Privacy Policy

Last Updated: 01 January 2025

1. Introduction

Sofia Limited, limited liability company, operates pursuant to the laws and regulations of the Kingdom of Saudi Arabia with its commercial registration number 1010737724 (“Fia,” “we,” or the “Company”) welcomes all clients to our website, mobile application(s), and various services (collectively, the “Services”).
We at Fia are committed to safeguarding your privacy and keeping your personal information confidential. We collect, process, and store your data in accordance with the laws and regulations of the Kingdom of Saudi Arabia—particularly the Personal Data Protection Law (PDPL)—and in line with international best practices.

By using our Services or browsing our website and application(s), you acknowledge that you have read, understood, and agree to the provisions outlined in this Privacy Policy. If you do not agree with any part of this Policy, please cease using our Services immediately.

 

2. Scope of this Policy

This Policy covers the types of personal data we collect or receive and process when you interact with Fia’s Services, whether you are:

  1. Booking appointments via our website or mobile app.

  2. Visiting Fia’s salon to receive in-person treatments at our location.

  3. Utilizing our home services where our beauty specialists visit you at your chosen address in Riyadh.

  4. Communicating with us for any other purpose, such as inquiries, complaints, or marketing offers.

 

3. Personal Data We Collect

3.1 Data You Provide Directly

We may collect and process information you provide voluntarily when you:

  1. Create an Account or Book an Appointment: Such as your name, email address, mobile number, date of birth, payment details, and address.

  2. Communicate with Us: Via email, telephone, or chat (e.g., inquiries, complaints, or feedback).

  3. Participate in Promotions or Surveys: Including responses, preferences, or entries in marketing campaigns.

  4. Visit the Salon for Services: Including health or allergy information you share for your safety, as well as any images or data voluntarily provided.

3.2 Data We Collect Automatically

When you use our website or mobile application, we may automatically gather certain information, such as:

  1. Device Information: IP address, browser type, operating system, and unique device identifiers.

  2. Usage Data: Pages viewed, links clicked, time of access, and referring URLs.

  3. Cookies and Similar Technologies: See Section 7 for details on how we use cookies and tracking tools.

3.3 Sensitive Personal Data

Because our beauty and wellness services can involve health-related aspects, we may collect certain health or allergy information to ensure safe and appropriate services. We will only process this sensitive data with your explicit consent and in compliance with the applicable laws of Saudi Arabia.

 

4. Purpose of Collecting and Using Your Data

We use your personal data for the following purposes:

  1. Providing Services: To facilitate appointment bookings, deliver beauty treatments (in-store or at your home), and manage your account.

  2. Customer Support: To respond to inquiries, handle complaints, and offer post-treatment support.

  3. Personalization: To offer customized promotions, recommendations, and marketing materials based on your preferences and booking history.

  4. Marketing and Promotion: To send newsletters, promotional messages, or special offers, subject to any applicable consent requirements.

  5. Operational and Analytical Purposes: For internal analytics, improving our Services, and conducting statistical analysis.

  6. Legal and Regulatory Compliance: To fulfill legal obligations, comply with Saudi regulations, and enforce our agreements (including our Terms and Conditions).

 

5. Legal Bases for Processing Your Data

We rely on one or more of the following legal bases when processing your personal data:

  1. Consent: Where you have explicitly consented to our use of your data (e.g., receiving marketing communications or sharing health information).

  2. Contractual Necessity: Where processing is required to perform services or fulfill our contract with you (e.g., booking services, processing payments).

  3. Legal Obligations: Where we must comply with legal requirements (e.g., maintaining accounting records).

  4. Legitimate Interests: Where processing is essential for our legitimate business interests (e.g., enhancing our services), provided these do not override your fundamental rights.

 

6. Data Sharing and Disclosure

6.1 External Service Providers

We may share certain elements of your personal data with third-party providers who assist in operating our Services, such as:

  • Payment Processors (banks, payment gateways).

  • IT and Hosting Services (cloud storage, analytics tools).

  • Marketing Partners (for campaigns or promotions, where necessary).

These entities are contractually required to protect your data and only process it according to our instructions, for explicitly defined purposes.

6.2 Regulatory and Legal Compliance

We may disclose your personal data if required by law, regulation, or in response to lawful requests from governmental or judicial authorities.

6.3 Mergers, Acquisitions, or Reorganizations

If we undergo a merger, acquisition, restructuring, or partial asset sale, your personal data may be transferred as part of the transaction, subject to confidentiality obligations and in compliance with applicable law.

 

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Personalize your user experience on our website and app.

  • Analyze site traffic and user behavior.

  • Store your preferences (e.g., language, login credentials).

You can adjust your browser settings to reject cookies or alert you when cookies are in use. However, disabling cookies may affect certain features of our website or application.

 

8. Data Retention

We only retain your personal data for as long as is necessary to fulfill the purposes outlined in this Policy or as required by applicable legal obligations. After this period, we securely delete or anonymize the data unless we are legally mandated to retain it for an extended time.

 

9. Data Security

We implement industry-standard security measures (such as encryption, firewalls, and secure servers) to protect your personal data against unauthorized access, use, or disclosure. While we strive to safeguard your information, please note that no method of data transmission or storage can be guaranteed 100% secure.

 

10. Children’s Privacy

Our Services are intended for individuals aged 18 and older. We do not knowingly collect personal data from minors under 18. If we become aware that we have unintentionally collected data from a minor, we will delete it in accordance with applicable laws.

 

11. Third-Party Websites and Services

Our website or app may contain links to external websites or services not operated by Fia. We are not responsible for the privacy practices of those external sites. We advise reviewing the privacy policies of third-party platforms before providing them with any personal data.

 

12. Data Transfers Outside the Kingdom of Saudi Arabia

We strive to store and process personal data within the Kingdom of Saudi Arabia. However, certain service providers or data hosting solutions may operate from other countries. Where data is transferred outside Saudi Arabia, we apply appropriate safeguards in compliance with local laws and international best practices.

 

13. Your Data Rights

Subject to the applicable laws in Saudi Arabia (including the Personal Data Protection Law), you may have the right to:

  1. Access your personal data and request a copy thereof.

  2. Rectify inaccurate or incomplete data.

  3. Request Deletion of your data under certain conditions, unless there are legal reasons to retain it.

  4. Object to or Restrict certain types of data processing, as permitted by law.

  5. Withdraw Consent at any time if processing is based on your prior consent, unless a different legal basis applies.

To exercise any of these rights, please contact us using the details in Section 15. We may require certain verification steps to confirm your identity, in accordance with legal requirements.

 

14. Changes to This Privacy Policy

We reserve the right to update or modify this Policy from time to time to reflect changes in our practices or evolving legal requirements. In the event of any significant revisions, we will update the “Last Updated” date above and may provide additional notice. Your continued use of Fia’s Services after any changes take effect indicates your acceptance of those changes.

 

15. Contact Us

If you have any questions, requests, or concerns regarding your personal data or this Privacy Policy, please contact us at:

Fia Customer Service
Email: info@fia.sa
Phone: 920008327
Address: Prince Turki Ibn Abdulaziz Al Awwal Rd, Riyadh 13512, Saudi Arabia

We will do our best to respond promptly and in compliance with legal requirements.