Privacy Policy

Privacy Policy & Cookies

Last Updated

Overview

Medura is committed to protecting the privacy and security of the personal data of all our users. This policy explains how we collect, use, share, and protect your personal data in compliance with the Saudi Personal Data Protection Law (PDPL) and its executive regulations.

1. Scope of Data Collection and Processing

A. The Data We Collect

  • Identity and Contact Data: Full name, email address, phone number.
  • Professional Data: SCFHS professional classification / registration number (if provided), specialty, place of work.
  • Financial Data: Payment information is processed securely through a third-party payment gateway and is not stored on our servers.
  • Transaction Data: Records of courses purchased, payments, cancellations, and refunds (if applicable).
  • Technical Data: IP address, browser type, device information, and cookie data.

B. Why We Process Your Data (Legal Basis)

  • Your Explicit Consent: When you register, opt in to communications, or agree to specific data sharing where required.
  • Contractual Necessity: To process your booking, deliver the training service, and manage your account.
  • Legal Obligation: To comply with applicable legal, regulatory, or tax requirements.

C. Data Sharing

  • With Partner Training Centers: We share necessary personal data (such as name, professional classification/registration number if provided, and email/phone where needed) with the Center whose course you register for, to complete registration, manage attendance, issue certificates, and provide continuing education hours (if applicable).
  • With Service Providers: We may share data with trusted service providers that help us operate the platform (e.g., payment gateways, hosting, email delivery, analytics if enabled), under appropriate contractual safeguards.

We will never sell your personal data to any third party.

2. Your Rights as a Data Subject

Under the PDPL, you may have rights regarding your personal data, including:

  • The Right to Know: Be informed about the details of your data processing.
  • The Right of Access: Request access to, or a copy of, your personal data.
  • The Right to Correction: Request correction of inaccurate or incomplete data.
  • The Right to Destruction (Erasure): Request deletion of your personal data when it is no longer needed, subject to legal exceptions.
  • The Right to Withdraw Consent: Withdraw consent where processing is based on consent.

To submit a request, contact: privacy@medura.sa.

3. Security and Protection Measures

We take the security of your data seriously and implement appropriate measures, including:

Technical Measures

  • SSL/TLS encryption for data transmitted between your browser and our servers.
  • Encryption for sensitive data at rest (where applicable).
  • Access controls and monitoring to help prevent unauthorized access.

Organizational Measures

  • Access is limited on a need-to-know basis for authorized personnel only.
  • Internal procedures and training to support privacy and security best practices.

4. Cookie Policy

We use cookies (and similar technologies) to operate the website, improve user experience, and analyze site performance. You can manage cookies through your browser settings. Some cookies are essential for core functionality.

Essential Cookies

Required for core site functionality (such as login sessions and security).

Performance & Marketing Cookies

Used to understand site usage and improve content. Marketing cookies may be used to deliver relevant ads if enabled.

Contact

For privacy-related questions or requests, contact: privacy@medura.sa.