PRIVACY POLICY

Welcome to Nayla Finance!

At Nayla Finance, We place a high value on privacy and hold it in the utmost regard. Our philosophy entails being transparent and forthcoming about Our privacy policies, which encompass the manner in which We handle Your personal data when You visit Our website https://www.naylafinance.com (“Website”), Our mobile application (“App”), and any application or technology We make available (collectively referred to as the “Platform”).

This online privacy policy (“Privacy Policy”) together with the documents and policies incorporated and referenced in these Terms and Conditions (“Terms”), including the Privacy Policy with the Terms and Conditions, shall constitute an agreement (“Agreement”) between You (“You, Your, Yourself”), and Nayla Finance along with its affiliates, successors, and assigns (Nayla Finance, We, Us, or Our).

By visiting Our Platform, using any Service offered on the Platform, or otherwise accessing Our Platform, You indicate that You accept this Privacy Policy as well as these Terms and that You agree to abide by them.

If You do not agree, please do not access Our Platform. You should read this Privacy Policy carefully before starting to use the Platform.

We collect, share, use, and protect information when You visit and use Our Platforms through the following URL for the Website https://www.naylafinance.com.

At Nayla Finance, We take privacy very seriously and are committed to complying with all applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR) and the Personal data protection law in the Kingdom of Saudi Arabia (KSA) (Royal Decree No. (M/19) dated 1443/2/9 AH. We are committed to complying with all applicable data protection laws and regulations in KSA and will take reasonable steps to ensure that we are in compliance with such laws. If You are aware of any specific data protection laws or regulations in KSA, or elsewhere that apply to You that We should be aware of and comply with, please let Us know so that We can take appropriate measures to comply with them. We reserve the right to modify Our Privacy Policy at any time to ensure that we remain in compliance with applicable laws and regulations.

This Privacy Policy should be read in conjunction with Nayla Finance’s Terms and Conditions. All defined terms used in this Privacy Policy shall have the same meaning ascribed to them in the Terms unless expressly otherwise provided for.

We reserve the right to revise this Privacy Policy at any time and with prior notice according to applicable laws and regulations. Any changes will be effective immediately upon posting the revised Privacy Policy on Our Website, with the updated date displayed at the top. Your continued use of Our Services after any changes to this Privacy Policy signifies Your acceptance of the updated Terms. We recommend that You periodically review this Privacy Policy to stay informed about Our data handling practices.

This Privacy Policy applies only to Nayla Finance’s Platforms and Services. The privacy policies of third- party properties or applications that may be accessed through Nayla Finance’s Platforms or Services will govern the information obtained from You by these third parties in those contexts. We encourage You to review the privacy policies of these third-party websites and applications before providing any personal data.We are not responsible for the privacy practices or content of third- party websites or applications.

When You use Our Platforms, We may collect personal data from or about You. In particular, We collect information You provide when You:

 fill in any forms, including contact forms, registration forms, or payment forms;register to use  the Platforms, including the Personal Data (as defined below);

 open an account or use any of Our Platforms, including information about Your device, location, and usage data;

 acquire a Service through the Platform;

 speak with a member of Our customer support team (either on the phone or through the Platforms),including call recordings and transcripts;

 access any websites from Our Platform;

 search about any Service on the Platform;

 click on listings or advertisements banners, and when You interact with such advertisements or listings;and

 contact Us for any other reason, including correspondence and feedback.

We may collect Your personal information that You have left with Us by (i) using Our Platform, (ii) subscribing to Our Platform, (iii) attending an event prepared by Us, or (iv) any other medium linked to Us(“Personal Data”). Likewise, You may choose to link Your bank account to the Platform. We also receive information from Our third party service providers about You. This information can include (i) customer service interactions, (ii) payment information, (iii) account information, and (iv) information shared in Our forums.

Your Personal Data may include but is not limited to, the following:

 Your personal information such as the first and last name, phone number, email address, ID or Iqama number, address and credit or debit card details, employment information, annual income and net worth,

 investment knowledge and experience,risk tolerance,

 investment objectives and time horizon, and any other relevant financial information, and;  credit/debit card details on the checkout page as set out in these Terms.

As part of Our commitment to transparency, Nayla Finance keeps records of all Service history with regard to completed Services, cancelled Services, active Services, and upcoming scheduled Services. Service details include, but not limited to various types of services that are offered by Us through the Platform.

