Catalog News For Brands About Contact 🌐 AR
Join

Privacy Policy

LAST UPDATED: APRIL 2026

سياسة الخصوصية

§Information we collect

Qimta Legal operates as a high-integrity technical platform for enterprise legal and architectural data. We collect information that is necessary to provide our professional services, ensure platform security, and maintain the accuracy of legal documentation.

This includes information provided directly by you, information automatically collected during platform use, and data derived from technical project inputs.

BOQ and project data

As a technical platform, the primary data we process involves Bill of Quantities (BOQ) and structural project specifications. This data is classified as high-integrity business intelligence.

  • Raw architectural data and material specifications.
  • Pricing structures and historical bidding information.
  • Legal annotations related to specific project line items.
  • Version history and collaborative technical edits.

All project data is encrypted at rest and in transit, isolated by enterprise tenant boundaries.

Account data

To access Qimta Legal, users must provide verified enterprise credentials. We collect and store:

  • Full legal name and professional title.
  • Corporate email address and organizational affiliation.
  • Two-factor authentication metadata for security auditing.

Usage analytics

We monitor technical performance and interaction patterns to maintain the platform's "Sharp" performance standard. This includes IP addresses, browser technical strings, and interaction logs within the legal workspace. This data is used solely for system optimization and security forensics.

How we use data

Qimta Legal uses your data for the following strictly technical purposes:

Operational
Provisioning of BOQ analysis tools and legal document generation.
Assurance
Maintaining audit trails for legal compliance and professional accountability.

How we protect data

Our security architecture is designed for zero-trust environments. Protection measures include:

  • AES-256 encryption for all stored project datasets.
  • Strict Logical Access Control (LAC) based on the principle of least privilege.
  • Real-time threat monitoring and automated incident response protocols.
  • Regular third-party security audits and penetration testing.

Data sharing

Qimta does not sell, trade, or monetize project or account data. Data sharing is strictly limited to:

  • Technical sub-processors required for cloud infrastructure (AWS/Azure/Google Cloud).
  • Legal authorities where required by mandatory KSA or international law.
  • Authorized collaborators within your specific project environment.

Data retention

We retain legal and project data for the duration of the professional engagement and for a statutory period thereafter (typically 10 years for structural legal records) to satisfy regulatory requirements in the Kingdom of Saudi Arabia and applicable international jurisdictions.

User rights

Under Qimta's global governance framework, users maintain the right to:

  • Request a machine-readable export of their technical account data.
  • Rectify inaccurate project metadata.
  • Request data deletion (Right to be Forgotten), subject to prevailing legal retention mandates.
  • Withdraw consent for optional usage analytics.

PDPL and GDPR alignment

Qimta Legal is engineered for strict compliance with the Saudi Arabian Personal Data Protection Law (PDPL) and the European General Data Protection Regulation (GDPR). Our data processing agreements reflect the highest standards of international data sovereignty.

Contact for privacy requests

Technical Data Office
For all privacy-related inquiries, data access requests, or compliance questions, please contact our Data Protection Officer.
privacy@qimta.legal
Riyadh Technical District, KSA