Privacy Policy
Last Updated: January 2026
How Best Parts Sales collects, uses, and protects your personal information
Best Parts Sales ("BPS", "we", "us", "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect information when you visit our website, submit inquiries, or conduct business with us. We comply with applicable data protection laws including GDPR (European Union) and Saudi Personal Data Protection Law (PDPL).
📋 Quick Navigation
1. Information We Collect
1.1 Personal Information
We collect the following types of personal information when you interact with us:
| Data Category | Examples |
|---|---|
| Contact Information | Name, company name, email address, phone number, physical address |
| Business Information | Job title, company registration details, industry type, VAT number |
| Transaction Data | Purchase history, quotation requests, payment information, shipping addresses |
| Technical Data | IP address, browser type, device information, operating system |
| Communication Data | Email correspondence, phone call records, chat transcripts, inquiry forms |
1.2 Information We Do NOT Collect
We do not knowingly collect:
- Social security numbers or national ID numbers
- Sensitive personal data (health information, religious beliefs, political opinions)
- Credit card details (payment processing handled by secure third-party processors)
- Information from children under 18 years of age
2. How We Collect Information
2.1 Direct Collection
You provide information directly when you:
- Submit a Request for Quotation (RFQ) form
- Create an account or register on our website
- Place an order for products or services
- Contact us via email, phone, or chat
- Subscribe to newsletters or marketing communications
- Participate in surveys or feedback forms
2.2 Automatic Collection
We automatically collect certain information when you visit our website through:
- Cookies: Small text files stored on your device (see Section 7)
- Web Analytics: Google Analytics and similar tools tracking website usage patterns
- Server Logs: IP addresses, access times, pages viewed, referring websites
2.3 Third-Party Sources
We may receive information from:
- Business partners and suppliers providing references
- Public databases and business registries (company verification)
- Social media platforms when you interact with our content
- Marketing service providers and lead generation partners
3. How We Use Your Information
3.1 Primary Purposes
We use your personal information to:
- Process Transactions: Fulfill orders, process payments, arrange shipping, issue invoices
- Provide Customer Service: Respond to inquiries, provide technical support, handle complaints
- Communicate: Send quotations, order confirmations, shipping updates, service notifications
- Maintain Relationships: Manage customer accounts, track purchase history, provide personalized service
- Improve Services: Analyze usage patterns, enhance website functionality, develop new products/services
- Marketing: Send promotional offers, product announcements, newsletters (with your consent)
- Compliance: Meet legal obligations, prevent fraud, enforce terms and conditions
3.2 Legal Basis for Processing (GDPR)
For users in the European Union, we process your data based on:
- Contract Performance: Processing necessary to fulfill our contractual obligations to you
- Consent: You have given explicit consent for specific processing activities (marketing)
- Legitimate Interests: Processing necessary for our legitimate business interests (fraud prevention, analytics)
- Legal Obligation: Compliance with applicable laws and regulations
4. Data Sharing & Disclosure
4.1 Service Providers
We share information with trusted third-party service providers who assist us:
- Payment Processors: Secure payment gateways for transaction processing
- Shipping Carriers: DHL, FedEx, Aramex, Naqel, SMSA for order delivery
- IT Service Providers: Website hosting, email services, cloud storage
- Marketing Platforms: Email marketing services (Mailchimp, Moosend), analytics tools
- Professional Advisors: Lawyers, accountants, auditors (under confidentiality obligations)
4.2 Business Transfers
In the event of merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and your rights regarding your data.
4.3 Legal Requirements
We may disclose your information when required by law:
- Compliance with court orders, subpoenas, or legal processes
- Protection of our legal rights and property
- Investigation and prevention of fraud or illegal activity
- Protection of health, safety, or rights of individuals
5. Data Security Measures
5.1 Technical Safeguards
We implement industry-standard security measures including:
- Encryption: SSL/TLS encryption for data transmission
- Secure Servers: Firewalls, intrusion detection, regular security audits
- Access Controls: Role-based access, multi-factor authentication for internal systems
- Regular Backups: Automated data backups with secure storage
- Software Updates: Timely security patches and updates
5.2 Organizational Safeguards
- Employee training on data protection and privacy
- Confidentiality agreements for all staff and contractors
- Limited access to personal data on need-to-know basis
- Regular security awareness programs
5.3 Data Breach Protocol
In the unlikely event of a data breach affecting your personal information, we will notify you and relevant authorities within 72 hours as required by law, providing details about the breach and steps taken to mitigate harm.
