Privacy Policy

Introduction

• Overview: Start by explaining the purpose of the privacy policy—detailing the commitment to protecting the privacy of all individuals interacting with the Old Doha Port (e.g., passengers, visitors, employees, etc.).
• Scope: State clearly that the policy applies to all data collected through the port's services, including digital and physical services (websites, mobile apps, security systems, etc.).
• Legal Basis: Mention the applicable legal frameworks governing data privacy in Qatar, such as Qatar’s Data Privacy Law and any international data protection standards (e.g., GDPR) if relevant.
   

Information Collection

• Types of Data Collected: Specify the categories of personal data collected, such as:
  • Identifiable information (name, nationality, passport details, contact info)
  • Biometric data (for security, e.g., facial recognition, fingerprints)
  • Travel data (entry/exit records, purpose of visit, etc.)
  • Device and location information (if relevant for apps or digital services)
• Methods of Collection: Explain how data is collected, including but not limited to:
  • Passenger check-in systems
  • Security screenings
  • Online or mobile-based services
  • Visitor registrations

Use of Personal Data

• Operational Needs: Describe how the data will be used to facilitate the operation of the port, including customs and immigration processing, security, and services.
• Security: Explain how personal data is used to ensure safety, including tracking entry and exit, screening passengers, and facilitating emergency response if needed.

• Legal Obligations: Mention that personal data may be used to comply with legal or regulatory obligations in Qatar, such as reporting to authorities or complying with customs or immigration laws.

   

Data Sharing and Third Parties

• Internal Sharing: Specify if the data is shared within the organization (e.g., with customs, immigration authorities, port staff, etc.) and for what purpose.
• Third-Party Partners: If applicable, describe any third parties with whom data is shared (e.g., contracted service providers for security, government entities, or international law enforcement) and ensure that they also comply with privacy and security standards.
• International Transfers: If data is transferred outside of Qatar, mention how these transfers are handled in compliance with relevant privacy laws.

Data Retention

• Retention Period: Clearly state how long personal data will be retained. This will depend on the purpose for which it was collected and legal requirements (e.g., customs or immigration records).
• Secure Disposal: Explain the process for securely disposing of or anonymizing data when it is no longer required.
   

Security Measures

• Protection Standards: Outline the technical and organizational measures taken to protect the data, such as encryption, access control, and secure storage.
• Security Breaches: Describe how security breaches will be handled, including notification to individuals if their data is compromised.

User Rights

• Access and Correction: Describe how individuals can request access to their personal data and request corrections if the data is inaccurate.
• Consent: If any of the data collection requires explicit consent, explain how users can give or withdraw consent.
• Opt-Out: If applicable, provide users with the ability to opt out of certain data collection processes (e.g., marketing or non-essential data usage).

Cookies and Tracking

• Cookies: If the port’s website or app uses cookies or tracking technologies, explain what information is collected, how it is used, and how users can manage their preferences.
• Tracking for Security or Analytics: Detail the use of any tracking tools for security monitoring or performance analytics.
   

Contact Information
 

• Questions/Concerns: Provide contact information for individuals who have questions or concerns about the privacy policy, or who want to exercise their rights regarding their data.
• Privacy Officer: If applicable, designate a privacy officer or point of contact within the organization.
   

Changes to the Privacy Policy
 

• Update Process: State that the privacy policy may be updated periodically and how users will be informed of these changes (e.g., via email, posting on the website).
• Effective Date: Include the effective date of the current privacy policy.
   

Compliance with Local Regulations

• Qatar's Legal Framework: Emphasize that the organization follows all local privacy and data protection laws, including Qatar’s regulations regarding data security and privacy.
• International Considerations: If relevant, ensure compliance with international privacy standards, such as the General Data Protection Regulation (GDPR) if the port handles data from EU citizens.