1. Controller of your data
The data controller is Berlyx for Financial Information Services, Olaya District, King Fahd Road, Riyadh 12213, Kingdom of Saudi Arabia. For any privacy matter contact legal@berlyx.com.
BERLYX
Privacy Policy
Last updated: 15 January 2026
This Privacy Policy explains how Berlyx for Financial Information Services (“Berlyx”, “we”, “our”, “us”), a company registered in the Kingdom of Saudi Arabia under Commercial Registration No. 1010987654, collects and processes your personal data when you visit berlyx.com. We operate in compliance with the Saudi Personal Data Protection Law (PDPL) issued under Royal Decree No. (M/19) of 2021 and its 2023 Implementing Regulations, supervised by the Saudi Data & Artificial Intelligence Authority (SDAIA).
2. What data we collect
When you subscribe to our weekly brief we collect your full name and email address. When you browse the website we automatically collect standard log data (IP address, browser type, pages viewed, timestamps) through first-party analytics.
3. Purposes of processing
We process your data solely to: (i) deliver the Berlyx weekly editorial brief; (ii) secure the website against fraud and abuse; (iii) measure which educational articles are useful; (iv) comply with legal obligations in KSA. We never sell your data and we never share it with brokers, funds or advertisers.
4. Legal basis
The legal basis under the PDPL is your explicit consent when you submit the newsletter form, together with our legitimate interest in running a secure, measurable educational platform.
5. Retention
Newsletter data is retained for as long as you remain subscribed, plus twelve (12) months after you unsubscribe, to honor suppression requests. Analytics logs are retained for thirteen (13) months and then deleted or anonymized.
6. Cross-border transfers
Our primary hosting is in the KSA region of a licensed cloud provider. Where limited technical processing takes place outside the Kingdom, we apply the safeguards required by SDAIA, including standard contractual clauses and encryption in transit and at rest.
7. Your rights
Under the PDPL you may: request access to your data, request its correction or deletion, withdraw consent, object to processing, and file a complaint with SDAIA. To exercise these rights write to legal@berlyx.com; we respond within thirty (30) days.
8. Security
We apply encryption in transit (TLS 1.3), encryption at rest, strict access controls and quarterly reviews. No method of transmission is 100% secure, but our engineering and editorial teams work hard to protect your data.
9. Children
Berlyx is intended for readers aged 18 and above. We do not knowingly collect data from children.
10. Changes
We may update this Policy to reflect changes in Saudi law or our services. The current version will always be published on this page with its last-updated date.