Privacy Policy | KCL Kuwait - KCL Kuwait - Electronic Shelf Labels & Digital Signage Solutions

KCL Universal Privacy, GDPR, & Cookies Policy

Last Updated: 25 January 2025

Company: Kuwait Corporation Limited (KCL)

Headquarters: Star Tower, Floor 17, Office 2, Abdullah Al-Mubarak Street, Kuwait City, Kuwait.

Contact: [email protected] | +965 9667 4667 | Corporate CRM: https://kcl.odocs.net

Kuwait Corporation Limited (KCL) (“KCL,” “we,” “us,” or “our”) provides industrial solutions, retail technologies, electronic shelf labeling systems, IT infrastructure services, SaaS platforms, and enterprise digital solutions across Kuwait and international markets.

This comprehensive, unified policy outlines our deep commitment to protecting personal data, maintaining absolute transparency in our data processing methodologies, and respecting your privacy rights. Our operational standards rigorously comply with the General Data Protection Regulation (GDPR) principles, UK GDPR standards, and applicable global data protection best practices, ensuring you maintain full clarity and sovereign control over your information. By utilizing our services, websites, or enterprise platforms, you acknowledge and agree to the secure practices detailed below.

1. DATA ROLES & INFORMATION WE COLLECT

1.1 Data Processing Roles

  • Data Controller: In most enterprise arrangements, the client or business partner acts as the Data Controller, defining the strict purposes and overarching means of processing personal datasets.
  • Data Processor: KCL acts as the Data Processor or Service Provider. We handle information strictly under client instruction and contractual mandates to deliver, operate, maintain, optimize, and support our systems. KCL never accesses or manipulates your datasets for independent, unrelated, or unauthorized purposes.

1.2 Categories of Information Collected We collect only the targeted information required to deliver functional services, secure our infrastructure, and improve user experiences:

  • Personal & Identity Information: Full name, username, account ID, email address, phone number, company name, job title, billing address, and physical shipping details.
  • Technical & Usage Data: IP address, device type, browser configurations, login activity timestamps, approximate location coordinates (where explicitly permitted), platform interaction histories, navigation routes, and audit logs.
  • Business & Operational Data: Inventory logs, product pricing metrics, catalog attributes, and general system configuration files.
  • Payment Information: Financial transactions are securely handled directly via certified, PCI-DSS compliant third-party payment gateways. KCL never processes or stores full card numbers or sensitive payment credentials on its local servers.
  • Note: KCL does not intentionally harvest sensitive personal data (e.g., medical or political data) unless explicitly required under contract.

1.3 Legal Basis for Processing KCL processes datasets based on clear legal frameworks: contractual necessity, legitimate business interests in maintaining secure and operational systems, explicit client instructions, and strict adherence to localized and international regulatory compliance mandates.

2. DATA PROCESSING, RETENTION & INFRASTRUCTURE PROTECTION

2.1 Technical and Organizational Security Measures KCL applies advanced administrative and physical technical safeguards to protect information from unauthorized access, loss, alteration, or disclosure:

  • Full data encryption standards both in transit (TLS/SSL) and at rest.
  • Secure cloud infrastructure, fortified firewalls, and continuous real-time monitoring systems.
  • Strict role-based access control (RBAC) and Multi-Factor Authentication (MFA) parameters.
  • Secure transaction form defense utilizing CSRF/XSRF token validation profiles.
  • Mandatory restriction of data access strictly to authorized internal personnel for operational support workflows.

2.2 Data Retention and Secure Deletion We retain personal datasets only as long as necessary to complete contracted service agreements, satisfy legal obligations, resolve corporate disputes, or enforce operational contracts. Upon service termination or written request, active data is deleted or returned per client instructions. Backup systems securely purge data following established disaster recovery lifecycles.

2.3 Trusted Sub-Processors & Data Disclosures KCL never sells, rents, or trades personal datasets with outside brokers. Data is only shared with trusted partners essential to your service delivery—including cloud hosting providers, payment gateways, logistics/shipping couriers, and messaging/SMS portals. All third-party sub-processors are bound by strict non-disclosure obligations and compliance verifications.

