At the moment, there are no entries available for display
Staying true to the principles of Shariah through our products, services and operations
corporate governance
data privacy and information management
Data is considered a valuable asset at alrajhi bank, one that plays a vital role in improving performance and productivity. The Bank ensures all applicable data standards are met, and applies recommended practices in data governance and privacy to increase compliance, while effectively managing data and maximising its value, enhancing customer experience. The oversight of data privacy at alrajhi bank falls under the Chief Digital Officer, while cybersecurity falls under the purview of the Chief Risk Officer. The Cyber and Information Security Committee provides oversight, support and direction for implementation and governance cyber and information security requirements and ensure adequate monitoring of cyber and information security programs.
alrajhi bank’s Data Governance Policy was introduced in 2022, and ensures privacy and protection that is aligned with regulatory requirements. The Data Governance Policy covers 14 Data Governance Domains:
- Data governance office
- Data catalogue and metadata
- Data quality
- Data operations
- Document and content management
- Data architecture and modelling
- Reference and master data management
- Business intelligence and analytics
- Data sharing and interoperability
- Data value realisation
- Open data
- Freedom of information
- Data classification
- Personal data protection
The Policy ensures that applicable data standards and recommended practices are aligned with the overall objective of increasing compliance with relevant laws, enhancing customer experience and becoming more effective in managing data.
The Kingdom’s first data protection law – the Personal Data Protection Law (PDPL) – was declared effective during 2023 by the Saudi Data and Artificial Intelligence Authority (SDAIA). alrajhi bank worked closely with the National Data Management Office (NDMO) – the Kingdom’s national data regulator – to set up personal data controls that are also in compliance with data privacy guidelines issued by SAMA, to regulate the collection, processing, storage and transfer of personal data of alrajhi bank customers.
In 2023, the bank evaluated the potential impact of data processing activity on an individual’s privacy and data protection rights, documenting the bank’s data processing activities, and creating a central repository of information regarding the processing of personal data. An assessment was also carried out for data subject rights that the bank undertakes to evaluate compliance as required by data protection regulations. As a result, alrajhi bank introduced a Privacy Policy in 2024, sharing a Privacy Notice in compliance with PDPL and NDMO management standards to educate customers on what data is collected, why the bank collects data, and how the bank handles data throughout its lifecycle.
The Privacy Notice also educates customers on their individual rights, including the right to withdraw consent for processing their personal data at any time.