Moreover, in order to improve Your online experience at Nayla Finance, We have implemented impression reporting. While You view Our Services and navigate our Platform, We gather Universal Unique Identifier (UUI), HTTP request data like, user agent, IP, host, URL, country/continent from which the request is made, browser info, device/operating system/operating system version. We collect transaction information related to the use of our services, including the type of services requested or provided, order details, date and time the service was provided, amount charged. We collect data about how users interact with our services. This includes data such as access dates and times, app features or pages viewed, app crashes and other system activity, type of browser, and third-party sites or services used before interacting with our services. In some cases, we collect this data through cookies, pixels, tags, and similar tracking technologies that create and maintain unique identifiers.

At Nayla Finance, we collect and process your personal data to ensure the effective provision of our financial services and to comply with our legal and regulatory obligations. Specifically, we process your personal data for the following purposes:

 Providing Financial Services: We use your personal data to facilitate and manage your access to our financial services, including processing loan applications, assessing creditworthiness, managing accounts, and performing transactions on the platform.

 Identity Verification: To comply with Know Your Customer (KYC) and Anti-Money Laundering(AML) regulations, we verify your identity when you open an account or use our services. This includes processing your national ID/Iqama, contact details, and other necessary documentation to ensure your identity is verified and protected.

 Fraud Prevention and Security: Protecting your personal data and ensuring the security of our platform is paramount. We process your personal information to monitor suspicious or fraudulent activities, safeguard against identity theft, and enhance the overall security of our platform. This may include the use of authentication methods and data analysis to detect and mitigate risks.

 Compliance with Legal Obligations: As a fintech company operating in the Kingdom of Saudi Arabia, we are required to comply with a range of legal obligations, including regulations issued by the Saudi Arabian Monetary Authority (SAMA), tax laws, and financial reporting requirements. Processing your personal data allows us to meet these obligations and provide transparency to relevant regulatory authorities.

 Improving Our Services: We may use your personal data to evaluate and enhance our services. This includes conducting analytics to understand how our users interact with the platform, identifying trends, and improving service offerings. Where possible, we will anonymize your data for this purpose to protect your privacy.

We will not process your personal data for any purpose beyond what is stated here unless:  We obtain your explicit consent to do so, or

 The processing is necessary for a legitimate interest that does not override your fundamental rights and freedoms, or

 It is legally required or allowed under applicable laws, including in situations where processing is necessary for the performance of a contract or for the establishment, exercise, or defense of legal claims.

We are committed to ensuring that your personal data is processed lawfully, fairly, and transparently, and only for the specific purposes outlined above. If we need to process your data for an unrelated purpose, we will inform you and explain the legal basis for such processing, in compliance with the Personal Data Protection Law of Saudi Arabia.

A browser cookie (“Cookies”) is a small piece of data that is stored on Your device to help websites remember things about You. Other technologies, including web storage and identifiers associated with Your device, may be used for similar purposes. In this Privacy Policy, We use Cookies to refer to all of these technologies.

Like most online services and websites, We may use Cookies and other technologies, such as web beacons,web storage, and unique advertising identifiers, to collect information about Your activity, browser, and device.

We may also use these Cookies to collect information when You interact with the services We offer through Our partners, such as advertising and commerce features. Most web browsers are set to accept Cookies by default. You can choose to remove or reject browser Cookies through the settings on Your browser or device.Keep in mind, though, that removing or rejecting Cookies could affect the availability and functionality of Our Platforms.

Like most providers of online services, Nayla Finance uses Cookies for a number of reasons, such as protecting Your data, helping Us see which features are most popular, counting visitors to a page, improving Our users’ experience, keeping Our Platforms secure, and generally providing You with a better, more intuitive and satisfying experience. The Cookies We use generally fall into one of the following categories:

Cookies collected by third parties for analytics and targeted third-party advertising on Our Platform, such as Google, Alexa, and Facebook, are subject to separate own privacy policies.

