Introduction

The Art Institute for Training is committed to safeguarding the privacy of its users and protecting its technological assets. The Institute’s Information Security Governance aims to ensure the implementation of necessary security measures in compliance with the best global practices, standards, and applicable laws related to data protection and privacy.

This policy forms part of the Institute’s approved governance framework and is subject to the authority of the designated governing body. It shall be enforced as of its official date of approval.

 

Policy Objectives

This policy aims to:

  •             Ensure the Institute’s compliance with all legal, regulatory, and contractual requirements related to information security.
  •             Protect intellectual property rights and copyrights.
  •            Ensure the proper and secure use of the Institute’s systems, technologies, and data to guarantee the continuity of service delivery with high efficiency and quality.

 

Scope of Application

This policy applies to all employees, contractors, suppliers, and external parties associated with the Institute, whether on a permanent or temporary basis, including:

  •         Employees, vendors, and third-party contractors.
  •            Any individual granted permanent or temporary access to the Institute’s data, systems, devices, or databases.

The policy applies to all forms of data, regardless of their source or nature.

When using the Institute’s website or digital services, users are required to:

  • Refrain from engaging in any illegal or harmful activities.
  • Use the website strictly for work-related purposes.
  • Avoid misrepresenting the Institute’s identity or misusing its trademarks.
Avoid attempting unauthorized access to the Institute’s systems or conducting security tests without prior written permission.
  •        Refrain from installing or running unauthorized software or tools on the Institute’s systems.
  •        Not use proxy or firewall-bypassing technologies to circumvent security controls.
  •        Not publish, copy, or share Institute-owned content (including text, images, videos, or files) without official permission.

Copyrights and Liabilities

  •              All website content is protected by copyright laws under the Kingdom of Saudi Arabia.
  •              The website may contain links to external sites provided for convenience only; the Institute bears no responsibility for their content and does not endorse them.
  •              The Institute reserves the right to modify or restrict access to any part of the website at any time without prior notice.

Personal Data Protection

Data Collection

Personal data is collected with user consent through:

  •              Registration for official Institute services.
  •              Use of mobile applications or various digital platforms.
  •              Communication through customer service channels or official partner entities.

Collected personal data may include: name, ID number, contact details, academic or professional information, and digital account details.

Purpose of Data Collection

  •              To efficiently deliver Institute services.
  •              To support policy development and research.
  •              To handle inquiries and complaints.
  •              To enhance user experience and service quality.
  •              To verify user identity during registration.
  •              To comply with legal and regulatory obligations.

Data Sharing

  •              Data is not shared with non-governmental entities unless user consent is obtained or the sharing is necessary for public service.
  •              Data may be shared with authorized government bodies when required by law for national security or privacy protection purposes.
  •              Data sharing occurs only through secure and trusted environments, and data protection agreements may be signed where necessary.

 

Data Transfer Outside the Kingdom

All data is stored and processed within the Kingdom of Saudi Arabia to maintain national digital sovereignty, except in cases explicitly authorized by law.

 

Data Protection and Security

  •              The Institute adopts the highest security standards to protect stored and processed data.
  •              Advanced encryption and strict security measures are used to prevent unauthorized access or tampering.
  •              When the purpose of data collection has been fulfilled, data (digital or paper-based) is securely deleted or destroyed in accordance with best practices.

 

Individuals’ Rights Regarding Their Data

Individuals have the right to:

  •              Access: Know the reasons for data collection and its intended purposes.
  •              Review: Access and obtain an accurate copy of their personal data.
  •              Rectification: Request data updates or corrections when necessary.
  •              Deletion: Request deletion of data once it is no longer required, in accordance with applicable regulations.

 

Policy Approval

These policies have been officially approved by the Administration of the Art Institute for Training and shall take effect from the date of their formal adoption.

 

 

This is a non-production site