This Privacy Notice applies to personal data processed in connection with Jamarek.com, the Jamarek customs classification web application, user accounts, dashboards, reports, APIs, payment and billing activities, customer support, marketing, analytics, advertising, and uploaded product, customs, trade, or technical documents where they contain personal data.

Jamarek provides customs classification and trade-compliance support for users in different markets, including Saudi Arabia, the GCC, and other international markets, subject to availability and applicable laws.

This Privacy Notice applies to you if you are:

• A visitor to our website;
• A user of the Jamarek platform, including trial, free, or paid users;
• A representative, employee, consultant, or contractor of a business using our Services;
• An importer, exporter, customs broker, logistics provider, manufacturer, supplier, or professional using or interacting with the Services;
• A person who communicates with us by email, contact forms, support channels, or social media.

This Privacy Notice focuses on personal data. Business, technical, product, customs, and trade information that does not identify an individual may still be treated as confidential business information under our Terms of Use.

This Privacy Notice does not apply to websites, applications, platforms, or services operated by third parties, even if we link to them.

Jamarek is operated from the Kingdom of Saudi Arabia.

Jamarek is committed to handling personal data in accordance with the Kingdom of Saudi Arabia’s Personal Data Protection Law (PDPL), its Implementing Regulations, and other privacy and data protection laws to the extent they apply to our processing activities.

Unless otherwise stated, Jamarek acts as the data controller for personal data processed through the Services.

If you use the Services on behalf of an organization, that organization may also act as a controller of personal data it submits to the Services. You are responsible for ensuring that you have the authority and lawful basis to provide such data to Jamarek.

You may contact our privacy team at: privacy@jamarek.com.

The personal data we collect depends on how you interact with us and which features you use.

Identification and Contact Data

• Full name;
• Business email address;
• Phone or mobile number;
• Job title;
• Company name;
• Country and city;
• Business contact details.

Account and Service Data

• Username or account identifier;
• Hashed password;
• Account settings and preferences;
• Language preferences;
• Subscription plan;
• Credit balance and usage;
• Generated classifications and reports;
• Dashboard activity;
• Login activity and account status.

Customs, Product, and Trade-Related Data

To generate HS classifications, trade analysis, import-readiness reports, or related outputs, you may provide:

• Product descriptions;
• Technical specifications;
• Material composition;
• Intended use;
• Product images or catalogues;
• Invoices;
• Packing lists;
• MSDS/SDS documents;
• Technical data sheets;
• Manuals;
• Certificates;
• Country of origin;
• Destination country;
• Shipment or basic trade details;
• Internal product codes, SKU numbers, item references, or project names.

These materials may occasionally contain personal data, such as names, emails, phone numbers, signatures, or contact details appearing on commercial documents. You should avoid uploading personal data where it is not necessary.

If you upload documents containing personal data of third parties, such as employees, customers, suppliers, brokers, representatives, or other individuals, you represent and warrant that you have the necessary authority, notices, consents, or other lawful basis to share that data with Jamarek for the purposes described in this Privacy Notice.

Uploaded Trade Documents and Confidential Business Information

Uploaded documents may include confidential business information, technical information, supplier information, customer information, pricing details, product formulas, shipment details, or internal commercial references.

You should not upload personal data, confidential information, restricted information, or third-party information unless it is necessary for the classification or reporting request and you are authorized to share it.

Technical and Usage Data

• IP address;
• Approximate location at country or city level;
• Browser type;
• Device type;
• Operating system;
• Referring URLs;
• Pages viewed;
• Buttons clicked;
• Access times;
• Session data;
• Error logs;
• Performance metrics;
• Security logs;
• Conversion events, such as sample report downloads, sign-ups, checkout events, purchases, or generated reports.

Payment and Billing Data

If you purchase a paid plan or credits, we may process:

• Billing name;
• Billing address;
• Company name;
• Tax information, where provided;
• Purchased plan or package;
• Currency;
• Payment status;
• Invoice or transaction reference.

Payment card details are processed by our payment service provider. We do not store full payment card numbers. We may receive limited payment information, such as the last four digits of the card, expiry date, payment status, or transaction identifiers.

Communications and Support Data

• Emails you send to us;
• Support tickets;
• Chat messages;
• Feedback;
• Bug reports;
• Feature requests;
• Records of interactions with our support team.

Direct Interactions

You may provide personal data when you create an account, request a demo, subscribe to a plan, purchase credits, upload documents, enter product descriptions, generate reports, contact support, submit forms, or communicate with us by email or other channels.

Automated Technologies

We collect technical and usage data through cookies, server logs, analytics tools, conversion tracking, and similar technologies.

Third-Party Sources

We may receive personal data from:

• Your organization, if it registers you as a user;
• Payment processors;
• Authentication providers;
• Analytics or advertising tools;
• Customer support tools;
• Other service providers where necessary and permitted.

Provide and Operate the Services

• Create and manage accounts;
• Authenticate users;
• Provide dashboards;
• Generate HS classification suggestions;
• Generate, store, and export reports;
• Process uploaded documents;
• Provide multilingual outputs;
• Deliver purchased credits, plans, and features.

