Turn on more accessible mode
Turn off more accessible mode
Skip Ribbon Commands
Skip to main content
Turn off Animations
Turn on Animations
Official government website of the Government of the Kingdom of Saudi Arabia
How to verify
Links to official Saudi websites end with gov.sa

All links to official websites of government agencies in the Kingdom of Saudi Arabia end with gov.sa.

Government websites use the HTTPS protocol for encryption and security.

Secure websites in the Kingdom of Saudi Arabia use the HTTPS protocol for encryption.

Registered with the Digital Government Authority under number :

20250908764
  • Capital Market Authority
  1. Capital Market Authority
  2. Terms and Privacy Policy

Terms and Privacy Policy

Portal_Article_SiteColumn

The Capital Market Authority (CMA) oversees regulation and development of Capital Market, by issuing rules and regulations for implementing Capital Market Law provisions, aiming to create a conducive investment environment, boost market confidence, reinforce disclosure and transparency of all listed companies, and protect investors and dealers from illegal activities in the market. To affirm its commitment to protecting Personal Data it collects under legally granted powers and maintaining its confidentiality, CMA has developed this Privacy Policy to clarify aspects related to the ​collection of such data, how it is stored and handled, and associated rights.​

What Personal Data is Collected?

The Authority collects and processes the following personal data:

Data Category
Data Collected
Mandatory Level
Data Category Main Personal Data Data Collected Includes name, nationality, ID number, date of birth, gender, marital status, social security number, type of disability (if any), civil status (deceased or alive). Mandatory Level Mandatory
Data Category Contact Data Data Collected Includes email, mobile number, national address. Mandatory Level Mandatory
Data Category Education Data Education Data Includes educational institution name, academic degree, specialization, and GPA. Mandatory Level Mandatory
Data Category Employment Data Employment Data Includes professional certificates, previous employment entities, previous job positions, and social security employment establishment number. Mandatory Level Non-mandatory
Data Category Financial Data Financial Data Includes data collected for financial compensation purposes such as IBAN number and bank name. Mandatory Level Mandatory

How is Personal Data Collected and What is the Purpose of Collection?

The Authority collects personal data directly or indirectly according to the service provided, and the methods of collecting personal data include the following:

Personal data collected directly:

  • When applying for services provided on the Authority's electronic website.
  • When communicating with the Authority either via phone, email, or the Authority's social media accounts.

Personal data collected indirectly:

  • Cookie data, which is data automatically collected by the browser when visiting the Authority's electronic website.
  • From entities under the Authority's supervision or other government entities for mandatory processing operations.

Personal data is collected and processed to achieve the following purposes:

  • Compliance with regulations and bylaws that govern the Authority's work.
  • Enabling the Authority to provide its services to the fullest extent.
  • Processing complaints, inquiries, and requests received by the Authority.
  • Achieving public interest or for security or judicial purposes.

In the event of not obtaining the data, the Authority will not be able to perform its assigned role in accordance with the regulations and bylaws governing its work.

Legal Basis for Collecting and Processing Personal Data

The Authority collects and processes personal data based on one of the following legal bases:

  • Collecting and processing data pursuant to the Capital Market Law and its executive regulations or other regulations in force in the Kingdom of Saudi Arabia or in execution of a previous agreement where the personal data owner is a party.
  • Collecting and processing data required for security purposes or to fulfill judicial or security requirements or to achieve public interest.
  • Collecting and processing non-sensitive personal data to achieve legitimate interests of the Authority without prejudice to the personal data owner's rights or conflicting with their interests.
  • Consent of the personal data owner to process their data for specific purposes.

How is Personal Data Disclosed?

Personal data is disclosed to:

  • Government and non-government entities according to the cases mentioned in Article Fifteen of the Personal Data Protection Law.
  • Entities under the Authority's supervision; for processing complaints and inquiries.

The Authority may transfer personal data outside the geographical boundaries of the Kingdom or disclose it to entities outside the Kingdom when needed, in accordance with what is stipulated in Article Twenty-Nine of the Personal Data Protection Law and its executive regulations.

How is Personal Data Stored?

The Authority retains personal data within the Kingdom of Saudi Arabia in a secure and reliable environment where necessary security measures are applied according to the requirements of the National Cybersecurity Authority. The Authority destroys data when the purpose of collection ends or in any of the cases mentioned in paragraph (1) of Article Eight of the Executive Regulations of the Personal Data Protection Law, and digital data is destroyed using secure destruction techniques and methods.

