of the information published through its digital channels by sourcing data from original and reliable sources whenever possible. The Company also acknowledges the intellectual property rights of all third-party entities and does not claim ownership of content belonging to others. Nonetheless, the Company assumes no legal responsibility for the accuracy, completeness, or currency of the information displayed on its website, digital platforms, or any linked external sites.

The Company affirms that all intellectual property rights related to the content available on its digital channels — including texts, graphics, logos, audiovisual materials, and designs — are fully reserved and protected under applicable laws and regulations. The Company reserves the right to take all necessary legal actions against any individual or entity that infringes upon these rights in any form.

The Company also emphasizes that it does not sell users’ personal data to any third party. However, certain personal information may be shared, when necessary, with entities the Company deals with or with approved service providers, strictly in accordance with applicable regulations, and solely for operational or service-related purposes intended to enhance user experience and deliver services effectively.

The Company’s digital channels may contain links that redirect users to other websites not operated or controlled by the Company. Accordingly, the Company assumes no legal responsibility for the content of such websites, their privacy practices, or the manner in which they collect, use, or manage the personal information of their visitors or users.

Users are therefore strongly encouraged to review the privacy policies and terms of use of any external websites they visit, before providing any personal data or engaging with their services, as access to such links is at the user’s own risk.

Your Rights:
In accordance with applicable laws and regulations, you have the right to exercise the data-related rights outlined in this section. Prior to processing your request, we may ask you to verify your identity and confirm the nature of your request to protect your data from unauthorized access.

A. Managing Your Data: You can view, modify, and update certain personal information through your account settings. You are responsible for maintaining the accuracy and completeness of your data.

B. Portability and Access: You may request a copy of your personal data in a structured, commonly used, and machine-readable format. Where technically feasible and in compliance with applicable law, you may also request that we transfer your data to another service provider.

C. Deletion: You may request the deletion of your personal data, either voluntarily or in connection with account suspension or closure. Please note that certain exceptions may apply where data retention is legally required.

D. Legitimate Business Interests: We may retain personal data if it is necessary for legitimate business purposes, such as anti-money laundering, fraud prevention and detection, and improving system security.

E. Legal, Tax, and Compliance Obligations: We may retain and use personal information to satisfy legal, tax, reporting, and auditing obligations as required by applicable regulations.

F. Backup Systems: Residual copies of your data may remain in backup systems for a limited time, as part of our standard disaster recovery and data protection measures. These copies may not be immediately removed upon deletion of your active data

We are firmly committed to safeguarding your privacy and take all concerns related to personal data seriously. If you believe your privacy has been compromised in any way, you have the right to submit a formal complaint directly to the company.

We are committed to reviewing and responding to your complaint promptly, with the aim of resolving it within three (3) business days. Should more time be required, you will be notified within the same timeframe with an update and an estimated resolution timeline.

Complaints may be submitted via email to:
Compliance@hala.capital

The User hereby acknowledges and agrees that the Company, including its parent entities, subsidiaries, and affiliates, provides no warranties—express or implied—regarding the collection, control, access, correction, processing, use, storage, protection, or transfer of personal data, nor with respect to the existence or adequacy of any security measures implemented. The User accepts that the Company shall not be held liable for any loss, damage, or claim arising from unauthorized or authorized access, disclosure, use, alteration, or destruction of personal data, including but not limited to, any damage resulting from the introduction of viruses, malware, or other harmful elements that may affect data stored or transmitted via the Company’s electronic platforms.

In no event shall the Company, its affiliates, parent entities, partners, directors, officers, employees, or service providers be liable to the User or any third party for any direct, indirect, incidental, special, punitive, or consequential damages whatsoever, including but not limited to loss of profits, loss of data, or business interruption, arising out of or in connection with the collection, processing, storage, or transmission of personal data, or access to any of the Company’s electronic services.

The Company reserves the right to amend, update, or modify this Privacy Policy at its sole discretion, in whole or in part, at any time and without prior notice. Any such amendments shall become effective upon being published through the Company’s official digital channels.

This Privacy Policy and any dispute arising from or relating to the use of the Company’s digital platforms or the services offered therein shall be governed by and construed in accordance with the laws and regulations of the Kingdom of Saudi Arabia.
The competent courts and judicial authorities of the Kingdom of Saudi Arabia shall have exclusive jurisdiction over any such disputes.

The Company fully complies with the Personal Data Protection Law in the Kingdom of Saudi Arabia and adheres to best practices for handling, processing, and safeguarding personal data, ensuring transparency and legal protection for all users.

If you have any questions or require further information regarding this Privacy Policy, please contact us using the details below or send us an email at: info@hala.capital