Provide Customs Classification and Trade Analysis Features

• Analyze product attributes;
• Retrieve possible HS code candidates;
• Generate classification reasoning;
• Identify rejected alternatives;
• Prepare import-readiness and compliance-support reports;
• Provide trade agreement notes;
• Provide official verification links and references where available.

Secure and Improve the Services

• Monitor performance;
• Detect errors;
• Troubleshoot issues;
• Prevent fraud and abuse;
• Protect against unauthorized access;
• Improve reliability, accuracy, and usability;
• Develop and test new features.

Communicate With You

• Respond to inquiries;
• Provide customer support;
• Send service notices;
• Send billing notices;
• Send security alerts;
• Notify you about important changes to the Services or legal documents.

Marketing and Product Updates

Where permitted by law, we may use contact information to send product updates, educational content, service announcements, tips, newsletters, or offers related to Jamarek services. You may opt out of non-essential marketing communications at any time.

Payments, Billing, Legal, and Compliance

• Process payments and invoices;
• Manage subscriptions and refunds;
• Detect payment fraud;
• Maintain financial and tax records;
• Comply with applicable laws;
• Respond to lawful requests;
• Enforce our Terms;
• Protect our rights, users, platform, and business;
• Defend against claims or disputes.

Where applicable data protection laws require a legal basis, we process personal data based on one or more of the following:

• Performance of a contract with you or your organization;
• Compliance with legal obligations;
• Our legitimate interests in operating, securing, improving, and marketing the Services;
• Your consent, where required, such as for certain cookies, marketing communications, international transfers, or optional features;
• Protection of our rights, users, platform, and business.

We use automated systems, including AI models and classification systems, to analyze product descriptions, uploaded documents, and classification inputs in order to suggest HS codes, generate report content, summarize product information, compare candidate classifications, explain classification reasoning, translate reports, and detect abuse or misuse of the Services.

We do not sell your personal data. We do not make your uploaded trade documents available to other customers. We do not use customer uploaded trade documents to train public AI models.

Generated outputs may be stored in your account history to allow you to access, download, audit, or reuse previous reports.

Where we use third-party infrastructure or AI model providers, we require them to process data only as necessary to provide services to us, subject to appropriate confidentiality, security, and data protection obligations.

If we introduce optional programs that use customer data to improve our proprietary models beyond what is necessary to provide the Services, we will clearly explain the program and provide a meaningful choice where required by law.

Service Providers

We may engage trusted service providers to help operate and improve the Services, such as:

• Cloud hosting providers;
• Storage and infrastructure providers;
• AI model or automation providers;
• Payment processors;
• Billing platforms;
• Email delivery services;
• Customer support tools;
• Analytics providers;
• Advertising and conversion tracking providers;
• Logging, monitoring, and error-tracking tools;
• Security and fraud prevention providers.

These providers are authorized to use personal data only as necessary to provide services to us and in accordance with appropriate confidentiality, security, and data protection obligations.

Professional Advisors

We may share personal data with lawyers, auditors, accountants, consultants, insurers, and other advisors where reasonably necessary for business operations, legal compliance, or protection of our rights.

Public Authorities and Regulators

We may disclose personal data when required to comply with applicable laws, regulations, court orders, government requests, or legal processes, or where necessary to protect our rights, safety, users, or third parties.

Business Transfers

If Jamarek is involved in a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, personal data may be transferred as part of that transaction, subject to appropriate safeguards.

We do not sell personal data to third parties.

We operate from the Kingdom of Saudi Arabia but may use cloud infrastructure, service providers, support tools, analytics tools, payment processors, advertising providers, or AI providers located in other countries.

As a result, personal data may be transferred to, stored in, accessed from, or processed in countries outside your country of residence or place of business, including countries where our service providers operate.

By using the Services, you acknowledge that international processing may be necessary to provide, secure, support, analyze, and improve the Services. Where consent is required by applicable law, we will request it separately.

Where required by applicable law, including the PDPL and its Implementing Regulations, we will implement appropriate safeguards for such transfers, which may include:

• Contractual safeguards;
• Standard contractual clauses or equivalent transfer mechanisms;
• Transfer assessments;
• Access controls;
• Confidentiality obligations;
• Security measures;
• Limiting access on a need-to-know basis;
• Other measures required or permitted by applicable regulations.

If we provide a separate consent checkbox for international transfers, your use of certain Services may depend on your acknowledgment or consent to such transfers where they are necessary to provide the Services.

We retain personal data only for as long as necessary for the purposes described in this Privacy Notice, unless a longer retention period is required or permitted by applicable law.

Generally:

• Account data is retained while your account remains active and for a reasonable period afterward for support, audit, dispute, legal, and business purposes;
• Billing and transaction records may be retained for tax, accounting, fraud prevention, and legal compliance purposes;
• Uploaded documents, generated reports, and classification history may be retained while your account is active to allow you to access previous reports, unless you request deletion and we are not legally required or otherwise permitted to retain them;
• Technical logs and security records are retained for a limited period appropriate for security, troubleshooting, fraud prevention, and service reliability;
• Support communications may be retained for customer service, quality assurance, dispute resolution, and legal purposes.

