PRIVACY
POLICY

1. DIRIYAH GATE DEVELOPMENT AUTHORITY ("DIRIYAH GATE DEVELOPMENT AUTHORITY") or (“DGDA”) DATA PRIVACY AND COOKIE POLICY

  • We may collect, depending on your use of the site, information about users “Personal Data”. The entity responsible for your Personal Data is Diriyah Gate Development Authority.
  • Diriyah Gate Development Authority is a Saudi Arabian government entity registered pursuant to a Royal Order established in the Kingdom of Saudi Arabia. 
  • Diriyah Gate Development Authority, and our affiliates and branch offices (also referred to as "we" and "us"), take our data protection and privacy responsibilities seriously.
  • This Data Privacy and Cookie Policy ("Privacy Policy") describes how we collect, process, use, disclose and transfer your Personal Data as a "data controller". A "data controller" is an entity which determines why and how personal data is  processed. This Privacy Policy covers instances when you contact us, use our services and products or interact with us, including via our websites, such as www.dgda.gov.sa, and any Diriyah Gate Development Authority mobile applications (together "Diriyah Gate Development Authority Websites").

 

2. TERMS OF USE

  • Use of the Diriyah Gate Development Authority Websites is subject to our Terms and Conditions ("Terms"). In addition to acknowledging the terms of this Privacy Policy, you also agree to be bound by the Terms. Please ensure you read them carefully and understand them.
  • Only to the extent consent is required under applicable data protection law, you consent to this Privacy Policy. If you are located in the European Economic Area (EEA) or the UK, you acknowledge the terms of this Privacy Policy. 

 

3. UPDATES

  • We may amend this Privacy Policy from time to time to keep it up to date with legal requirements and the way we operate our business. Please regularly check these pages for the latest version of this Privacy Policy. If we make material changes to this Privacy Policy, we will seek to inform you by either updating the date at the top of the page or by notifying you on our website or by email.  Any changes will be effective only after the effective date of the change and will not affect any dispute arising prior to the effective date of the change.

 

4. THIRD PARTY WEBSITES

  • Diriyah Gate Development Authority Websites may link you to other websites, including those of our partners, advertisers and affiliates. We are not responsible for the way in which third party websites operate or the way in which they may process any Personal Data, which you provide to them. It is important that you understand this and check their respective privacy policies and terms of use.
  • We may also, from time to time, partner with advertising networks and other online advertising providers in order to deliver advertisements on our behalf or on behalf of other non-affiliated parties on our websites and across the Internet. These advertisements may be presented to you based on products and services the advertising providers think are relevant to your interests. These preferences may be inferred based on information collected about your browsing behavior on our websites and other non-affiliated sites and apps across time.
  • The information posted by you on public areas of Diriyah Gate Development Authority Websites or elsewhere on the internet may be seen and used by anyone including Diriyah Gate Development Authority. Please therefore be cautious before posting such information.

 

5. WHAT PERSONAL DATA WE COLLECT AND WHEN AND WHY WE USE IT

What is Personal Data

  • Personal Data in this Privacy Policy means any information relating to an identified or identifiable natural person (a 'data subject'). An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • In this section, we describe what Personal Data we collect, and how we use that Personal Data and, where required under applicable data protection law, the legal bases for each processing activity. A further description of the legal bases is set out at section 6 of this Privacy Policy.

Purchasing tickets or other Diriyah Gate Development Authority products

  • If you use the Diriyah Gate Development Authority Websites to purchase tickets, Diriyah Gate Development Authority merchandise etc., we will collect and use information about you as necessary to manage the purchase. This may include Personal Data such as your name, date of birth, address, contact information (such as phone number and e-mail address), billing information, as well as information collected about your navigation patterns on our websites. We may also seek to collect from you special categories of information in order to enhance your purchase and visitor experience. These special categories of information may include details such as whether you use a wheelchair and whether you have any food preferences or dietary requirements.
  • Legal basis: Contract Performance, Legitimate Interests (to enable us to operate our business and perform our obligations). Where this includes special categories of information, we rely on Explicit Consent.