The Authority may retain personal data even after the purpose of collection ends, in accordance with what is mentioned in Article Eighteen of the Personal Data Protection Law.

Rights of Personal Data Owner Regarding Data Processing

The personal data owner - under the Personal Data Protection Law - has specific rights that depend primarily on the purpose of collecting and processing personal data, which are:

  • Right to Know: The personal data owner has the right to know the methods of collecting personal data, the legal basis for collecting it, the purpose of collecting and processing it, how it is processed, stored and destroyed, and to whom it will be disclosed. All details can be found through the privacy policy or by contacting the Authority through the contact information shown below.
  • Right to Access Personal Data: The personal data owner has the right to request access to their personal data by contacting the personal data protection officer at the Authority, and they will be provided with it within thirty working days unless an extension is required.
  • Right to Request Personal Data: The personal data owner has the right to request their personal data available at the Authority in a readable and clear format when technically possible, by contacting the personal data protection officer at the Authority, and they will be provided with it within thirty working days unless an extension is required.
  • Right to Correct Personal Data: The personal data owner has the right to request correction of their personal data that they consider inaccurate, incorrect, or incomplete, by contacting the personal data protection officer at the Authority, and they will be notified of the correction via email within thirty working days unless an extension is required.
  • Right to Destroy Personal Data: The personal data owner has the right to request destruction of their personal data in a manner that does not conflict with what is stated in the Personal Data Protection Law and its executive regulations, and they will be notified of its destruction via email within thirty working days unless an extension is required.
  • Right to Withdraw Consent for Data Processing: The personal data owner has the right to withdraw their consent for processing their personal data - at any time - unless there are legal justifications that require otherwise.

Except as stipulated by law, the personal data owner will not be required to pay any fees for exercising these rights.

Use of Cookies

Cookies may be used in electronic exchange for the purpose of serving the user better.

A cookie is a data element that the electronic service may send to the browser and which may be stored on the user's computer. The purpose of cookies that are placed on the user's computer is to facilitate browsing websites only and serve no other functions.

Security Measures to Protect Information

The user must take all reasonable means to protect their personal information from loss or misuse, examples of which include:

  • Immediate communication with the Capital Market Authority when suspecting that someone has obtained their password, user code, or any other confidential information, through the Authority's email or contact center numbers:

    • 00966112053000 or 8002451111
    • Email: info@cma.org.sa
  • Using a secure network to access the internet and the Authority's website.
  • Using a secure browser when using the internet while closing unused applications on the network.
  • Ensuring that antivirus software is always updated.

How to Submit a Complaint or Objection?

In case of any concerns or our non-compliance with the Personal Data Protection Law, a complaint can be submitted to the personal data protection officer at the Data Management Office according to the contact information shown below:

Capital Market Authority - Data Management Office – Personal Data Protection Officer

Riyadh – Al-Mohammadiyyah District

Phone Number: 0114906065

Email: PDP@cma.org.sa

If you are not satisfied with our handling of the complaint, you can submit a complaint to the Saudi Data and Artificial Intelligence Authority according to the contact information below:

Saudi Data and Artificial Intelligence Authority

Kingdom of Saudi Arabia, Riyadh

Website: (sdaia.gov.sa)

National Data Governance Platform: (dgp.sdaia.gov.sa)

Safe Usage Policies

All information provided on this website is owned and updated by the Capital Market Authority. Best practices are implemented to ensure the quality and updating of information. However, there are no express or implied warranties regarding the accuracy, reliability, or availability of the information provided on this website, and therefore the Authority does not bear responsibility for any inaccurate, incomplete, or outdated information or any actions taken regarding the information provided. The Authority makes every possible effort to maintain the website's operation in a good and easy manner, and the Authority bears no responsibility and will not be subject to any accountability or claims for the website's unavailability due to technical problems beyond the Authority's control.

The user agrees not to use, encourage, promote, facilitate, or instruct others to use the services in the following ways:

  1. Engaging in, promoting, or encouraging activities that violate any law, regulation, government decision, royal decree, legal agreement, or published policies issued by the Authority.
  2. Accessing or investigating any service or system without authorization, including but not limited to violations, security vulnerability scans, or penetration testing.
  3. Disabling, interfering with, or circumventing any aspect of the service; or violating any security or authentication procedures used by the system or service.
  4. Any theft of resources including sensitive information.
​
Last modified date:07/11/2025 - 10:13 PM Saudi Arabia time
Site Map

All rights reserved for the Capital Market Authority © 2025

It was developed and maintained by the Capital Market Authority

Last modified date:

Suggestions

Announcements Press Releases Prospectuses Reports

Cookies

This website uses its own cookies to ensure ease of use and guarantee an improved experience while browsing. By continuing to browse this website, you acknowledge acceptance of the use of cookies.