When data is no longer needed, we aim to delete it, anonymize it, or securely retain it only where legally required or necessary to protect our rights.

We implement technical and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration, loss, misuse, or destruction.

These measures may include:

• Encryption of data in transit using HTTPS;
• Encryption at rest where appropriate;
• Access controls;
• Authentication and authorization controls;
• Logging and monitoring;
• Security reviews;
• Restricting access to personnel and contractors who need it for their work;
• Confidentiality obligations for personnel and service providers;
• Backup, recovery, and operational security controls where appropriate.

No system, transmission method, or storage system can be guaranteed to be completely secure. You are responsible for maintaining the confidentiality of your login credentials and notifying us promptly if you suspect unauthorized access.

If we become aware of a personal data breach affecting your personal data, we will take appropriate steps to investigate, mitigate, and address the incident.

Where notification is required by applicable law, including the PDPL, this may include notifying the competent authority within seventy-two (72) hours of becoming aware of the breach.

Where required by applicable law, we will also notify affected individuals if the breach is likely to result in harm or a high risk to their rights or interests.

Depending on your location and applicable data protection laws, you may have one or more of the following rights:

• Right of access: to know whether we process your personal data and receive a copy of it;
• Right to rectification: to request correction of inaccurate or incomplete personal data;
• Right to deletion or destruction: to request deletion of your personal data in certain circumstances;
• Right to restriction: to request limitation of processing in certain circumstances;
• Right to object: to object to certain processing activities where applicable;
• Right to data portability: to request a copy of certain data in a structured, commonly used, machine-readable format where technically feasible;
• Right to withdraw consent: where processing is based on consent, you may withdraw consent at any time without affecting prior lawful processing;
• Right to complain: to lodge a complaint with the relevant data protection authority where available under applicable law.

Not all rights apply in all jurisdictions. These rights may be subject to limitations, exceptions, verification requirements, and legal retention obligations.

To exercise your rights, contact us at privacy@jamarek.com. We may ask you to verify your identity before responding.

We will respond to verified privacy requests within the period required by applicable law and, where applicable, within thirty (30) days. If we need additional time, we will notify you where required and explain the reason for the extension.

We use essential cookies and similar technologies to operate the Services, maintain login sessions, protect accounts, prevent fraud, remember preferences, and secure the platform.

We may also use analytics and advertising technologies, including tools such as analytics platforms, advertising platforms, conversion tracking, retargeting pixels, or similar technologies, to understand website and platform usage, measure campaign performance, improve the Services, track conversion events, show relevant ads, and improve user experience and marketing effectiveness.

Where required by applicable law, we will request your consent before using non-essential cookies or similar tracking technologies.

You may manage cookies through your browser settings or any cookie preference tool we make available. Some features may not function properly if essential cookies are disabled.

For more details on cookies and how to manage them, please see our Cookie Policy, if available, or the cookie settings tool on our website.

Where permitted by law, we may send you product updates, educational content, service announcements, offers, or newsletters.

You may opt out of marketing communications at any time by using the unsubscribe link in our emails or contacting us at privacy@jamarek.com.

Even if you opt out of marketing communications, we may still send you non-marketing messages, such as account, billing, security, legal, or service-related notices.

The Services are intended for business and professional users who are at least 18 years old or have reached the age of majority in their jurisdiction.

We do not knowingly collect personal data from children or minors.

If you believe a child or minor has provided personal data to us, contact us at privacy@jamarek.com and we will take appropriate steps where required by applicable law.

The Services may include links to third-party websites, official portals, customs platforms, conformity platforms, regulatory platforms, payment processors, analytics providers, AI providers, or other external services.

We do not control and are not responsible for the privacy practices, content, security, or policies of third parties.

Your use of third-party services is subject to their own terms and privacy policies.

We may update this Privacy Notice from time to time.

When we make material changes, we will update this page and may notify you through the Services or by email where appropriate.

Your continued use of the Services after the updated Privacy Notice becomes effective means that you acknowledge the updated Privacy Notice. Where required by law, we will request your consent.

This Privacy Notice is drafted in English. Any Arabic, Chinese, or other translation is provided for convenience only.

In the event of any conflict or inconsistency between the English version and any translation, the English version shall prevail, except where applicable law requires otherwise.

Where we request acknowledgment during account creation, checkout, or use of the Services, the acknowledgment may include wording similar to the following:

☐ I acknowledge that I have read and understood the Privacy Notice, including how Jamarek collects, uses, stores, shares, and transfers personal data, including possible processing outside my country of residence or place of business where necessary to provide the Services.

Where required by law, we may request separate consent for specific processing activities, such as non-essential cookies, marketing communications, or international transfers.

If you have any questions, concerns, or requests regarding this Privacy Notice or our handling of personal data, contact us at:

• Privacy Contact: privacy@jamarek.com
• General Contact: info@jamarek.com
• Website: https://jamarek.com