Customer Support and online services

  • If you contact us by way of email, live chat, message boards or any other facility made available by Diriyah Gate Development Authority with a query or comment about any of our services or products, we will need to collect information about you (including your contact details) to help us respond to your query or request or provide our services to you. We may do this when you call our customer support center, or interact with us through our online support tools. This information may include identification data (such as your name, date of birth, gender, nationality etc.), contact details (such as email address and telephone number) and other information.
  • We may also keep a record of any communications we have with you (including a recording of any calls you make). We do this to help monitor and improve the quality of our customer support services, to make and defend legal claims, and to comply with legal obligations to which we are subject.   If you do not wish to have your calls recorded, please disconnect and contact us as follows: [email protected]
  • Legal basis: Contract Performance, Legitimate Interests (to enable us to provide our services and support), Legal Obligations (where applicable).

Creating registered accounts on Diriyah Gate Development Authority Websites

  • There are a number of sections of the Diriyah Gate Development Authority Websites which we require you to register for in order to be able to make full use of the services available under them.
  • If you register with us to create a Diriyah Gate Development Authority Websites account, we may process your Personal Data to manage your access to certain parts of Diriyah Gate Development Authority Websites and, if applicable, allow you to make certain purchases (such as tickets and merchandise) or receive certain services.
  • If you register with us to create a Diriyah Gate Development Authority Websites account, the Personal Data we will collect from you may include identification data (such as your name, age, gender and country of residence), contact details (such as your email address, phone number and address), and may also include professional information about you and your photo. If you choose to register an account with us by using a third party app (such as Facebook or Twitter), you will be presented with a dialogue box which will ask your permission to allow Diriyah Gate Development Authority to access your Personal Data from that third party app (e.g. your full name, date of birth, email address and any other information you have made publicly accessible). Please note that any information that is not required will not be retained by Diriyah Gate Development Authority.
  • If you create an account with us, we may use your Personal Data to verify your identity when using the Diriyah Gate Development Authority Websites. We may also use your contact details to send you transactional and other non-marketing email messages pertaining to your account and provide certain other account maintenance services to facilitate your transactions with Diriyah Gate Development Authority and/or your use of the services we offer on Diriyah Gate Development Authority Websites.
  • Legal basis: Contract Performance, Legitimate Interests (to enable us to provide and manage your account and perform our obligations), Legal Obligations (where applicable).

To provide you with marketing communications

  • Subject to your marketing preferences. we may use your Personal Data to market and promote our own and selected business partners’ products and services to you by post, email, SMS, social, media, phone and fax including:
    • where you would like us to keep you informed about latest news and developments at Diriyah Gate Development Authority through our newsletter or other means;
    • to offer you the opportunity to download digital souvenirs following your visit to Diriyah Gate Development Authority (if applicable); and
    • from time to time we hold events and special promotions to introduce Diriyah Gate Development Authority to interested parties. If you come to one of these events, or take part in a promotion, we may ask for your personal details to help us run the promotion and keep in touch with you about our services and any special offers or competitions that we think may be of interest.
  • For more information about direct marketing, please see section 8 below.
  • Legal basis: Consent unless we can rely on Legitimate Interest (to keep you updated with news in relation to our products and services).

Participation in Diriyah Gate Development Authority as a volunteer

  • If you use Diriyah Gate Development Authority Websites to apply to become a volunteer, we will collect and use information about you as necessary to manage the application process and, if successful, your participation in the volunteering program. This may include communicating information with you which we deem to be of relevance to your participation in Diriyah Gate Development Authority. The Personal Data we collect from you may include your name, date of birth, address, nationality, next of kin details, identification information (such as your Saudi or Iqama ID number or any other recognizable identification document), contact details (such as phone number and e-mail address), information about your health (such as whether or not you have a disability and dietary requirements), biometric information, employment and education history and third party data about you, for example, your Twitter, Facebook or other social media profiles.
  • Legal basis: Contract Performance, Legitimate Interests (to enable us to evaluate your volunteer application). Where this includes special categories of information, we rely on Explicit Consent.