Privacy Policy

Manage Cookies

When visiting any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, or your device and is used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. You can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, you should know that blocking some types of cookies may impact your experience of the site and the services we are able to offer.

These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services.

These cookies help us understand how visitors interact with the website by collecting and reporting information anonymously.

These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers.

These cookies may be set through our site by our advertising partners to build a profile of your interests and show you relevant ads.

Cookies

Thank you! Your response has been successfully recorded. If you would like to modify or change your answer, you can go back by clicking the back button.

  • Capital Market AuthorityCurrently selected
    • About Capital Market Authority
      • Capital Market Authority
      • Board Governance
      • CMA Departments
        • Listed Companies & Investment Products Deputy
        • Corporate Resources Deputy
        • Market Institutions Deputy
        • Strategy & International Affairs Deputy
        • Legal Affairs & Enforcement Deputy
        • Communication & Investor Protection Division
        • Internal Audit Division
        • Risk Management Division
      • Advisory Committee
      • Capital Market Qualification Examinations
      • Capital Market Authority Strategic Plan 2024-2026
      • The Market Story
      • Reports and Research
        • Reports and Statistical Bulletins
        • Studies and Research
        • ​The Research Agenda Program
    • Capital Market
      • Capital Market Authorised Market Institutions
        • Credit Rating Agencies
      • Investment Funds
        • Private Funds
      • Prospectuses
      • Foreign Investors
      • FinTech Lab
        • FinTech ExPermit Companies
      • Registered Accounting Firms
      • Reports and Bulletins
      • Special Purposes Entities
        • Licensed Special Purpose Entities
      • Studies and Research
      • Law of Systemically Important Financial Institutions
      • Shareholders Circulars
      • Facilitating Opening Investment Accounts Initiative
      • Continuous Professional Education (CPE) Policy
    • General Services
      • Site Map
      • Newsletter
    • Investor Awareness Center
      • Capital Market Investment Basics
        • Investment
        • Return
        • Financial Planning
      • Information Sources
        • Statement of Financial Position (The Balance Sheet)
        • Income Statement
        • Cash Flow Statement
        • Sectored Comparison
      • Investment Funds
        • Features of Investment Funds
        • Investment Funds Goals and Objectives
        • Investment Funds Classifications
        • Methods of Managing Funds
        • Measuring Investment Funds’ Performance
        • Reading the Memorandum of the Terms and Provisions of the Fund
        • Information related to Investment funds
      • Publications
        • Investor Awareness Infographics
        • Investor Awareness Guidebooks
        • Investor Awareness Brochures
      • The Capital Market Authority
      • Capital Market
      • Investment Portfolio Management
      • The Financial Ratio
      • Glossary
      • Unlicensed Companies
    • Electronic Services
      • Services Catalog
      • PUBLIC TENDERS
        • TENDERS ANNOUNCEMENTS
        • BIDDERS PREQUALIFICATION
        • CMA ANNUAL PROCUREMENT PLAN
      • Authorisation E-Services “Authorisation System”
      • Other Services
      • Disclosure of a Deceased's Investment Assets
      • Frequently Asked Questions for the Disclosure of a Deceased's Investment Assets Service
      • Service Detail
      • Service Details
    • Contact With CMA
      • Contact Us
      • Careers
      • Book a meeting with the authority
      • Electronic Participation
        • Social Media
        • Website and Services Statistics
        • Development Participation and Development
        • Beneficiary Voice Report
        • e-Participation Policy
        • e-consultation
      • FAQs
    • Media Center
      • Press Releases
      • Important Links
      • Advertisements
        • Ad 1
      • Announcements
      • Image Library
        • Images Library
      • Media Data
        • Media 1
      • Video Library
        • Videos
      • The CMA Measures in Light of COVID-19 Impacts
      • Media
    • Search Result
    • Investor Protection
      • How to Report a Violation to the Capital Market Authority
      • Join a Class Action Suit
      • Join a Class Action Suit
      • Investor Protection
    • Laws & Regulations
      • Capital Market Law
        • Chapter One Definitions
        • Chapter Two The Capital Market Authority
        • Chapter Three The Stock Exchange
        • Chapter Four The Securities Depositary Center
        • Chapter Five Brokers Regulation
        • Chapter Six Investment Funds and Collective Investment Schemes
        • Chapter Seven Disclosure
        • Chapter Eight Manipulation and Insider Trading
        • Chapter Nine Regulation of Proxy Solicitations, Restricted Purchase and Restricted Offer for Shares
        • Chapter Ten Sanctions and Penalties for Violations
      • Circulars
      • Public Consultation
        • Share Comment
      • FAQs for Implementing Regulations
        • What are the trading conducts that violate the law ?
        • What role does the Capital Market Authority have in the rise and decline of the market?
        • What are the duties and responsibilities of CMA?
        • What is CMA’s role in following up on the companies’ results and financial reports?
        • What is the role of the shareholders in keeping up with the decisions made by companies’ board of directors as well as the performance of the executive management?
        • If I traded some company’s stocks based on material information that I got from inside the company, would I be violating the law?
        • I am a small investor that works until 2:30 p.m. and I trade from home through the internet so all my trading operations are approximately at the end of the trading period. Am I considered in this case trying to affect the closing price ?
        • Am I allowed to do one of the Securities Activities although I have my own business?
        • What are the Sanctions and Penalties for Violations which are mentioned in the Capital Market Law?
        • Who has the right to file a compensation suit (private right) for the losses the investors incurred as a result to the accused committing the violation?
        • Did the Law consist of specific limit periods for the right to file compensations suits (An individual right) related to the violations?
        • What are the litigating bodies that have jurisdiction over securities disputes?
        • What are the cases that fall within CRSD jurisdictions?
        • What should you do before filing a complaint with CRSD?
        • Who will receive the complaint or pleading?
        • Can CRSD’s decisions be appealed?
        • Is there a specific time period for depositing the appeal?
        • What are the necessary requirements for filing an appeal?
        • What are the decisions that are passed by ACRSC?
        • FAQs for Implementing Regulations
      • Forms
      • Guides
      • Implementing Regulations
        • Search in Regulations
        • Regulation Details
      • Law of Systemically Important Financial Institutions
    • Receive Updates
      • Update or cancel Subscription
      • Subscription confirmation
      • Update or cancel Subscription
privacy
 
