Right to information

freedom of information

It is the public, unprotected or confidential information that the platform processes, regardless of its source, form or nature. Open data falls under public information. The process of providing public data to individuals in return for a fee is called "freedom of information" or as it is known as the "right to information policy".

Right to Information Legislation

The National Data Governance Policies establish the legal basis for individuals’ right to access public information and the obligations of government entities for all requests from any individual to access or obtain public information – unprotected – produced or held by government entities, regardless of its source, form or nature. This includes paper records, emails, information stored on computers, audio or video tapes, microfiche, maps, photographs, handwritten notes or any other form of recorded information, and also defines the roles and responsibilities of the Saudi Data and Artificial Intelligence Authority (SDAIA) and its affiliates, in addition to the obligations of the National Data Management Office and the National Information Center .

Who can request information?

Every individual has the right to submit a request and learn information related to the platform’s activities, and also has the right to view public information – not protected – for a fee. The applicant does not necessarily have to have a certain status or interest in this information to be able to obtain it, and he is not subject to any legal accountability related to this right. This comes to enhance the system of integrity, transparency and accountability.

Individuals' rights to access information

• An individual has the right to submit a request to obtain or view any unprotected information held by public authorities.
• The individual has the right to know the reason for the refusal of the request for access or to view the requested information.
• An individual has the right to file a grievance against a decision to reject a request to obtain or view the requested information.
• That all requests for access or access to public information be treated on the basis of equality and non-discrimination between individuals.
• Any restrictions on the request to view or obtain protected information received, produced or handled by the Platform must be justified in a clear and explicit manner.

What information can be requested and what information is excluded?

The policy applies to all requests for access to "unprotected and open data" information, regardless of its source, form or nature, for the purpose of improving work performance and efficiency and benefiting from the data. The excluded information to which the provisions of this policy do not apply is "protected information" such as:

• Information the disclosure of which would harm the national security, policy, interests or rights of the State.
• Information that includes recommendations, suggestions or advice for the issuance of legislation or a government decision that has not yet been issued.
• Information of a commercial, industrial, financial or economic nature, the disclosure of which would lead to an illegal gain or loss.
• Scientific or technical research, or rights that include an intellectual property right, the disclosure of which would infringe upon a moral right.
• Information relating to competitions, bids and auctions, the disclosure of which would prejudice fair competition.
• Information that is confidential or proprietary under another law, or that requires specific regulatory procedures to access or obtain.
• Military and security information.
• Information and documents obtained under an agreement with another country and classified as protected.
• Investigations, inquiries, seizures, searches and surveillance operations related to a crime, violation or threat.

Steps and procedures for requesting information

1. You can apply from here .
2. Within a specific period of time (30 days) from receiving the request to view or obtain public information, the platform will take one of the following decisions:

Approval: If the request to access or obtain information is approved in whole or in part, the individual must be notified electronically of the applicable fees, and the platform must make this information available to the individual within a period not exceeding (10) business days. Rejection: If the request to access or obtain information is rejected, the rejection must be electronic and include the following information:

1. Determine whether the request was rejected in whole or in part.
2. Reasons for rejection, if applicable.
3. The right to appeal this refusal and how to exercise this right.

Extension: If the request for access to information cannot be processed within the specified time, the platform will extend the period within which the response will be made for a reasonable period depending on the size and nature of the information requested and provide the individual with the following information:

1. Extension notice and expected date of completion of application.
2. Reasons for delay.

Notification: If the requested information is available on the platform’s website, or is not within its jurisdiction, the individual must be notified of this in writing or electronically, including the following information: Type of notification, for example: The requested data is available on the platform’s website or is not within its jurisdiction.