Participation in Diriyah Gate Development Authority

  • If you contact us with a view to becoming a business partner of Diriyah Gate Development Authority or to attend Diriyah Gate Development Authority in a business capacity, we will need to collect information about your business, which may include Personal Data (for example, your contact details) to help us respond to your query or request. We may do this when you call us, or interact with us through our online support tools. The information we collect may include for example your name, date of birth, address, email, telephone number, your photograph, passport details, visa details (if applicable), bank account details.
  • Legal basis: Legitimate Interests (to enable us to evaluate your business partner application).

In connection with legal or regulatory obligations

  • We may process your Personal Data to prevent fraud, protect DGDA’s business, comply with our regulatory requirements or dialogue with regulators as applicable which may include disclosing your Personal Data to third parties, the court service and/or regulators or law enforcement agencies in connection with enquiries, proceedings or investigations by such parties anywhere in the world or where compelled to do so.
  • Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.
  • Legal basis: Legal Obligations, Legitimate Interests (to cooperate with law enforcement and regulatory authorities). Where this includes special categories of personal information, we rely on Substantial Public Interest (prevention or detection of crime), Legal Claims, or very rarely where necessary, Explicit Consent.

Additional information

  • Sometimes we will require you to provide additional Personal Data. When we do this, we will provide further information about why we are collecting it and how we will use it. Where we provide personalized content, we may ask your permission (and we therefore rely on Consent as our lawful basis) to review third party data about you, for example, your social media information to get to know you better and to provide more effective personalization.

Automatic Collection for the purpose of analytics, research and improvement

  • Diriyah Gate Development Authority and third parties that provide content, advertising, or other functionality on our services, may use cookies, pixel tags, local storage, and other technologies to automatically collect information through the services. These are collected for the purposes of:
    • Developing the design and style of our products and services to make improvements;
    • Carrying out statistical, technical and logistical analysis and strategic development;
    • Carrying out market research;
    • Understanding more about you such as your location and demographic information;
    • Providing you with personalized services, such as recommendations on our websites, apps and in direct marketing and tailored advertising; and
    • If you purchase a ticket from us, to help you to create personalized pathways through the Diriyah Gate Development Authority site on the basis of your preferences which we will have ascertained from your navigation of Diriyah Gate Development Authority Websites and, once you are on the Diriyah Gate Development Authority site, through location tracking carried out through our mobile application.
  • Diriyah Gate Development Authority Websites collect information about how you use our content online, and the device(s) you use to access the site. This includes collecting unique online identifiers such as IP addresses, which are numbers that can uniquely identify a specific computer or another network device on the internet. See section 11 for more information.
  • Legal basis: Consent unless we can rely on Legitimate Interest (to keep you updated with news in relation to our products and services and to enable us to analyze how you interact with our communications).

To reorganize or make changes to our business

  • In the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organization, we may need to transfer some or all of your Personal Data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analyzing any proposed sale or re-organization.
  • We may also need to transfer your Personal Data to that re-organized entity or third party after the sale or reorganization for them to use for the same purposes as set out in this Privacy Policy.
  • Legal basis: Legitimate Interests (in order to allow us to change our business).

 

6. LEGAL BASIS FOR USING YOUR DATA

  • A description of the legal basis used to process Personal Data referred to in section 5 above is set out below:
    • Contract Performance: where we need to use your Personal Data to perform a contract or take steps to enter into a contract with you;
    • Legitimate Interests: where we use Personal Data to fulfil our legitimate interests as an organization (or those of any third party) and these outweigh any prejudices to your data protection rights.,
    • Legal Obligations: where we need to use your Personal Data to comply with a relevant legal or regulatory obligation that we have; and
    • Consent: where we have your consent to use your Personal Data for a particular activity. You are free to withdraw your consent by contacting us using the details set out at section 16 of this Privacy Policy. If you do so, we may be unable to provide a benefit, good or service that requires the use of such data.
  • A description of the legal basis used to process special categories of personal information referred to in section 5 above is set out below:
    • Legal Claims: where we are required to process the Personal Data for us to establish, defend, prosecute or make a claim against you, us or a third party;
    • Substantial Public Interest: the processing is necessary for reasons of substantial public interest, on the basis of applicable law;
    • Explicit Consent: where you have given explicit consent to the processing of the special categories of personal information for one or more specified purposes. You are free to withdraw your consent by contacting us using the details set out at section 16 of this Privacy Policy. If you do so, we may be unable to provide a benefit, good or service that requires the use of such data.
  • If you would like to find out more about the legal bases upon which we process Personal Data please contact us.