We will only use Your Personal Data when the law allows Us to. Most commonly, We will use Your Personal Data in the following circumstances:

 processing applications and transactions;

 accessing Our Platform and receiving Services;

 verifying Your identity (such as when You access Your account information); preventing fraud  and enhancing the security of Your account or Our Platforms;responding to Your requests

and communicating with You;  managing Your preferences;

 performing analytics concerning Your use of Our Platforms, including Your responses to Our emails and the pages and advertisements You view;

 providing You with tailored content and marketing messages;

 operating, evaluating, and improving Our business (including developing new products and Services;improving existing products and Services; performing data analytics; and performing accounting, auditing, and other internal functions);

 sending You information about Our Platforms, or promotional marketing communication;  administering Your account, servicing Your account, or contacting You when necessary;

 complying with and enforcing applicable legal requirements, relevant industry standards, contractual obligations, and Our policies; and

 to provide customer care and support

 to monitor Your usage of Our Platforms

 to perform internal operations necessary to provide Our services, including troubleshooting software bugs and operational problems; conducting data analysis, testing, and research; and monitoring and analyzing usage and activity trends.

We may use the personal data we collect to investigate or address claims or disputes relating to use of Our Platforms, or as otherwise allowed by applicable law, or as requested by regulators, government entities, andofficial inquiries.

for any other purposes that We may specifically disclose at the time You provide or We collect Your information.

We may also use data that We collect on an aggregate or anonymous basis (such that it does not identify any individual user) for various business purposes, where permissible under applicable laws and regulations.

If You no longer wish to receive any communications from Nayla Finance, You can opt-out by following the instructions contained in the e-mails You receive or by contacting Us at [email protected].

We are committed to protecting Your privacy and will not disclose Your Personal Data to any third- party, unless required by law or as explicitly stated in this Privacy Policy. We will not rent, sell, or otherwise share Your information with any unauthorized third-party without Your explicit consent.

 Our corporate entities. We may share Your information with Our corporate entities including any holding company, group company, and subsidiary (“Group Company”);

 Third parties. We may share Your information with the following with: (i) with third parties we use to help deliver Services to You, (ii) other third parties we use to help us run our business ( for example, marketing agencies or website hosts), and(iii) third parties approved by you (for example, social media sites you choose to link your account to or third-party payment providers).

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

We will only share your data with third parties under the following conditions:  With your explicit consent.

 To comply with legal obligations or court orders.

 To provide necessary services, such as payment processing, while ensuring that the third parties comply with data protection laws.

 When sharing data internationally, we ensure that the data transfer complies with the requirements of Article 29 of the Personal Data Protection Law, including ensuring an adequate level of protection for your data.

We may share information about You if We reasonably believe that disclosing the information is needed to:

You may choose to make certain personal information visible to other Nayla Finance Users. This may include your first name, last name, email address, location, and contact number. Please be aware that any personal information You publicly disclose on Our Platform may be visible to other Users and could potentially be shared with third parties. While We make reasonable efforts to ensure the privacy and security of Your personal information, We cannot guarantee the actions of other Users. We recommend that You exercise caution when disclosing personal information and consider the potential risks of doing so.

In order to improve Our Services, We will sometimes share Your non-identifiable information with analytics providers that help Us analyze how users are using Our Platform. We share Your information with them in a non-identifiable form for monitoring and reporting the effectiveness of the campaign delivery to Our business partners and for internal business analysis.

We may share Your information:

We will retain Your information in accordance with Our internal records retention and management policies and procedures, including as necessary to provide You with the Platforms or administer Your Nayla Finance account, or as long as necessary to comply with Our legal obligations, resolve disputes, reserve Our legal rights, and enforce Our agreements.

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected or as required by law. Once the purpose is fulfilled, we will securely destroy your data in compliance with Article18 of the Personal Data Protection Law. In cases where legal or regulatory requirements mandate longer retention, we will retain your data only as necessary.

We are committed to using Your Personal Data only for the specific purposes We collected it unless We determine that We have a legitimate reason for using it for a different purpose that is compatible with the original purpose. If We need to use Your Personal Data for an unrelated purpose, We will notify You and explain the legal basis for doing so. In some cases, We may process Your Personal Data without Your knowledge or consent if it is required or permitted by law, but We will always do so in compliance with applicable laws and regulations. If You have any questions or concerns about Our use of Your Personal Data,please don’t hesitate to contact Us.

We aim to collect only what We need, keep it up-to-date, and remove it when We no longer need it, as required by applicable laws and regulations.