Contact us

If you have any questions about our Freedom of Information Policy, request assistance or make a complaint, please contact us via:

• Phone: 199040
• Fax: 00966-11-456-3196
• Email: infocs@momah.gov.sa
• Questionnaire: Contact Form
• Working hours: 24/7
• Expected response time: 24 hours
• For inquiries: call 199040

Obligations of public authorities

1. The public entity shall be responsible for preparing and implementing policies and procedures related to the exercise of the right to access or obtain public information, and the first official in the entity shall be responsible for approving and adopting them.
2. The public entity shall establish an administrative unit that is linked to the data management offices in the government entities that were established pursuant to Royal Decree No. 59766 dated 11/20/1439 AH, and shall be assigned the responsibility of developing, documenting and monitoring the implementation of policies and procedures approved by the entity’s senior management related to the right to access information, provided that the unit’s tasks and responsibilities include setting appropriate standards to determine data classification levels in the event of their absence – in accordance with the data classification policy – ​​and using them as a primary reference when processing requests to view or obtain public information.
3. The public authority shall identify and provide the possible means (public information request forms) – whether paper or electronic – through which an individual can request to view or obtain public information.
4. The public authority shall verify the identity of individuals before granting them the right to view or obtain public information in accordance with the controls approved by the National Cybersecurity Authority and relevant authorities.
5. The entity shall establish the necessary standards to determine the fees incurred for processing requests to access or obtain public information based on the nature of the data, its volume, the effort expended, and the time taken – in accordance with the data monetization policy document. The public entity shall document all records of requests to access or obtain information and the decisions taken regarding these requests, provided that these records are reviewed to address cases of misuse or non-response.
6. The public entity shall prepare and document policies and procedures for maintaining and disposing of application records in accordance with the regulations and legislation related to the entity’s work and activities.
7. The public entity shall prepare and document the procedures necessary to manage, process and document extension requests, rejected requests, and determine the tasks and responsibilities related to the competent work team, and the cases in which the regulatory entity and the office are notified according to the administrative hierarchy in accordance with the specified time period for processing requests.
8. The public authority shall notify the individual - in an appropriate manner - if the application is rejected in whole or in part, explaining the reasons for the rejection, the right to appeal, and how to exercise this right within a period not exceeding (15) days from the date of the decision.
9. The public entity shall prepare awareness programmes to promote the culture of transparency and raise the level of awareness in accordance with the freedom of information policies and procedures approved by the entity’s senior management.
10. The public entity shall be responsible for monitoring compliance with freedom of information policies and procedures on a regular basis, and this shall be presented to the entity’s senior official or his delegate. The corrective measures that will be taken in the event of non-compliance shall also be identified and documented, and the regulatory entity and the office shall be notified according to the administrative hierarchy.

General Provisions

First : The Unified National Platform shall align this policy with its regulatory documents - policies and procedures - and disseminate it to all entities affiliated with it or linked to it in a manner that achieves integration and ensures the achievement of the desired goal of its preparation.

Second : The unified national platform must balance the right to obtain or view information with other necessary requirements such as achieving national security and maintaining the privacy of personal data.

Third : The unified national platform must comply with this policy and document compliance periodically in accordance with the mechanisms and procedures determined by these entities after coordination.

Fourth : The regulatory authorities - after coordination with the office - shall prepare the mechanisms, procedures and controls related to handling complaints according to a specific time frame and according to the organizational sequence.

Fifth : The Unified National Platform must notify the office if the request to obtain or view public information or extend the period specified for submitting this information is rejected - and it is within the scope.

Sixth : When contracting with other entities - such as companies that provide public services - the Unified National Platform must periodically verify the compliance of other entities with this policy in accordance with the mechanisms and procedures determined by the entity, provided that this includes any subsequent contracts made by other entities.

Seventh : The Unified National Platform has the right to set additional rules for processing requests related to specific types of public information according to their nature and sensitivity after coordination with the office.

Eighth : The unified national platform must prepare forms for obtaining or viewing general information - whether paper or electronic - specifying the necessary information and possible means for providing the required information.

Freedom of Information Legislation and Policies

• National data governance policies .
• Main principles and general rules of freedom of information .
• Main principles and general rules of open data .