Last updated: 2026-07-08
1. Who we are
BookRawdah.com ("we", "us") provides a B2B Rawdah appointment booking service for Umrah companies, travel agencies, and group operators.
Controller contact: contact@bookrawdah.com
Website: https://bookrawdah.com
Controller contact: contact@bookrawdah.com
Website: https://bookrawdah.com
2. Scope of this policy
This Privacy Policy explains how we process personal data when:
• A company representative contacts us or uses our website
• A corporate client submits pilgrim data for Rawdah booking
• Users browse our marketing pages, available-slots tools, or portals
• Operators use BookRawdah client tools (including browser extensions)
We do not offer consumer services directly to individual pilgrims as retail customers.
• A company representative contacts us or uses our website
• A corporate client submits pilgrim data for Rawdah booking
• Users browse our marketing pages, available-slots tools, or portals
• Operators use BookRawdah client tools (including browser extensions)
We do not offer consumer services directly to individual pilgrims as retail customers.
3. Personal data we process
Depending on the service used, we may process:
• Business contact data: name, company, email, WhatsApp/phone, country, organisation type, and inquiry details
• Pilgrim data provided by clients: full name, nationality, passport number, visa number, optional mobile number, preferred visit dates/times
• Technical data: IP address, browser type, language preference, cookie identifiers, and basic usage analytics
• Operational data needed to deliver bookings and support (order status, account linkage, permit-related workflow data)
Clients are responsible for ensuring they have a lawful basis to share pilgrim data with us for permit processing.
• Business contact data: name, company, email, WhatsApp/phone, country, organisation type, and inquiry details
• Pilgrim data provided by clients: full name, nationality, passport number, visa number, optional mobile number, preferred visit dates/times
• Technical data: IP address, browser type, language preference, cookie identifiers, and basic usage analytics
• Operational data needed to deliver bookings and support (order status, account linkage, permit-related workflow data)
Clients are responsible for ensuring they have a lawful basis to share pilgrim data with us for permit processing.
4. Purposes and legal bases
We process personal data to:
• Respond to B2B inquiries and manage client relationships (legitimate interests / contract)
• Create Nusuk-related accounts and execute Rawdah bookings as instructed by the client (contract / legitimate interests)
• Provide reporting, notifications, and operational support (contract / legitimate interests)
• Secure our systems, prevent abuse, and improve the website (legitimate interests)
• Comply with legal obligations where applicable
Where required, we rely on consent for optional cookies/analytics or marketing communications.
• Respond to B2B inquiries and manage client relationships (legitimate interests / contract)
• Create Nusuk-related accounts and execute Rawdah bookings as instructed by the client (contract / legitimate interests)
• Provide reporting, notifications, and operational support (contract / legitimate interests)
• Secure our systems, prevent abuse, and improve the website (legitimate interests)
• Comply with legal obligations where applicable
Where required, we rely on consent for optional cookies/analytics or marketing communications.
5. Sharing and international transfers
We do not sell personal data.
We may share data with:
• Official platforms required to deliver the service (for example Nusuk-related systems), as necessary to complete bookings
• Infrastructure and communication providers (hosting, email, WhatsApp messaging) acting under confidentiality obligations
• Competent authorities when required by law
Because Rawdah booking involves Saudi systems and global Umrah operators, data may be processed in Saudi Arabia and other countries. We apply contractual and organisational safeguards appropriate to the transfer.
We may share data with:
• Official platforms required to deliver the service (for example Nusuk-related systems), as necessary to complete bookings
• Infrastructure and communication providers (hosting, email, WhatsApp messaging) acting under confidentiality obligations
• Competent authorities when required by law
Because Rawdah booking involves Saudi systems and global Umrah operators, data may be processed in Saudi Arabia and other countries. We apply contractual and organisational safeguards appropriate to the transfer.
6. Retention
We retain personal data only as long as needed for the purposes above:
• Inquiry and sales leads: typically retained during active discussions and a reasonable follow-up period
• Booking and permit records: retained for the duration of the client relationship and for legal, accounting, dispute, or audit needs
• Technical logs: retained for security and troubleshooting for a limited period
When data is no longer required, we delete or anonymise it where feasible.
• Inquiry and sales leads: typically retained during active discussions and a reasonable follow-up period
• Booking and permit records: retained for the duration of the client relationship and for legal, accounting, dispute, or audit needs
• Technical logs: retained for security and troubleshooting for a limited period
When data is no longer required, we delete or anonymise it where feasible.
7. Your rights (GDPR)
Where GDPR or similar laws apply, individuals may have the right to:
• Access their personal data
• Rectify inaccurate data
• Erase data in certain circumstances
• Restrict or object to processing
• Receive a copy of data in a portable format (data portability)
• Withdraw consent where processing is based on consent
• Lodge a complaint with a supervisory authority
Pilgrims whose data was submitted by a corporate client should usually contact that company first. We will support clients in handling valid rights requests related to data we process on their behalf.
• Access their personal data
• Rectify inaccurate data
• Erase data in certain circumstances
• Restrict or object to processing
• Receive a copy of data in a portable format (data portability)
• Withdraw consent where processing is based on consent
• Lodge a complaint with a supervisory authority
Pilgrims whose data was submitted by a corporate client should usually contact that company first. We will support clients in handling valid rights requests related to data we process on their behalf.
8. Cookies and site analytics
We use cookies and similar technologies for necessary site functions, language preferences, basic security, and aggregated analytics to understand how B2B visitors use the service.
We do not use cookies to sell, rent, or exchange visitor data with third parties for advertising. You may control or disable cookies in your browser; some site features (for example language selection or form security) may be affected.
We do not use cookies to sell, rent, or exchange visitor data with third parties for advertising. You may control or disable cookies in your browser; some site features (for example language selection or form security) may be affected.
9. Security
We apply technical and organisational measures appropriate to the sensitivity of passport and visa-related data, including access controls, encrypted transport (HTTPS), and need-to-know processing within our operations.
No method of transmission or storage is perfectly secure. Clients must also protect files and credentials they share with us.
No method of transmission or storage is perfectly secure. Clients must also protect files and credentials they share with us.
Privacy requests
To exercise privacy rights or ask a data-protection question, email us. Please include enough detail for us to identify the relevant account or inquiry. We aim to respond within a reasonable period.
contact@bookrawdah.com