إنتقل إلى المحتوى الرئيسي

🛡️ PDPL Compliance

The Saudi Arabian Personal Data Protection Law (PDPL), governed by SDAIA, enforces strict rules on the processing of personal data (PII) of Saudi residents. BayanCore implements programmatic safeguards to guarantee privacy by design.

1. Principles of Data Protection

BayanCore adheres to the core pillars of the PDPL:

Data Minimization

  • The system restricts PII collection to fields strictly necessary for operations (e.g. employee GOSI registrations, client shipping addresses).
  • AI agents do not ingest unredacted personal details. PII is programmatically masked at the API Gateway layer before entering LLM pipelines.

Transparency & Purpose Limitation

  • Customer and employee profiles store data only for the explicit purposes agreed upon (such as payroll runs, invoice delivery, and audit tracking).
  • No personal data is shared with third-party analytical tools.

PDPL mandates that explicit user consent must be obtained and recorded before processing any personal data.

  • Consent Log Registry: BayanCore hosts a centralized, immutable table in the database that logs every user consent transaction: 
    CREATE TABLE tenant_consent_log (
        id VARCHAR(36) PRIMARY KEY,
        user_id VARCHAR(36) NOT NULL,
        consent_type VARCHAR(100) NOT NULL, -- e.g., 'terms_of_service', 'biometric_payroll'
        granted BOOLEAN NOT NULL,
        timestamp DATETIME NOT NULL,
        ip_address VARCHAR(45) NOT NULL,
        consent_text_version VARCHAR(10) NOT NULL
    );
  • Consent Revocation: Users can view and revoke their consent directly from their profile settings page. Revoking consent immediately triggers automated background tasks that disable corresponding functional features (e.g. biometrics or automated profiling).

3. Data Subject Rights

BayanCore provides automated administrative workflows to fulfill data subject rights:

Right to Access & Portability

  • Administrators can export a complete machine-readable JSON/Excel file containing all personal data stored for a specific employee or customer within 60 seconds.

Right to Correction

  • Users can request corrections to inaccurate personal records directly in the UI. Any modification is subject to manager approval and generates an audit log trail.

Right to Erasure (Data Purging)

  • When an erasure request is executed, BayanCore triggers a secure, cascading deletion pipeline:
    1. Direct Records: Deletes the user profile, employee profile, and contact details from the relational database (MariaDB).
    2. Unstructured Storage: Scans OCI Object Storage and deletes related uploads (such as CVs or Iqama scans).
    3. Search Indexes: Purges vector data and text records from OCI Search with OpenSearch.
    4. Caches: Flushes active session caches in Redis.
    5. Audit Exception: To comply with Saudi commercial tax laws, transactional accounting records (e.g., invoices where the user was the buyer) are retained, but the customer name is replaced with a generic label (Anonymized Customer).