Privacy Policy

EMPOWER H FOR TRADING AND BUSINESS SOLUTIONS W.L.L.



PROCUREMENT POLICY




Contents

 

  1. Introduction.
  2. Information We Collect.
  3. How We Use Your Information.
  4. Legal Basis for Processing.
  5. Referential International Data Protection Principles. 
  6. Continuous Compliance and Review. 
  7. Sharing and Disclosure of Information. 
  8. International Data Transfer.
  9. Cookies and Tracking Technology. 
  10. Data Retention. 
  11. Data Security. 
  12. Your Rights 
  13. Third Party Links. 
  14. Children’s Privacy. 
  15. Updates to the Policy. 
  16. Contact Us. 
  17. Disclaimer. 



  • Introduction

EmpowerH for commercial Supplies W.L.L. (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website or engage with our services related to the services we offer.  

 

We are committed to ensuring that your data is handled responsibly and in compliance with applicable international and regional data protection standards.


  • Information We Collect

We may collect the following types of information:

  1. Personal Information 

Information you provide directly to us, including without limitation:

  • Name, email address, and contact details; 
  • Company or organization name and position;
  • Billing and payment information; and/or
  • Communications, inquiries, or feedback submitted via our website or email. 


  • Automatically Collected Information.  

When you visit our website, we may automatically collect:

  • IP address, browser type, and device details; 
  • Pages visited, time and date of access, and referring websites; and/or 
  • Cookies and similar tracking technologies (see Section 7). 


  • Sensitive Information. 

We do not intentionally collect sensitive personal data (e.g., health or biometric data). However, if such data is voluntarily shared in the context of our services, it will be processed with heightened confidentiality and security safeguards.


  • How We Use Your Information

We use your information to:

  • Provide and improve our humanitarian aid supply and development services;
  • Process inquiries, orders, and customer support requests;
  • Communicate with partners, clients, donors, and beneficiaries;
  • Ensure compliance with applicable laws and regulations; 
  • Conduct analytics and improve our website and operations; and/or
  • Support transparency and accountability in humanitarian programs. 


  • Legal Basis for Processing (EU And Other Applicable Regions)

We process personal data under one or more of the following lawful bases:

  • Consent: When you have given us explicit permission to process your information.
  • Contractual Necessity: When processing is required to fulfil a contract or service request.
  • Legal Obligation: When required to comply with applicable law.
  • Legitimate Interest: When processing is necessary for our legitimate interests, provided they do not override your fundamental rights.


  • Referential International Data Protection Principles

In conducting our operations, we uphold the privacy principles established by major international and regional data protection frameworks. These guide our practices across the European Union, MENA region, North America, and Africa and include:


  • European Union – General Data Protection Regulation (GDPR).

We comply with the EU General Data Protection Regulation (Regulation (EU) 2016/679), adhering to its following key principles that form the foundation of our privacy management program for all EU-based and EU-affiliated data subjects: 

  1. Personal Data shall be collected, processed and/or kept in line with the principles of: 
  • lawfulness, fairness and transparency, ensuring that the data is processed lawfully, fairly and in a transparent manner in relation to the data subject;
  • purpose limitation ensuring that the data is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes;
  • Data Minimization ensuring that the data is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • Accuracy ensuring that the data is accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘);
  • Storage Limitation ensuring that data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject; and 
  • Integrity and Confidentiality ensuring that data is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

 

  1. The controller shall be responsible for, and be able to demonstrate compliance with, paragraph (A) (‘accountability’).


  • OECD Privacy Guidelines. 

We follow the following OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (2013):

  • Collection Limitation Principle in ensuring the existence of limits to the collection of personal data and the obtainment thereof by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.
  • Data Quality Principle in ensuring that personal data collected is always relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, is accurate, complete and kept up to date.


  • Purpose Specification Principle in ensuring that the purposes for which personal data are collected are specified not later than at the time of data collection and the subsequent use is limited to the fulfilment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.


  • Use Limitation Principle in ensuring personal data is not disclosed, made available or otherwise used for purposes other than those specified in accordance with Paragraph (C) above except:
  • with the consent of the data subject; or
  • by the authority of law.
  1. Security Safeguards Principle in ensuring that personal data is protected by reasonable security safeguards against such risks as loss or unauthorised access, destruction, use, modification or disclosure of data.
  1. Openness Principle in ensuring there is a general policy of openness about developments, practices and policies with respect to personal data and that means are readily available for establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and usual residence of the data controller.
  1. Individual Participation Principle in ensuring that the individuals hve the right to: 
  • Obtain from a data controller, or otherwise, confirmation of whether or not the data controller has data relating to them; 
  • Have communicated to them data relating to them: 
    • within a reasonable time;
    • at a charge, if any, that is not excessive;
    • in a reasonable manner; and 
    • in a form that is readily intelligible to them. 
  • To be given reasons if a request made under subparagraphs (a) and (b) is denied, and to be able to challenge such denial; and 
  • To challenge data relating to them and, if the challenge is successful to have the data erased, rectified, completed or amended. 

 

  1. Accountability Principle in ensuring that a data controller is made accountable for complying with measures which give effect to the principles stated above. 

These guidelines serve as a global benchmark across our international operations, particularly in cross-border data exchange and humanitarian coordination.


