Last updated date: 25-FEB-2026

Khimji Ramdas, its subsidiaries, affiliates, group companies and its associates, including entities (collectively referred to as “Khimji Ramdas” / “we”/”us”) respect your privacy, care about the way in which your Personal Data is treated, and are committed in safeguarding user privacy and ensuring the confidentiality of the information collected while using our services and website in accordance with the Oman Personal Data Protection Law (PDPL) – Royal Decree No. 6/2022 and its Executive Regulations (MD 34/2024). This privacy policy outlines how we collect use, share and protect your personal data, your rights under PDPL and how to exercise those rights.

Our Commitment on Data Protection to Global Clients:

We treat all personal data with the highest level of care and security. Khimji Ramdas LLC operates in full alignment with applicable privacy regulations, including the Oman Personal Data Protection Law (Royal Decree 6/2022). We ensure that our processing activities respect the privacy standards of our global clients and the rights of their data subjects.

Data controller information

Khimji Ramdas

PO Box 19, Muscat 100

Sultanate of Oman

Tel: (+968) 24765500

Fax: (+968) 24795988

Contact Information of Data Protection Officer

Name: Ali Said Ali Al Kalbani

Email ID: privacy@kr.om

Phone Number: +968 98515813

The DPO is responsible for ensuring Khimji Ramdas LLC’s compliance with the PDPL and for addressing all inquiries related to the processing of personal data.

Our Role

Under the Oman PDPL (Royal Decree No. 6/2022), Khimji Ramdas LLC operate in two capacities:

• Data Controller: We act as the Controller when we determine the purpose and mean of processing your data to provide our direct services to you.
• Data Processor: We act as a Processor when we handle personal data solely on behalf of, and according to the documented instructions of, a Data Controller (such as a
• Corporate employer or partner). When we play a role of a processor we request you to check your controller’s Privacy practices before sharing with us.

Personal Data we collect

We collect information that identifies you or makes you identifiable. The type of data we collect depends on your interaction with us (e.g., whether you are a retail customer, a corporate partner, or a website visitor).

Information You Provide Directly

This is data you give us when you register for an account, purchase a product, or contact our support team.

• Identity Data: Full name, Civil ID number (Oman ID) or Passport number, and date of birth.
• Contact Data: Personal or work email address, mobile number, and physical billing/delivery address.
• Financial Data: Bank account details or payment card info (collected securely for transactions).

Information Collected Automatically

When you visit our digital platforms, we use cookies and similar technologies to collect technical data.

• Usage Data: Information about how you use our website, products, and services (e.g., pages viewed or links clicked).

Information from Third Parties

We may receive data about you from various third parties, such as:

Corporate Clients: If we receive your personal data through your organization, your employer may provide us with your professional contact details and identity information to fulfil the services. In such scenarios, we play a role of processor, and we request you to review the privacy policy of your employer or the controller.

We may also collect, Information about respective corporate client’s official signers and copies of your Commercial Registration (CR) to verify your business and assess creditworthiness and Names and work contact details for your staff to make sure our service-related communication is smooth and efficient.

Social media and Digital Platforms: If you contact us through social media, we receive profile information as permitted by your platform settings. By sending us a Direct Message (DM), you consent to our processing of that information to address your request. Please ensure you have read our Privacy Notice and are comfortable with your platform’s privacy configurations before reaching out.

Limitation of Liability for Publicly Shared Data While Khimji Ramdas LLC handles all private correspondence (Direct Messages) in accordance with the Oman PDPL (Royal Decree No. 6/2022), we do not encourage the disclosure of non-public personal information in public forums or comment sections. Users are advised that information shared publicly is outside of our exclusive control. Consequently, Khimji Ramdas LLC shall not be held liable for any damages, losses, or privacy breaches arising from the misuse of such information by other users or third parties.

Job Search Portals and Recruitment Agencies We may receive your personal information from third-party job boards or professional recruitment agencies if you have registered with them or applied for a role with us through their platforms.

Personal Data We Collect from Job Seekers

To evaluate your suitability for employment and fulfil our legal obligations as an employer in the Sultanate of Oman, we collect the following information:

• Identity & Demographic Data: Your full name, date of birth, gender, nationality, and copies of your Civil ID or Passport.
• Contact Information: Mobile number, personal email address, and current city of residence.
• Professional Profile: Your CV/Resume, current designation, employer or company name, and comprehensive employment history.
• Educational Records: Academic qualifications, certifications, and transcripts.

Regulatory & Onboarding Data: Once a candidate is selected, we are legally required to collect specific information to facilitate the issuance of mandatory government documents, including Labour Cards and Resident Cards.

The data we collect generally follows the categories listed above; however, it may change depending on the specific service you need. Because Khimji Ramdas operates across different industries, we recommend checking the specific website of the business unit you are contacting to understand their exact practices. We will only collect and process this specific data with your consent and for the purpose we have explained to you.

And this website is dedicated to KR Group and Subsidiaries.

Sensitive Personal Data

In limited circumstances and only as permitted by the Oman PDPL (Royal Decree No. 6/2022), we may process sensitive data (such as health or medical records).

• Purpose: This data is processed only to comply with legal requirements, protect vital or public interests, or fulfil specific contractual obligations (particularly when acting as a Data Processor).
• Protection: We apply enhanced security measures and strict confidentiality protocols to safeguard your identity and ensure the highest level of protection for this data.