 

7. HOW WE SHARE INFORMATION WITH OTHERS

  • We work closely with a number of trusted partners with whom we may need to share your Personal Data for the purposes (and in accordance with the corresponding lawful bases) set out at section 5 above, including:
    • our affiliates and advisors;
    • banks and payment providers, to authorize and complete payments;
    • international participants, to help manage access to their pavilions and for analytics purposes, if you sign up for fast pass entry into pavilions;
    • third parties who help manage our business and deliver services. For example, these may include IT service providers who help manage our IT and back office systems, or third party booking agents; and
    • business partners.
  • Where permitted to do so, we may share your Personal Data with our partners who may send you marketing and promotional information.
  • From time to time we may share information about you with government organizations and agencies, including international organizations, to comply with applicable laws, regulations and rules, and legitimate requests from law enforcement, regulatory and other governmental or international agencies, or when to do so is in our legitimate interests, even if we are not compelled to share that information by applicable law.

 

8. MORE ABOUT DIRECT MARKETING, PROFILING AND AUTOMATED DECISION MAKING

  • Direct marketing
    • We are committed to keeping you informed about Diriyah Gate Development Authority and our products and services in line with your personal preferences.
    • We will usually send this by email but, depending on your preferences, we may contact you in other ways for example by phone, post, SMS, social media and/or other electronic means if that is more appropriate.
  • Managing your marketing preferences
    • To protect privacy rights and to ensure you have control over how we manage marketing with you:
    • where required by applicable data protection law, we will only send you marketing communications if you have provided your consent;
    • we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you;
    • to stop receiving marketing material from us, you can click the "unsubscribe" link that you will find on any electronic communications which you receive from us, or, for other types of communications, by contacting us as per the details set out at section 16 below; and
    • you can change the way your browser or device manages cookies, which may be used to deliver online advertising, by following the settings on your browser as explained in the "Cookies" section (section 11) below.
    • We recommend you routinely review the privacy policies and preference settings that are available to you on any social media platforms.
  • More about profiling and analytics
    • In order to assist us in conducting our processing purposes, we may apply profiles to you based on your Personal Data, including the Personal Data you have provided to us; behavioral information (such as pages on our website or app that you have interacted with); demographic data; and Personal Data that we have legitimately obtained from third parties or public sources. Such profiles may be used as part of the processing purposes of enhancing and improving our services, tailoring content to you, personalizing your experience and for our research and development purposes.
    • One of the methods by which we do this is by installing and using Cookies on your browser or device. You can learn more about how to adjust settings relating to Cookies on your browser and device, and about our Cookie Policy in the "Cookies" section (section 11) below.

 

9. TRANSFERRING PERSONAL DATA INTERNATIONALLY

  • We store and process your Personal Data in various jurisdictions, including the Kingdom of Saudi Arabia. Your Personal Data may be shared with and processed by other entities outside the Kingdom of Saudi Arabia or the country from which your Personal Data was collected. The laws on processing Personal Data in these locations may be less stringent than in your country. It may also be processed by staff operating outside of your country. We will take all steps reasonably necessary and/or required by applicable data protection laws to ensure that your information is treated securely and in accordance with this Privacy Policy and applicable law.
  • You can contact us for more information about the safeguards we have put in place to ensure the adequate protection of your Personal Data when this is transferred as mentioned above.

