Personal Data Protection Policy
1. Respecting your privacy and protecting your personal data:
stc Bahrain collects information to understand your needs better. This helps us to improve our services and the way we communicate with you.
We know that privacy is important to you and we strive to be as open and transparent as possible in how we serve you.
We conduct our business in compliance with the Personal Data Protection Act (PDPA) and have implemented additional measures to protect your personal information.
stc Bahrain’s Data Protection Policy aims to help you understand how we collect, use, share and protect your personal information.
2. Ways we collect your personal information
We may collect your personal information when you:
· Subscribe to our services
· Use our network and other stc Bahrain products or services
· Register for a specific product or service (e.g. registering your interest to purchase handsets)
· Sign up for alerts or newsletters
· Contact us with a question or request for assistance
· Participate in a competition, lucky draw or survey
· Visit our websites
3. The information we collect
The information we collect depends on the stc Bahrain products and services you use and subscribe to. Here are key examples:
· Your identity – This includes CPR or passport number, address, telephone number, e-mail address, date of birth, as well as service-related information such as bank and credit card details, device ID and IP address.
· Your interaction with us – For example, a note or recording of a call you make to one of our contact centres, an email or letter you send to us or other records of any contact you have with us.
· Your account information – For example, the subscription services you use or other details related to your account.
· Information on your use of our services – For example, the phone numbers you call or send text messages to and vice versa, as well as the date, time and duration of your calls through our network and the approximate location of your mobile device.
· Information on equipment and our network – For example, information on the performance of your device on our network.
· Your preferences – This is based on what you share with us on how you would like to be contacted, and your preferred products, services and lifestyle activities for example.
· Information from other organizations – These organizations include fraud-prevention agencies, business directories, credit reference agencies or individuals we believe you have authorized to provide your personal details on your behalf.
4. How we use your information
We may use your information for:
4.1. Provisioning & administration of services
· Process your orders and activate or deactivate services
· Enable us to process bills and payments
· Respond to enquiries and requests from you or people you have authorized
· Inform you about service upgrades and updates
· Provide directory assistance
· Facilitate interconnection and inter-operability with other telecommunications operators
4.2. Market research, network & service enhancement
· Conduct market research and customer satisfaction surveys to improve our customer service; develop new products, as well as personalize the services we offer you
· Improve our network, for example by looking at usage and mobility patterns
· Perform market analysis*
(*Upon request from private and public organizations, we may provide information collected as described above for their planning purposes. The information included within any reports to these organizations is always aggregated and anonymised such that no particular individual is identifiable.)
4.3. Sharing of rewards and benefits
· Offer rewards and promotions, and share promotional benefits and loyalty programs which you may qualify for
· Provide updates, offers, invitations to events and deliver relevant advertising, including through voice and SMS with your prior consent or if otherwise permitted under local laws and regulations
4.4. Security and risk management
· Inform you of service and security issues
· Prevent and detect fraud or other crimes and recover debts
· Conduct internal audits
· Ensure the safety and security of our properties and systems
· Conduct checks against money laundering, terrorism financing and related risks
4.5. Legal & regulatory requirements
· Meet legal, regulatory and other requirements including providing assistance to law enforcement, judicial and other government agencies
We will not use your personal data for purposes other than what we have informed you, or which are permitted under local laws and regulations.
We will not offer, publish or share your personal data with third parties outside of the stc Group for commercial purposes, without seeking your explicit permission.
We will retain your information for only as long as there is a business or legal need.
5. Sharing your information
We may share your information with:
· Companies in the stc Group
· Business partners and vendors we work with to deliver services you have subscribed to
· Industry regulators and other government organizations, as required by local laws and regulations
· Financial institutions for purposes such as facilitating GIRO payments
· Research institutions for market analysis purposes
Your information is disclosed to the above only for relevant purposes (please refer to those mentioned in this Policy) or to protect the interests of our customers.
In some cases, we encrypt, anonymise and aggregate the information before sharing it. Anonymising means stripping the information of personally identifiable features. Aggregating means presenting the information in groups or segments e.g. age groups.
We will also ensure that overseas organizations we work with observe strict confidentiality and data protection obligations.
6. Protecting your information
We have implemented stringent measures to secure and protect your information. These include:
· Safeguards to prevent security breaches in our network and database systems
· Limits on access to information in our systems and the systems of our business partners and vendors
· Strict verification processes to prevent unauthorized access to information
7. Respecting your contact preferences
We may send marketing messages to your telephone number if:
a. you have given us consent, OR
b. the sending of such messages is permissible under applicable laws and regulations.
Our marketing messages aim to update you about our exclusive offers, rewards programme and special deals from our preferred partners and advertisers.
If you wish to continue receiving such messages or to opt out, you can indicate your preference subject to stc Business Rules. Your request will be processed within 30 days, except for marketing messages sent via bills, which will be processed in the next 2 billing cycles.
Please note that after opting out, you may still continue to receive non-marketing messages, such as product updates and service notices as permitted under applicable local laws and regulations.
Feel free to contact our Data Protection Officer at firstname.lastname@example.org
You may also refer to our FAQ section for more details.