Data of Minors

We do not intentionally collect data from individuals under the age of 18. We only process a minor’s information when provided by a parent or legal guardian for specific purposes, such as managing employee benefits for dependents.

• Website Usage: Our website is intended for adults. We do not knowingly target or collect data from minors through our digital platforms.
• Your Rights: If you believe your child’s data has been shared with us without your consent, or if you wish to manage their information, please contact us to exercise your rights under the Oman PDPL.

Legal Basis & Purpose of Processing

We process your personal data only when a valid legal basis exists under the Oman PDPL:

• Explicit Consent: Your clear, written, or electronic approval.
• Contractual Necessity: To fulfil the travel services you have requested.  
• Legal Obligations: To comply with Omani laws, court judgments, or regulatory requirements.
• Security of the Organization: To protect our systems, prevent fraud, and ensure the safety of our operations.

Our Purpose of processing,

• As a Data Controller: We process your personal data strictly for the purposes for which you engage us. Your data is treated as highly confidential and managed in full accordance with the Oman PDPL.
• As a Data Processor: When we act on behalf of another Controller (such as your employer), we process personal data strictly according to their documented written instructions and the safety standards mandated by the Law.

Data Subject Rights Under PDPL

 As a data subject, you have the following rights:

• Access: Request a copy of your personal data held by us
• Correction: Request correction of inaccurate or outdated data
• Erasure: Request deletion of your data under specific circumstances
• Deletion: Request erasure of your personal data, for example if consent is withdrawn or the data is no longer necessary.
• Withdrawal of Consent: Revoke previously given consent at any time.
• Restriction: Request temporary halt of processing under specific conditions
• Data Portability: Request transfer of your data in a machine-readable format
• Objection: Object to processing for direct marketing or other reasons.
• Complaint:If you have any questions or concerns regarding our privacy practices, we encourage you to contact our Data Protection Officer (DPO) If our DPO is unable to resolve your concern to your satisfaction, you maintain the right to escalate your complaint to the Ministry of Transport, Communications and Information Technology (MTCIT) through form and contact details published in the MTCIT Website. 

To exercise any of these rights, please contact: +968 98515813 /

 alkalbani@kr.om

Marketing & Promotional Activities

We only use your personal information for direct marketing if you provide explicit consent. All our marketing communications include clear instructions on how to opt out at any time. You can withdraw your consent or change your preferences by replying directly to our emails, messaging us on social media, or contacting us through this website.

Retention of Personal Data

We retain your personal data only as long as necessary to fulfil the purpose for which it was collected or as required by law. For regulatory, auditing, we store data for 10 years following the end of our relationship or as per the agreement. Within this period, you may exercise any of your rights as per Oman PDPL. For more information, please refer to the “Rights of the Data Subject” section.

Retention period for Job Seekers: We would like to keep your profile on file so we can contact you if a suitable role opens up in the future for one year from the year you submitted your profile. During this time, you can exercise any of your rights mentioned at any time. After one year, we will automatically and securely delete your information from all our systems.

Data Security

We implement appropriate technical and organizational measures to protect the personal information we collect from or about you (including personal identifiable information) against unauthorized access, use, alteration, or disclosure. These measures include, among others:

• Encryption of personal data at rest and in transit, where applicable
• Role-based access controls and audit logging
• Staff training and internal privacy and information security governance measures

Cross-Border Data Transfers

We store personal data outside Oman using 3^rd party Cloud Service Providers hosted outside Sultanate of Oman. We also transfer data to government authorities, embassies, international partners in third countries to deliver your requested services.

To ensure the safety of your information, we conduct Transfer Impact Assessments and maintain Data Protection Agreements with our partners to guarantee a level of protection equivalent to the Oman PDPL.

Link to other Sites

Our Services may contain links to other websites and services. Any information that you provide on or to a third-party website or service is provided directly to the owner of the website or service and is subject to that party’s privacy policy. Our Privacy Policy does not apply to such websites or services and we’re not responsible for the content, privacy, or security practices and policies of those websites or services. To protect your information, we recommend that you carefully review the privacy policies of other websites and services that you access.

Breach Notification

We are committed to the highest standards of data integrity and confidentiality. Our security & privacy framework is designed to prevent, detect, and respond to threats. In the event of a suspected or confirmed personal data breach, we follow a rigorous Incident Response Plan (IRP) to mitigate impact:

• Immediate identification of the breach source and containment of the affected systems to prevent further exposure.
• We will notify the Ministry of Transport, Communications and Information Technology (MTCIT)within 72 hours.
• Affected data subjects will also be informed without undue delay if there is a risk to their rights or freedoms along with the remediation action they must take from their end
• Remediate and we will provide the detailed analysis of the breach in a stipulated time and form as required by MTCIT.

Changes to Privacy Policy

Any information that we collect is subject to the privacy policy in effect at the time that the Information is collected. We may, however, modify and revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them on the Services or by sending you an email or other notification at our sole discretion, and we’ll indicate when those changes will become effective.

Complaints and Contact Information

IF you believe your personal data has been mishandled or your privacy rights are violated,

Please contact

Data Protection Officer

Email: privacy@kr.om

Phone Number: +968 98515813

Or write to:

Khimji Ramdas LLC

PO Box 19, Muscat 100

Sultanate of Oman

Tel: (+968) 24765500

Fax: (+968) 24795988