  • About Capital Market Authority
    • Capital Market Authority
    • Board Governance
    • CMA Departments
    • Advisory Committee
    • Capital Market Qualification Examinations
    • Capital Market Authority Strategic Plan 2024-2026
    • The Market Story
    • Reports and Research
  • Capital Market
    • Prospectuses
    • Capital Market Authorised Market Institutions
    • Investment Funds
    • Foreign Investors
    • FinTech Lab
    • Registered Accounting Firms
    • Reports and Bulletins
    • Special Purposes Entities
    • Studies and Research
    • Law of Systemically Important Financial Institutions
    • Facilitating Opening Investment Accounts Initiative
    • Continuous Professional Education (CPE) Policy
  • General Services
    • Site Map
    • Newsletter
  • Investor Awareness Center
    • The Capital Market Authority
    • Capital Market
    • Investment Funds
    • Investment Portfolio Management
    • Information Sources
    • Capital Market Investment Basics
    • Publications
    • The Financial Ratio
    • Glossary
    • Unlicensed Companies
  • Electronic Services
    • Services Catalog
    • Disclosure of a Deceased's Investment Assets
    • PUBLIC TENDERS
    • Authorisation E-Services “Authorisation System”
    • Other Services
    • Service Detail
    • Service Details
  • Contact With CMA
    • Contact Us
    • Careers
    • Book a meeting with the authority
    • Electronic Participation
    • FAQs
  • Media Center
    • Press Releases
    • Important Links
    • Advertisements
    • Announcements
    • Image Library
    • Media Data
    • Video Library
    • The CMA Measures in Light of COVID-19 Impacts
    • Media
  • Search Result
  • Investor Protection
    • How to File a Complaint
    • How to Report a Violation to the Capital Market Authority
    • Join a Class Action Suit
    • Investor Protection
  • Laws & Regulations
    • Capital Market Law
    • Circulars
    • Public Consultation
    • FAQs for Implementing Regulations
    • Forms
    • Guides
    • Implementing Regulations
    • Law of Systemically Important Financial Institutions
  • Receive Updates
    • Update or cancel Subscription
    • Subscription confirmation
    • Update or cancel Subscription