Privacy Policy
Ryze Ordering System
Last Updated: 8 June 2026
Ryze Ordering System, operated by Ryze (“Ryze”, “we”, “our”, or “us”), respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, store, share, and protect personal data when customers use our WhatsApp ordering system, website, ordering links, digital menus, payment links, customer support channels, and related services.
This Privacy Policy is prepared with reference to the Personal Data Protection Law of the Kingdom of Saudi Arabia and its implementing regulations.
1. Who We Are
Ryze provides a digital ordering system that allows businesses, restaurants, cafés, and service providers to receive and manage customer orders through WhatsApp and connected digital tools.
Depending on the service, Ryze may act as:
A Data Processor when we process customer data on behalf of our business clients; or
A Data Controller when we collect and process data directly for our own business purposes, such as website inquiries, support, service improvement, billing, and compliance.
2. Personal Data We Collect
We may collect the following types of personal data:
Customer Information
This may include:
Full name
Mobile number
WhatsApp number
Delivery or pickup location
Vehicle details for curbside pickup, where applicable
Order details
Payment status
Customer notes or special requests
Conversation messages sent through WhatsApp or other support channels
Business Client Information
For businesses using Ryze Ordering System, we may collect:
Business name
Contact person name
Email address
Mobile number
Branch information
Commercial details needed for account setup, invoicing, support, and service delivery
Technical Information
When you visit our website or use our digital services, we may collect:
IP address
Browser type
Device type
Operating system
Usage logs
Cookies and similar tracking data
Interaction data with our website or ordering pages
3. How We Collect Personal Data
We collect personal data when:
A customer starts an order through WhatsApp
A customer fills in an order form or digital menu
A customer chooses delivery, pickup, or curbside pickup
A customer contacts support
A business signs up for Ryze Ordering System
A user visits our website
A payment, delivery, or integration provider shares transaction or order status with us
We may also receive data from our business clients, WhatsApp Business Platform, payment service providers, delivery providers, CRM systems, or other third-party tools connected to the ordering process.
4. Why We Use Personal Data
We use personal data for the following purposes:
To receive, process, and manage customer orders
To identify the customer during the ordering journey
To send order confirmations and status updates
To manage pickup, delivery, or curbside pickup requests
To generate payment links or confirm payment status
To provide customer support
To help businesses manage orders and customer communication
To improve the ordering experience
To maintain security and prevent fraud or misuse
To comply with legal, regulatory, accounting, and contractual obligations
To analyze service performance and operational efficiency
We do not sell personal data.
5. Legal Basis for Processing
We process personal data based on one or more lawful grounds, including:
The customer’s consent
The need to perform a service requested by the customer
The need to perform a contract with our business clients
Compliance with legal or regulatory obligations
Legitimate business interests, provided they do not override the rights of individuals
Protecting the security and integrity of our systems
Under the Saudi PDPL, organizations that process personal data must comply with controller obligations and protect personal data from misuse or unauthorized processing.
6. WhatsApp and Communication Channels
Ryze Ordering System may use WhatsApp Business Platform and related tools to enable ordering, notifications, customer support, and order updates.
When a customer communicates through WhatsApp, the customer’s messages, mobile number, and order-related information may be processed through WhatsApp/Meta systems in accordance with their applicable terms and privacy practices.
We use WhatsApp communications only to support the ordering journey, service notifications, customer support, and approved business communication.
7. Payment Information
Ryze Ordering System may integrate with third-party payment service providers to generate payment links and confirm payment status.
We do not store full card numbers, CVV codes, or sensitive banking credentials on our systems unless explicitly required and lawfully permitted. Payment processing is handled by licensed or authorized payment providers.
We may store payment-related references such as:
Payment status
Transaction reference
Order value
Payment provider response
Invoice or receipt reference
8. Sharing Personal Data
We may share personal data only where necessary and lawful, including with:
The business or restaurant receiving the customer’s order
WhatsApp Business Platform or communication providers
Payment service providers
Delivery or logistics providers
Cloud hosting and technology service providers
CRM, analytics, and customer support tools
Professional advisors, auditors, or legal consultants
Government authorities or regulators, where legally required
We require service providers to process personal data securely and only for the agreed purpose.
9. International Data Transfers
Some technology providers used by Ryze may process or store data outside the Kingdom of Saudi Arabia.
Where personal data is transferred outside Saudi Arabia, we take appropriate steps to ensure that the transfer is lawful, necessary, limited to the required purpose, and protected by suitable safeguards.
Saudi Arabia has specific rules for personal data transfers outside the Kingdom under the PDPL framework, including safeguards and risk-assessment requirements for certain transfers.
10. Data Retention
We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, including:
Completing and supporting customer orders
Managing business client accounts
Resolving disputes
Meeting accounting, tax, legal, and regulatory requirements
Improving and securing our services
When personal data is no longer needed, we securely delete, anonymize, or restrict access to it, unless retention is required by law.
11. Data Security
We apply reasonable technical, administrative, and organizational measures to protect personal data against:
Unauthorized access
Accidental loss
Misuse
Alteration
Disclosure
Destruction
These measures may include access controls, secure hosting, encrypted connections where applicable, role-based permissions, monitoring, backups, and internal security procedures.
No digital system is completely risk-free, but we work to protect personal data using appropriate security practices.
12. Data Breaches
If a personal data breach occurs, we will assess the impact and take appropriate action in accordance with applicable Saudi data protection requirements.
Where required, we may notify the relevant authority and affected individuals. Saudi PDPL guidance and commentary describe breach notification obligations, including notification to SDAIA within 72 hours in certain cases.
13. Your Rights
Subject to applicable law, individuals may have the right to:
Be informed about how their personal data is collected and used
Access their personal data
Request correction of inaccurate or incomplete data
Request deletion of personal data where legally permitted
Withdraw consent, where processing is based on consent
Object to certain types of processing
Request restriction of processing in certain cases
To exercise your rights, please contact us using the details provided below.
We may need to verify your identity before responding to your request.
14. Cookies and Tracking Technologies
Our website may use cookies and similar technologies to:
Improve website functionality
Understand website usage
Measure performance
Support marketing and analytics
Remember user preferences
You may control or disable cookies through your browser settings. Some website features may not work properly if cookies are disabled.
15. Marketing Communications
We may send marketing messages only where permitted by applicable law and platform rules.
Customers may opt out of marketing communications by following the unsubscribe instructions in the message or by contacting us directly.
Service messages related to active orders, payments, delivery, pickup, support, or account activity may still be sent where necessary to provide the service.
16. Children’s Data
Ryze Ordering System is not intended for use by children without the supervision or consent of a parent or legal guardian.
We do not knowingly collect personal data from children unless it is necessary for the service and lawfully provided by a parent, guardian, business client, or authorized party.
17. Third-Party Links and Services
Our website or ordering system may contain links to third-party websites, payment pages, delivery services, or communication platforms.
We are not responsible for the privacy practices of third parties. Users should review the privacy policies of those third-party services before using them.
18. Responsibilities of Business Clients
Businesses using Ryze Ordering System are responsible for ensuring that their own use of customer personal data complies with applicable laws.
This includes:
Informing customers how their data is used
Using customer data only for lawful purposes
Managing customer requests properly
Protecting access to their Ryze account
Ensuring their staff handle customer data securely
Ryze processes customer order data to provide the ordering system and related support services.
19. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational practices.
The updated version will be published on our website with a new “Last Updated” date.
