جاري التحميل…
Qudra was built from the first line of code to comply with the Saudi Personal Data Protection Law (PDPL). What follows is what we actually do — not future aspirations.
Saudi users' data is stored and processed in the Riyadh region (PostgreSQL on infrastructure managed inside KSA). Personal data does not cross borders, except sanitised (no identity) text sent to AI providers under DPA + SCCs.
Every connection is protected by TLS 1.3 — no lower protocol. Data at rest is encrypted with AES-256. Passwords are hashed with argon2id and an extra pepper. We don't store card numbers — payment goes directly through Moyasar.
Messages are sanitised of personal data (names, IDs, phone numbers, emails) before reaching AI providers. Every provider (Anthropic, OpenAI, Google) is bound to Zero-Retention and prohibited from training on your data. The full list is on the subprocessors page.
Every AI match score is shown with its inputs and the reason it was ranked. Any debiasing adjustment is named and visible to you — no silent corrections. And employers can override any AI score with one click.
Every read or write of your data is logged (who, when, why, from which IP). You can request a copy of the log at any time — a statutory right under PDPL.
Daily backup at 03:30 Riyadh time, retained for 30 days. 99.9% monthly availability target. 24/7 monitoring with immediate alerting. Annual independent penetration tests.
