Privacy and Confidentiality Policy

  • Who collects user data?

    The Ministry of Justice portal places users at the top of priorities. The portal admin makes every effort to provide a high quality service for all clients. The privacy and confidentiality policy below is part of the terms of using the MoJ portal.
    Visitors and users must continually view the privacy and confidentiality terms in case of updates.
    The Ministry of Justice is not responsible under any circumstances for any damage, whether direct, indirect, incidental, special or exceptional; arising from using or inability to use this portal.
    If you follow a link leading to a service provided by the Ministry of Justice, the entity will
    • control the data
    • be responsible for processing any data you share with them
    • be responsible for publishing and managing their privacy notification, with details about how to contact them

    What data is collected?

    • Questions, inquiries or notes that you leave, including your email address when you inquire or request information about a specific service; or when you give additional information using any means of electronic or regular communication with the ministry, such as an inquiry on our website; we will use your email address to answer your inquiries, and we may save your email address, message and our response for quality control purposes.
    • Your email address and subscription preferences when registering for our email alerts
    • Your IP address, and details on the web browser version you used
    • Information on how you use the site, using cookies  

    • The Ministry of Justice uses Dynatrace to collect information, including IP addresses, on how you use the MoJ portal. Anonymous data before analytics use
    • The Ministry of Justice does not save your personal information through Dynatrace (such as your name or address). We will not recognize you through analytics data, and will not combine analytics data with other data sets in a way that identifies you. The data is collected only for control and quality purposes. We constantly monitor our data protection controls to ensure effectiveness and discover any weaknesses
    • Dynatrace processes anonymous information about:
    ⁻ Pages you visit on the ministry’s website
    ⁻ The duration you spend on each page of the site
    ⁻ How you reached the site
    ⁻ What you click on it during your visit

    What is the purpose of data collection?

    We collect data in order to
    • allow you to access government services and applications
    • find out how you use the site and e-services to ensure that the site meets the client’s needs
    • make improvements (such as enhancing search on site) using Dynatrace
    • collect comments to improve our services, such as our e-mail alerts, and content service evaluation
    • reply to any comments you send us
    • send e-mail alerts to users who request and subscribe to such alerts
    • provide you with information about local services
    • monitor the use of the site to identify security threats

    What are user rights:

    The user has the right to access and modify his or her personal data. The Ministry of Justice is committed to protecting the data privacy for systems users. The MoJ portal places user data privacy at the top of priorities. The Ministry makes every effort to provide a high quality service for all users.
    1.Visitors and users must continually view the privacy and confidentiality terms in case of updates.
    2.The Ministry of Justice is committed to notifying users of any updates on privacy and confidentiality policy.
    3.The Ministry of Justice is committed not to disclose any of your personal information unless you voluntarily choose disclosure; such information is used only for the purpose it has been collected for.
    4.The user has the right to withdraw his or her consent to the sharing of data whenever he or she wishes.
    5.If you use a direct app or send us an email via the MoJ portal including your information, you fully agree to the storage, processing and use of such information by the Saudi authorities. We reserve the right at all times to reveal any information to the competent authorities, when necessary.
    6. You are responsible for the integrity, validity and accuracy of the data you send through this portal.
    7. In order to help you protect your personal information, we provide the following recommendations:
    • Do not give your confidential information associated with the Ministry of Justice on the phone or on the web to anyone or any entity not officially related to the Ministry of Justice.
    • Use a secure browser when you complete online applications; close unused apps, and make sure that your antivirus is always updated.
    • In the case of any inquiries or opinions on privacy terms, you may contact the Data Privacy Office.
    • To maintain your personal data, electronic storage and personal data are secured using appropriate security techniques.
    • This portal may contain electronic links to sites or portals that may use data protection methods different from our methods; we are not responsible for the contents, methods and privacy of such sites, and recommend that you refer to their privacy notifications.
    * If you want to request any of these rights, you can communicate with the Data Privacy Office.

    Principles and rights of personal data protection:

    • Responsibility: Privacy policies and procedures are identified and documented.
    • Transparency: Users are prepared and notified of the privacy data and procedures used by the Ministry of Justice.
    • Choice and approval: The possible options for the owner of the personal data are determined, and approval (implied or expressed as needed) is obtained with respect to collecting, use or disclosure of data.
    • Reduction of data collection: Personal data collection is limited to minimal data that can achieve specific purposes.
    • Reducing the use and storage of data: Personal processing and retention of data is limited to the purposes specified in the privacy notice, for which the data owner has provided approval (implied or express).
    • Access to data: The determination and provision of the means through which the user can access, review, update and correct his or her personal data.
    • Reducing data disclosure: Disclosure of personal data to third parties is limited to the purposes specified in the privacy notice, for which the data owner has provided approval (implied or express as needed).
    • Data security: Personal data is protected from leakage, damage, loss, theft, abuse, modification, or unauthorized access.
    • Data quality: Personal data is maintained in an accurate and complete manner relevant to the purposes specified in the privacy notice.
    • Monitoring and compliance: Compliance with the Privacy Policy and Procedures shall be monitored.


     Principles and general rules of data sharing:

    1. Promoting the sharing of the main data produced by the Ministry of Justice to achieve integration between different authorities within or outside the Kingdom; and the adoption of the “once-only principle” to reduce duplication and conflict of data. If the data is requested from an entity other than the main source, the entity must request the main source’s approval before sharing the data.
    2. Data is shared for legitimate purposes based on a justifiable legal or practical basis designed to achieve a public interest without harming national interests, the activities of authorities, privacy of individuals, or environmental safety -- except for data and authorities excluded by royal decrees.
    3.  All parties participating in the data sharing process have the power to access and use such data.
    4. All parties participating in the data sharing process must provide all necessary information for data exchange, including the required data, the purpose of collection, means of transmission, methods of storage, protection controls, and disposal mechanism.
    5. All parties involved in the data sharing process are collectively responsible for data sharing and processing decisions for the specific purposes; and ensuring the application of security controls stated in the data sharing agreement, laws, regulations, and relevant policies.
    6. All parties participating in data sharing apply appropriate security controls to protect and share data in a safe and reliable environment under relevant laws, legislations and directions of the National Cybersecurity Authority.
    7. Application of ethical practices during the data sharing process to ensure that they are used in a framework of justice, integrity, honesty and respect; rather than only commitment to information security policies or relevant regulatory and legislative requirements.

    For communication with the Data Privacy Office:

    The team welcomes communication through email if:
    • You have a question about anything in privacy and confidentiality policies.
    • You think your personal data has been misused or abused.
    DATA-SEC@moj.gov.sa 

    Relevant legislation






    Last Modified : 8 Jun 2021
    Visitors (-)