 

10. HOW WE PROTECT AND STORE YOUR INFORMATION 

  • How we protect your information
    • We take all reasonable and appropriate steps to protect your Personal Data but cannot guarantee the security of any data you disclose to us.
    • Where you disclose information to us using our mobile app, please ensure that your device remains safe. We cannot be held responsible for any data misuse arising from unauthorised access to your device.
    • Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites/mobile apps, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of.  We ask you not to share a password with anyone.
  • Storing your Personal Data
    • We will store your Personal Data for as long as reasonably necessary for the purposes for which it was collected, as explained in this Privacy Policy, and any permissible related purpose(s).
    • In some circumstances we may need to store your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, reporting, regulatory, tax, accounting requirements, or in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings. Should you require information about how we retain particular information you can contact us as per the details set out at section 16 below.
    • Where your information is no longer required, we will ensure it is disposed of or anonymized in a safe manner.

 

11. COOKIES

  • Our policy on "cookies"
    • A cookie is an element of data that a website sends to your browser, which then stores it on your system. Cookies may collect Personal Data about you. Cookies allow us to understand who has seen which pages and advertisements, to determine how frequently particular pages are visited and to determine the most popular areas of our website. Cookies also allow us to make Diriyah Gate Development Authority Websites more user-friendly by, for example, allowing us to take you to the language site of last use, so that we can give you a better experience when you return to our website.
    • Cookies will be deployed on your device when you visit Diriyah Gate Development Authority Websites unless you indicate that you do not wish this to happen or if you have turned this feature 'off' in your web browser or device settings.
    • Only the issuer of the cookie concerned may read or modify the information contained therein.
  • Cookies deposited by a third party on Diriyah Gate Development Authority Websites
    • Our websites may contain cookies issued by third parties (e.g. communication agency, audience measurement company, targeted advertising provider, etc.) allowing them, during the validity period of their cookies:
    • To collect browsing information about browsers browsing our websites; and
    • To determine the advertising content that may correspond to your interests; and
    • To send you targeted advertising, in view of your browsing history collected by the third party.
    • At any time, you can prevent the collection of information about you via these third-party cookies, by clicking on the corresponding links (see section 11.3 below).
    • The issue and use of Cookies by a third party company is subject to the respective company’s own terms of use.
  • Your management and use of cookies
    • You can manage and modify your use of cookies through your browser software.
    • The settings you make may change your Internet browsing and your conditions of access and use of certain services on Diriyah Gate Development Authority Websites that require the use of cookies.
    • You are always free to decline our cookies if your browser permits, however, if you choose to turn off cookies, you may not have access to many features that optimize your browsing of our Site, and some of our services may not function properly. You may at any time delete any cookies set by using the relevant option of your Internet browser or by deleting the cookies on your hard drive. The site www.allaboutcookies.org includes instructions for managing cookies on many commonly used Internet browsers, or you may consult the vendor documentation for your specific software.

 

