MAINTAIN ARABIA

Privacy Policy

Data Sovereignty, Security, and Compliance.

Effective DateMay 10, 2026
Last UpdatedMay 10, 2026

Table of Contents

1. Introduction & Scope

Maintain Arabia ("we," "our," or "us") is committed to protecting the privacy and operational security of our clients. This Privacy Policy outlines how we collect, process, and protect data through the Maintain Arabia Platform (comprising our IIoT Connectivity, APM Intelligence, and CMMS Execution layers) and our website. This policy is designed in strict compliance with the Personal Data Protection Law (PDPL) of the Kingdom of Saudi Arabia.

2. Data Sovereignty & Localization

We recognize the critical nature of heavy industry within the Arabian Peninsula. Maintain Arabia enforces strict data sovereignty. All operational, industrial, and personal data processed by the Maintain Arabia Platform is hosted on secure, localized servers within the Kingdom of Saudi Arabia (or the respective GCC client jurisdiction). We do not route your critical infrastructure data offshore.

3. The Types of Data We Collect

We distinguish between Personal Data and Industrial Data:

  • Personal Data: Information relating to individual users accessing the platform (e.g., names, corporate email addresses, IP addresses, job titles, and platform usage logs).
  • Industrial Data (Telemetry): Machine-generated data ingested via our Data Historian, including vibration metrics, temperature, pressure, acoustic data, and maintenance records. Note: Industrial Data is not considered Personal Data under the PDPL, but is treated with the highest tier of commercial confidentiality.

4. How We Use Your Data

  • To Provide the Service: Ingesting IIoT data to calculate Asset Health Indexes, predict Remaining Useful Life (RUL), and trigger automated CMMS work orders.
  • To Improve AI/ML Models: We may use aggregated, fully anonymized Industrial Data to train our predictive algorithms and Prescriptive Analytics engines. No client-identifiable or facility-identifiable data will ever be exposed or shared.
  • For Security: To detect and prevent unauthorized access, ensuring compliance with National Cybersecurity Authority (NCA) frameworks.

5. Your Rights Under the PDPL

In accordance with KSA law, individual users have the right to:

  • Be Informed: Know what personal data is being collected and why.
  • Access & Obtain: Request a readable copy of their personal data.
  • Correct: Request correction of inaccurate or outdated personal data.
  • Destroy: Request the deletion of personal data when it is no longer necessary for its collected purpose.

To exercise these rights, please contact our Data Protection Officer at info@maintainarabia.com.

6. Data Security Measures

We employ military-grade encryption (AES-256 for data at rest, TLS 1.3 for data in transit), role-based access control (RBAC), and continuous threat monitoring to protect both your Personal and Industrial Data against unauthorized access, alteration, or destruction.