Gatekeeper

Privacy Policy

Data Controller

Gatekeeper (Commercial Registration No. [CR_NUMBER]), [REGISTERED_ADDRESS], Riyadh, Kingdom of Saudi Arabia, is the data controller responsible for processing your personal data in accordance with the Saudi Personal Data Protection Law (PDPL) issued by the Saudi Data and Artificial Intelligence Authority (SDAIA).

Legal Basis for Processing

We process personal data under the following legal bases as defined by the PDPL:

  • Legitimate interest: Processing data submitted through contact and demo request forms to respond to your inquiries about our cybersecurity products and services.
  • Consent: Using cookies on our website to store your language and theme preferences, and to manage cookie consent choices.
  • Contractual necessity: Processing administrator account credentials required for access to the Gatekeeper blog management platform.

Personal Data We Collect

We collect the following categories of personal data:

  • Contact form submissions: Name, email address, company name, job role, and message content.
  • Administrator accounts: Email address and password (stored as a cryptographic hash, never in plain text).
  • Technical data: IP addresses collected automatically through server access logs for security monitoring purposes.

We do not collect personal data through analytics, tracking pixels, or third-party marketing tools. We do not sell or share your personal data with third parties for marketing purposes.

Your Rights under the PDPL

Under the Saudi Personal Data Protection Law (PDPL), you have the following rights regarding your personal data:

  • Right to be informed: You have the right to know what personal data we hold about you and how it is being processed.
  • Right of access: You may request a copy of the personal data we hold about you.
  • Right to correction: You may request correction of any inaccurate or incomplete personal data.
  • Right to deletion: You may request deletion of your personal data where there is no legitimate reason for continued processing.

To exercise any of these rights, please contact us at privacy@gatekeeper.sa. We will respond to your request within 30 days.

Withdrawing Your Consent

Where processing is based on your consent, you have the right to withdraw that consent at any time:

  • Cookie consent: You may withdraw cookie consent at any time by clearing your browser cookies or using the cookie consent banner on our website.
  • Contact form consent: You may withdraw consent for processing of data submitted through contact forms by emailing privacy@gatekeeper.sa.

Withdrawal of consent does not affect the lawfulness of processing carried out prior to the withdrawal.

Cross-Border Data Transfers

All personal data collected through this website is processed and stored exclusively on infrastructure hosted within the Kingdom of Saudi Arabia. We do not transfer personal data outside of Saudi Arabia. As a cybersecurity company, we maintain strict data sovereignty and ensure that all data processing occurs within Saudi borders in compliance with PDPL cross-border transfer requirements.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Contact form data: Retained for up to 2 years from the date of submission, after which it is securely deleted.
  • Administrator accounts: Retained until the account is deleted by the administrator or by Gatekeeper.
  • Cookies: Retained according to the durations specified in our Cookie Policy.

Security Measures

As a cybersecurity company, Gatekeeper implements industry-leading security measures to protect your personal data, including:

  • Encryption of data in transit using TLS and at rest where applicable.
  • Strict access controls with role-based authentication for all systems.
  • Regular security audits and vulnerability assessments of our infrastructure.
  • Cryptographic hashing of passwords (never stored in plain text).

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, Gatekeeper will notify the Saudi Data and Artificial Intelligence Authority (SDAIA) within 72 hours of becoming aware of the breach, in accordance with PDPL Article 20. Affected individuals will also be notified without undue delay, including a description of the breach, the categories of data affected, and the measures taken to address the breach.

Contact Us

For questions about this Privacy Policy, to exercise your data protection rights, or to report a privacy concern, please contact us:

  • Email: privacy@gatekeeper.sa
  • Address: [REGISTERED_ADDRESS], Riyadh, Kingdom of Saudi Arabia

Last updated: 2026-03-22