2.4 International Data Transfers If personal data is transferred or stored outside Kuwait or the wider GCC region, KCL enforces appropriate safety measures—including Standard Contractual Clauses (SCCs), robust encryption, and highly secure storage centers—to guarantee data protection remains uniform.

3. YOUR INDIVIDUAL DATA PROTECTION RIGHTS

Under comprehensive GDPR/UK GDPR frameworks, users retain complete, sovereign control over their data and may assert the following rights:

  • 3.1 Right of Access: The right to request confirmation of data processing and acquire a transparent copy of the personal datasets we maintain.
  • 3.2 Right to Rectification: The right to demand instant correction of inaccurate, incomplete, or legacy data profiles.
  • 3.3 Right to Erasure ("Right to be Forgotten"): The right to request complete deletion of personal data, subject to valid legal, financial, or contractual retention boundaries.
  • 3.4 Right to Restrict Processing: The right to request a temporary or permanent freeze on how your information is handled under specified legal situations.
  • 3.5 Right to Object: The right to dispute information processing when anchored heavily on legitimate business interests rather than direct necessity.
  • 3.6 Right to Data Portability: The right to request your datasets in a structured, clean, and machine-readable format to move smoothly to alternative service vendors.
  • 3.7 Right to Withdraw Consent: The right to revoke your explicit consent for cookie deployment or optional marketing tracking systems at any time.

4. COOKIES & TRACKING TECHNOLOGIES

4.1 What Are Cookies? Cookies are compact text files saved to your computer or mobile device during platform interaction to verify login persistence, support user preferences, evaluate platform functionality, and smooth user pathways. KCL deploys both internal first-party cookies and specialized third-party cookies managed by certified external partners.

4.2 Core Classifications of Cookies Utilized

  • Essential Cookies: Mandatory parameters required for core platform navigation, account processing, and security defense. These cannot be switched off.
    • Session Keys: Track secure login validation states across page requests.
    • Security Tokens: Run cross-site request protection (CSRF/XSRF) to lock down inputs from outside tampering.
  • Functional Cookies: Save choices like language preferences, custom dashboard settings, and UI themes. Disabling these blocks personalization layers.
  • Analytics Cookies: Harvest completely anonymous, aggregated data monitoring speed rates, system performance, and interface navigation maps to help us build better updates.
  • Marketing/Third-Party Cookies: Track promotion performance and user journeys. These are fully disabled by default and will only activate upon your manual click of the "Accept" banner option.

4.3 Consent Administration All visitors are greeted with a cookie consent banner permitting you to accept all cookies, drop non-essential scripts, or configure preferences. Browser setting configurations can also be modified to filter cookies, though doing so might cause specific enterprise software elements to degrade or function incorrectly.

4.4 Tracking Lifecycles

  • Session Configurations: Expire immediately when you log out, drop the session, or kill the browser application.
  • Performance Analysis Cookies: Can remain locally active for up to 12 months before automatic removal.
  • External Partner Tracking: Adheres strictly to parameters permitted by the third-party platform under global GDPR rules.

5. THIRD-PARTY HYPERLINKS Our websites and solutions platforms may occasionally feature links to external websites. KCL maintains zero control or liability over the independent privacy frameworks, cookie deployment, or explicit content of third-party platforms. We highly advise reading their policies independently before sharing data.

6. PERIODIC POLICY UPDATES KCL reserves the right to revise or adjust this unified policy profile at any time to stay aligned with evolving technical upgrades, statutory legislation changes, or corporate operational updates. Any updates will be published instantly on our official digital channels, and your ongoing system use confirms your consent to those modified terms.

7. COMPLIANCE & SUPPORT CHANNELS If you have any questions, wish to raise data access requests, or have privacy protection questions, you can reach Kuwait Corporation Limited (KCL) via our open channels:

  • Email Communication: [email protected]
  • Telephone Helpline: +965 9667 4667
  • Main Registered Location: Hawally, Kuwait
  • Central Enterprise CRM: https://kcl.odocs.net
  • Corporate Core Hours: Sun–Thu (9:00 AM – 5:00 PM AST) | Technical Core Support: 24/7
Image NewsLetter
Icon primary
Newsletter

Subscribe our newsletter

By clicking the button, you are agreeing with our Term & Conditions

Your experience on this site will be improved by allowing cookies Cookie Policy