12. YOUR RIGHTS

  • We will use reasonable endeavours to ensure that your Personal Data is accurate.  In order to assist us with this, you should notify us of any changes to the Personal Data that you have provided to us by contacting us using the contact details set out at section 16 below.  
  • You have certain rights available  when it comes to your Personal Data processed under this Privacy Policy. Please note that these rights may vary depending on where you are located and the exercise of such rights may be subject to certain exemptions.
  • In order to exercise such rights, you should contact us using the contact details set out at section 16 below. We will check your entitlement and respond in most cases within a month.
  • By way of example, where you are located in the EEA or the UK, you may have the following rights (in certain circumstances);
    • updating Personal Data as per section 12.1 above;
    • requiring us to delete Personal Data (which we no longer have a lawful basis to use);
    • being provided with a copy of Personal Data that you have provided to us;
    • requesting that we stop using Personal Data (usually where the processing is based on consent);
    • opting-out of marketing communications a per section 8 above;
    • requesting that we transmit Personal Data we hold to a third party electronically;
    • restricting how Personal Data is used whilst a complaint is being investigated; and
    • contacting your local data protection regulator if you are not satisfied with our use of your Personal Data or response to the exercise of your rights. A list of the EEA data protection regulators can be found at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
  • For California residents,
    • DGDA has not disclosed and/or sold personal information to third parties for a business or commercial purpose in the preceding 12 months. DGDA does not sell the personal information of minors under 16 years of age without affirmative authorization.  If you wish to change personally identifiable information that you have provided DGDA, please Contact Us.
    • Your California Privacy Rights.  You have the right to request that DGDA disclose to you what information it collects, uses, discloses, and sells.  You also have the right to request that a business delete any personal information about you which the business has collected about you.  To submit either of the above requests, you may call us at 92 000 2622.  You may also submit via email at [email protected]  You may also submit via web portal at https://www.dgda.gov.sa.  Please note for your protection, any request sent to DGDA to delete your personal information will be subject a verification procedure.  You have the right to direct DGDA to not sell your information.  To exercise this right to opt-out of the sale of personal information, please email at [email protected]  DGDA shall not discriminate against you for exercising any of your above rights.  You may designate an authorized agent to make a request to exercise your rights on your behalf.   For your protection, we reserve the right to deny any request from an agent who does not submit proof that they have been authorized to act on your behalf.  DGDA has no actual knowledge that it sells personal information of minors under age 16.]
  • [California’s ‘Shine the Light’ Law.  For California residents, under California’s “Shine the Light” law, a California resident with whom DGDA has an established relationship has the right to request information about DGDA’s disclosure of personal information to affiliated companies or third parties for their direct marketing purposes, within the immediately preceding calendar year, subject to certain exceptions. To exercise this right, please contact us by writing to us at [email protected]
  • Tracking. For California and Delaware residents, DGDA will not respond to Web browser “do not track” signals.  If you would like additional information about online tracking and various opt-out mechanisms, please see https://youradchoices.com/   Because we link to social media Websites, and from time to time may include third-party advertisements, other parties may collect your personally identifiable information about your online activities over time and across different web Websites when you visit this Website.  [In addition, we use Google AdWords, so we are advertising the Website online through a form of tracking called remarketing,  Third-party vendors, including Google, show our ads on various Websites across the Internet, and use cookies to serve you ads based on your past visits to this Website.  You can opt out of Google's use of cookies by visiting Google's Ads Settings https://www.google.com/settings/ads/plugin . Alternatively, you can opt out of a third-party vendor's use of cookies by visiting the Network Advertising Initiative opt-out page. http://www.networkadvertising.org/choices/]  Please note that not all tracking will stop even if you delete cookies.

 

13. INFORMATION ABOUT YOUR DEPENDENTS AND RELATED PERSONS

  • If you provide Diriyah Gate Development Authority with Personal Data about your next of kin and/or related persons for emergency contact or any other purposes, it is your responsibility to inform such individuals about such activities, to direct them to this Privacy Policy, and to obtain their consent, where necessary and required under applicable data protection law, to the processing (including transfer) of their Personal Data as set out in this Privacy Policy.

 

14. COLLECTION OF DATA FROM MINORS

  • If you are resident in the KSA and under 18 or, alternatively, are resident elsewhere and are not yet the relevant age of majority in the jurisdiction in which you reside, we are not permitted to contract with you directly. You acknowledge and (where consent is required under applicable data protection law), agree that your guardian has read and consented to its terms on your behalf. If we seek your consent to process your Personal Data for a specific purpose in accordance with this Privacy Policy, such consent must be granted on your behalf by your guardian.

 

15. Limitation of Liability 

  • UNDER NO CIRCUMSTANCES SHALL DGDA BE LIABLE FOR ANY DIRECT OR INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES THAT MAY ARISE FROM A CLAIM OF BREACH OF THIS PRIVACY POLICY.  Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages. In such jurisdictions, our liability is limited to the greatest extent permitted by law, or $[5], whichever is less.

 

16. ADDITIONAL RIGHTS

  • Applicable laws may give you additional rights that are not described in the Privacy Policy.

 

17. CONTACT US

  • If you have any questions, concerns or complaints regarding our compliance with this Privacy Policy and the data protection regulations, or if you wish to exercise your rights, please contact us as follows: [email protected]
  • We will investigate and will attempt to resolve complaints and disputes and make every reasonable effort to honour your wish to exercise your rights as quickly as possible, in any event, within the timescales provided by applicable data protection laws.
  • In some countries, you may have a right to lodge a complaint with your local data protection supervisory authority. We ask that you please attempt to resolve any issues with us before referring to your local supervisory authority.