6. Data Retention
6.1 Retention Periods
| Data Type | Retention Period | Justification |
|---|---|---|
| Customer Account Data | Duration of business relationship + 7 years | Legal and tax compliance |
| Transaction Records | 7 years from transaction date | Accounting and audit requirements |
| Quotation Requests | 2 years from quotation date | Business operations and follow-up |
| Marketing Consent | Until consent withdrawn + 6 months | Compliance verification |
| Website Analytics | 26 months | Google Analytics default retention |
6.2 Secure Deletion
When retention periods expire or you request deletion (where applicable), we securely delete or anonymize your data using industry-standard methods to prevent recovery.
7. Cookies & Tracking Technologies
7.1 What Are Cookies?
Cookies are small text files stored on your device when you visit our website. They help us recognize your browser and remember your preferences.
7.2 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Enable basic website functions (navigation, security, forms) | Session |
| Performance Cookies | Collect anonymous data on website usage (Google Analytics) | 2 years |
| Functional Cookies | Remember your preferences (language, region) | 1 year |
| Marketing Cookies | Track advertising effectiveness and personalize ads | 90 days |
7.3 Managing Cookies
You can control cookies through:
- Browser settings (most browsers allow you to refuse or delete cookies)
- Cookie preference tool on our website (if available)
- Third-party opt-out tools (Google Analytics Opt-out, Network Advertising Initiative)
8. Your Privacy Rights
8.1 Access
Request a copy of the personal data we hold about you. We will provide this in a commonly used electronic format within 30 days.
8.2 Correction
Request correction of inaccurate or incomplete personal data. We will update records promptly upon verification.
8.3 Deletion ("Right to Be Forgotten")
Request deletion of your personal data in certain circumstances:
- Data no longer necessary for original purpose
- You withdraw consent (where consent was the legal basis)
- You object to processing and no overriding legitimate grounds exist
- Data processed unlawfully
Limitations: We may not be able to delete data required for:
- Compliance with legal obligations (tax, accounting)
- Establishment, exercise, or defense of legal claims
- Fulfillment of contractual obligations
8.4 Data Portability
Request a copy of your data in a structured, machine-readable format that you can transfer to another service provider.
8.5 Restrict Processing
Request limitation of data processing in certain situations (e.g., disputing accuracy, pending deletion decision).
8.6 Object to Processing
Object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds.
8.7 Withdraw Consent
Withdraw consent for processing at any time (where consent is the legal basis). This does not affect lawfulness of processing before withdrawal.
8.8 How to Exercise Your Rights
Submit requests via:
- Email: privacy@bestpartssales.com or info@bestpartssales.com
- Written request to our registered business address
We will respond within 30 days (may be extended to 60 days for complex requests). We may request identity verification before fulfilling requests.
8.9 Right to Complain
If you believe we have violated your privacy rights, you have the right to lodge a complaint with:
- Saudi Arabia: Saudi Data & Artificial Intelligence Authority (SDAIA)
- European Union: Your local Data Protection Authority
9. Children's Privacy
Our services are intended for business-to-business (B2B) transactions and are not directed at individuals under 18 years of age. We do not knowingly collect personal information from children.
If we discover we have inadvertently collected information from a child under 18, we will delete such information immediately. If you believe we have collected information from a child, please contact us at info@bestpartssales.com.
10. International Data Transfers
10.1 Cross-Border Transfers
As we operate internationally and use global service providers, your personal data may be transferred to and processed in countries outside your country of residence, including Saudi Arabia, European Union, United States, and other jurisdictions where our service providers operate.
10.2 Transfer Safeguards
When transferring data internationally, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs): EU-approved data transfer agreements
- Adequacy Decisions: Transfers to countries recognized as providing adequate protection
- Service Provider Agreements: Contractual commitments to protect data
- Certification Mechanisms: Privacy Shield alternatives and certifications
11. Policy Changes
We reserve the right to update this Privacy Policy to reflect changes in our practices, legal requirements, or business operations. Material changes will be communicated through:
- Prominent notice on our website
- Email notification to registered users (for significant changes)
- Updated "Last Modified" date at the top of this page
Continued use of our services after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.
12. Contact Information
For privacy-related questions, concerns, or to exercise your rights, please contact:
Privacy Team
Best Parts Sales
Email: info@bestpartssales.com
Phone: +966 50 831 1750 | +91 8296970585
Website: bestpartssales.com
We Value Your Privacy
Your trust is important to us. If you have any questions about how we handle your personal information or want to exercise your privacy rights, please don't hesitate to contact us.
📧 Email: info@bestpartssales.com
📞 Phone: +966 50 831 1750 | +91 8296970585