We take reasonable steps to ensure that the personal information We process is (i) limited to what We require in connection with the purposes set out in this Privacy Policy, (ii) accurate, (iii) where necessary, kept up to date; and (iv) is erased or rectified without delay if it is inaccurate. From time to time, We may ask You to confirm the accuracy of Your Personal Data.

We have implemented appropriate organizational and technical measures to safeguard your personal data from unauthorized access, loss, or destruction. We regularly review and enhance our security practices to ensure compliance with Article 19 of the Personal Data Protection Law.

Nayla Finance may not transfer information that We collect about You, including personal information across Services and from Your country or jurisdiction to other countries or jurisdictions around the world, unless when permitted by applicable laws and regulations.

We use commercially reasonable safeguards to help keep the information collected through the Platforms secure and take reasonable steps (such as requesting a unique password to verify Your identity before granting You access to Your account). However, We cannot ensure the security of any information You transmit to Us or otherwise guarantee that information on the Platforms may not be accessed, disclosed,altered, or destroyed.

In the event of a data breach, we will notify the competent authorities and affected data subjects as required by Article 20 of the Personal Data Protection Law. We will provide clear information about the nature of the breach and the measures we are taking to mitigate its impact.

We will retain copies in a form that permits identification for as long as We deem necessary in connection with the purposes set out in this Privacy Policy unless applicable law requires a longer retention period. In particular, We will retain personal information for as long as it is needed to establish, exercise or defend any legal rights.

You are responsible for maintaining the secrecy of Your unique password and account information, and for controlling access to emails between You and Nayla Finance, at all times.

As a data subject, You are entitled to exercise the following rights, at any time:

 Right to be informed. You have the right to be informed about how Your Personal Data is collected and processed and, its purposes.

 Right of Access and Portability: At Nayla Finance, We understand the importance of transparency and Your right to access Your Personal Data. You have the right to access certain Personal Data associated with Your account by visiting Your account privacy settings. Additionally, You can request a copy of Your Personal Data in an easily accessible format, as well as information explaining how that data is used. We are committed to providing You with the necessary tools to manage and understand Your Personal Data.

 Right to Correction: We want to ensure that Your Personal Data is accurate and up-to-date. If You believe that We hold inaccurate information about You, You have the right to request that We rectify it. You can correct and change certain Personal Data associated with Your account by visiting Your account settings. We strive to maintain the accuracy of Your Personal Data and are committed to promptly addressing any inaccuracies that You may identify.

 Right to Restrict Processing: At Nayla Finance, We understand that You may want to limit the ways in which We process Your Personal Data. In certain cases, You have the right to: restrict or limit the ways in which We use Your Personal Data. We are committed to respecting Your privacy rights and will work with You to ensure that Your Personal Data is processed in accordance with Your preferences and applicable laws and regulations.

 Right to object: You can object to the processing of your data in certain cases, including direct marketing.

 Right to withdraw Your consent to processing: Where Your consent serves as the legal basis for processing – this will not affect the lawfulness of the processing carried out prior to Your withdrawal

We strive to ensure that the personal information You provide on Our platform is accurate and up to date. You may access and update Your personal information, including Your user profile, at any time. We encourage You to review Your Personal Data regularly and make any necessary updates to ensure its accuracy and completeness.

We respect Your right to privacy and are committed to ensuring that Your Personal Data is processed lawfully, fairly, and transparently. If You wish to delete Your Personal Data, please send an email to [email protected]. While We will make every effort to comply with such requests, please note that there may be circumstances where We cannot delete Your Personal Data due to legal, regulatory, or compliance requirements. In such cases, We may not be able to provide an explanation as to why We cannot delete such data due to confidentiality obligations.

To ensure that We delete the correct Personal Data, We may require proof of Your identity before deleting any information. We reserve the right to refuse the deletion of Your identity cannot be established or if We have a legitimate reason for retaining the data. We will notify you if we cannot comply with Your request to delete Your Personal Data, explaining the reasons why.

Under applicable laws and regulations, We are required to retain certain types of Personal Data for a minimum period of time. If We cannot delete Your Personal Data due to legal, regulatory, or compliance requirements, We will inform You of the reasons why We must retain the data, and for how long.