  • UN Guidelines for Computerized Personal Data Files (UNGA Resolution 45/95)
  1. As a company working in the field of humanitarian services, we respect the UN data protection standards emphasizing:
  • Fair and lawful data collection;
  • Security and confidentiality of data;
  • Respect for human rights, dignity, and non-discrimination; and
  • Limitation of data use to legitimate humanitarian or operational purposes.

 

  1. These principles are applied especially in projects conducted in Africa and the MENA region.


  • APEC Privacy Framework (Asia-Pacific Economic Cooperation). 

Where relevant to our cross-regional collaborations, we align with the APEC Privacy Framework and Cross-Border Privacy Rules (CBPR) system, which stress:

  • Preventing harm and ensuring fairness; 
  • Providing notice and choice; and 
  • Maintaining data integrity, security, and accountability across jurisdictions


  • North America – California Consumer Privacy Act (CCPA). 

For our operation involving partners or clients in North America, we observe the California Consumer Privacy Act (CCPA) and equivalent privacy laws. This ensures that individuals have:

  1. The right to know what data we collect and why; 
  2. The right to request deletion of their personal information;
  3. The right to opt-out of the sale or sharing of personal data; and 
  4. The right to equal service and non-discrimination. 


  • Humanitarian Data Protection Standards (ICRC/IFRC)
  • We apply the ICRC/IFRC Data Protection Handbook for Humanitarian Action (2020), which promotes:
  • Do No Harm: Data use must protect the dignity and safety of affected persons.
  • Necessity and Proportionality: Data collection limited to essential information only.
  • Informed Consent: Clear, voluntary, and meaningful consent is prioritized.
  • Controlled Data Sharing: Humanitarian data is shared only when necessary and securely.
  1. These principles are critical in humanitarian aid operations, particularly in MENA and African contexts where data sensitivity is high.

 

  1. Cross-Border Data Protection and Transfer Mechanisms

For international data transfers, we implement safeguards to ensure consistent data protection regardless of where processing occurs. These include:

  1. Standard Contractual Clauses (SCCs) under the GDPR; 
  2. Adequacy Decisions recognized by the European Commission
  3. Binding Corporate Rules (BCRs) or equivalent mechanisms

  • Continuous Compliance and Review

We regularly review our data protection practices to remain compliant with evolving global standards, including new data protection laws emerging across Africa, MENA, and North America. Regular staff training reinforces compliance, accountability, and ethical handling of data. 


  • Sharing and Disclosure of Information
  1. We may share information with:
  • Service Providers: For IT hosting, analytics, and communications support; 
  • Partner Organizations: In joint humanitarian operations, subject to confidentiality agreements; or 
  • Legal Authorities: When required by law or to protect legitimate interests. 

 

(B) We do not sell personal data to third parties.


  • International Data Transfer

Where necessary, your personal data may be transferred to and processed in countries outside your region of residence. We ensure adequate data protection safeguards are in place in compliance with GDPR, CCPA, and regional data protection frameworks.


  • Cookies and Tracking Technology

We may use cookies and similar technologies to improve website functionality and user experience. You may adjust your browser settings to manage or disable cookies. For more information, see our Cookie Policy.


  • Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy or as required by applicable law. Once no longer needed, data is securely deleted or anonymized.


  • Data Security 

We employ technical and organizational security measures to prevent unauthorized access, disclosure, or alteration of your data. These include encryption, secure servers, and access controls. However, no system can guarantee absolute security.


  • Your Rights
  • Depending on your region, you may have the right to:
  • Access, correct, or delete your personal information;
  • Withdraw consent at any time;
  • Object to or restrict processing; and/or
  • Request portability of your data. 
  • To exercise these rights, please contact us at msheqem@empowerh.org. We will respond in accordance with applicable regional laws.
  • Third Party Links

Our website may include links to external websites. We are not responsible for their privacy practices and encourage users to review their privacy policies separately.


  • Children’s Privacy

Our website and services are not directed toward children under 16 years of age. We do not knowingly collect data from minors. If you believe we have, please contact us immediately to remove such data.


  • Updates to this Policy

We may periodically update this Privacy Policy to reflect legal, technical, or operational changes. The “Last Updated” date indicates the latest revision. Substantive changes will be communicated through our website or direct notice.


  • Contact Us

If you have questions or concerns regarding this Privacy Policy or our data protection practices, please contact:

 

EmpowerH for Commercial Supplies W.L.L. 

Suite 403 – 4th Floor

Suhaim Commercial Complex

Suhaim Bin Hamad Street

Al Sadd – Doha – P.O. Box 4765
Email: msheqem@empowerh.org
Phone: +974 5582 3599 


  • Disclaimer

In support of our mission, we may collaborate with accredited humanitarian organizations, non-governmental organizations (NGOs), and local authorities. Any sharing of personal or project-related data in this context is conducted strictly for legitimate work-related purposes, in accordance with applicable data protection laws and recognized humanitarian data ethics standards. We ensure that all partners receiving such data are contractually bound to maintain confidentiality, apply appropriate security measures, and use the data solely for the intended humanitarian objectives.

Privacy Policy

Facebook X-twitter Youtube

All Rights Reserved to EmpowerH