Please note that deleting Your Personal Data may affect Your ability to use Our Services or Platform, and We will not be liable for any loss or damage arising from the deletion of Your Personal Data.

We respect Your right to control how We communicate with You and will only send push notifications or alerts to Your mobile device with Your explicit consent. You can deactivate these messages at any time by changing the notification settings on Your mobile device.

Please note that certain features of Our Platform may require that You accept ‘app push notifications’ or alerts from our service providers. If You do not wish to receive these push notifications or alerts, You must withdraw Your consent for providing push notifications or alerts or using such features, in addition to adjusting the notifications on Your mobile device.

We take Your privacy seriously and will only use Your Personal Data to provide You with the Services You have requested. We will not share Your personal data with third parties for marketing purposes without your explicit consent, except as otherwise mentioned in this Privacy Policy.

We offer electronic newsletters to which You may voluntarily subscribe at any time. We are committed to keeping Your e-mail address confidential and will not disclose Your email address to any third parties except as allowed in the storage and processing or for the purposes of utilizing a third-party provider to send such emails. We will maintain the information sent via e-mail in accordance with applicable laws and regulations.

All e-mails sent from Us will clearly state who the e-mail is from and provide clear information on how to contact the sender. You may choose to stop receiving Our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting Us. However, You will continue to receive essential transactional emails.

To stay informed, We strongly recommend You keep Your Email notifications activated. You can choose to stop being sent an email notification but please be aware that if You have placed an order or are expecting a response to a message You have sent, You will need to actively check Your account for messages.

We have implemented and will maintain appropriate technical and organizational measures to safeguard the Personal Data that We control from unauthorized or unlawful processing, accidental loss, destruction, damage, alteration, or disclosure. We will promptly notify You and any applicable supervisory authority of any data security breach in compliance with Our legal obligations.

You are solely responsible for maintaining the confidentiality of Your account details, including Your password. If You have any concerns about the security of Your account, You must inform Us immediately.We reserve the right to deactivate or suspend Your account at any time, without notice, if We suspect any unauthorized use of Your account or a breach of Our Terms.

If you’re not satisfied with the way we process your personal data, and if You have any questions or concerns about this policy or Our privacy practice, You may contact us directly at: [email protected].

In case of Services requiring payment, We accept credit/debit cards used solely for processing payments. Your purchase transaction data is stored only as long as is necessary to complete Your purchase transaction. After that is complete, Your purchase transaction information is deleted. Where necessary for processing future payments and subject to Your prior consent, Your financial information will be stored in encrypted form on secure servers of Our payment gateway service provider who is beholden to treating Your Personal Data in accordance with this Policy.

Nayla Finance is fully committed to complying with all applicable laws and regulations related to the protection of minors. As such, we expressly state that We do not knowingly collect or solicit any information from anyone under the age of 18, nor do We allow such persons to register and use the Platforms. It is the sole responsibility of any individual under the age of 18 to obtain the express consent of their parents or legal guardians prior to accessing or using the Platforms. We strongly recommend that parents or legal guardians supervise minors while they access or use the Platforms. In the event that We discover that Personal Data hasbeen collected from an individual under the age of 18 without parental or legal guardian consent, We will take immediate steps to remove the information from Our servers.

We are not responsible for the practices employed by any websites or services linked to or from Our Platforms, including the information or content contained within them. Please remember that when You use alink to go from Our Platforms to another website or service, Our Privacy Policy does not apply to those third-party websites or services. Your browsing and interaction on any third- party website or service, including those that have a link on Our Platforms, are subject to that third party’s own rules and policies. In addition, You agree that We are not responsible and do not have control over any third-parties that You authorize to access Your Nayla Finance account. If You are using a third-party website or service and You allow them to access Your Nayla Finance account, You do so at Your own risk.

Nayla Finance has the right to amend the Privacy Policy at any time if necessary and in accordance withapplicable laws and regulations, and the date will be updated to the last amendment at the bottom of this page. We invite Our users to follow this page periodically to stay abreast of the latest changes and how we protect their personal data. By reading this section, reviewing the amendments and updates here is part of your responsibility. Your continued use in the event of an amendment to the Privacy Policy is tacit approval of what is in it.

If You have any questions or comments about this Privacy Policy or the Platforms, You may contact Us through the following email address [email protected] or on the Platforms directly through the CONTACT US section.