Data Privacy Policy

    Website Data Privacy Notice

    This Privacy Notice reflects the requirements of the General Data Protection Regulation (‘GDPR’) and Kingdom of Saudi Arabia Personal Data Protection Law (‘PDPL’).

    Data controller: ‘Cracknell Group’ = Cracknell Landscape Investments Limited and its Affiliates from time to time, including but not limited to Cracknell Landscape Design LLC, Cracknell Limited, Cracknell Philippines Inc., Cracknell Qatar LLC, Cracknell Landscape Planning & Design Consultants (Shenzhen) Ltd, Cracknell & Partners Landscape Engineering, the Civil Partnership and the Establishment.

    Cracknell Group maintains the Website (‘Site’). When using the Site, we collect certain personal data. This Website Privacy Policy describes how Cracknell Group collects, uses, shares and stores your personal data connected only to your engagement on the Site, and does not apply to Cracknell Groups’ activities that are ‘offline’ or unrelated to the Site.

    1. What information is personal data?
    We refer to any data that relates to an identified or identifiable individual or that is linked or linkable to them by Cracknell Group as ‘Personal Data’.

    2. What personal data does Cracknell Group collect?
    We collect only the Personal Data we need, which may include your name, address, telephone number and e-mail address. This information can be gathered when feedback is sent to the Site or when you contact Cracknell Group through the Site’s email address or subscribe to our newsletter. Further, when applying for jobs through our Site, Cracknell Group will ask for further Personal Data, the collection, storage and use of which is detailed in our Recruitment Data Privacy Policy. This Website Data Policy will further focus only on the use of the Site for general purposes.

    3. What other data does Cracknell Group collect?

    Cracknell Group collects certain anonymous data regarding the usage of the Site such as ‘Cookies’. Cookies are small bits of data cached in a user’s browser, used to determine whether you have visited the Site in the past. Cookies and other anonymous data do not personally identify users by itself or in combination with other information and are gathered to improve the performance of the Site. The anonymous data collected by the Site can include information such as the type of browser you are using and the length of the visit to the Site. Cookies that are required for the Site to operate properly are allowed to be set without your consent. All other cookies require your consent.

    • Strictly necessary cookies allow core website functionality. The Site cannot be used properly without these.
    • Targeting cookies are used to identify if you have used the Site before and may be used to build a profile for visitor interests.
    • Performance cookies are used to see how visitors use the Site but they cannot identify a certain visitor.


    4. How does Cracknell Group store your data?
    Personal Data will be stored in a range of different places, including our servers and our management software Deltek, a cloud-based and ISO 27001 certified Amazon Web Services (AWS) infrastructure. To ensure the utmost security of any flat file data, all Personal Data stored on Cracknell Group’s internal servers is replicated within our own private Microsoft Azure cloud. These data repositories have been carefully configured with an audited access list security to ensure that only authorised personnel can access the Personal Data, therefore, maintaining a high level of data protection and confidentiality.
    Cracknell’ Group’s on-premises file servers, email system, and cloud infrastructures are continuously monitored by the latest AI based cyber-security platform (‘Dark Trace’), to ensure ongoing protection and compliance with evolving security standards and regulations. By leveraging these technologies, we confirm our commitment to securing and safeguarding Personal Data and maintaining compliance with relevant data protection regulations.

    5. Why does Cracknell Group process personal data?
    Cracknell Group has a legitimate interest in processing Personal Data and other data. The information collected by our Site is used to get in touch with you where you wish to contact us in regard to the provision of our Services or for job applications at Cracknell Group. During the recruitment process, Cracknell Group processes Personal Data regarding health, which is described in further detail in our Recruitment Data Protection Policy. We may further use anonymous data to improve the operation of our Site or analyse interest in the areas of our Site. Where Cracknell Group relies on legitimate interests as a reason for processing data, it has considered whether or not those interests are overridden by the rights and freedoms of users of the Site and has concluded that they are not.
    In some cases, Cracknell Group needs to process Personal Data to ensure that it is complying with its legal obligations or use it to respond to subpoena, court order or other such request or to respond to law enforcement agency’s request or as otherwise required by law. Your Personal Data may be provided to a party if Cracknell Group file for bankruptcy, or if there is a transfer of assets or of ownership in connection with proposed or consummated corporate reorganizations such as mergers and acquisitions.

    6. Who has access to data?
    Your Personal Data will be shared internally for the purposes of the recruitment exercise. For further information please refer to our Recruitment Data Protection Policy. Further, Personal Data collected through our other services such as our Newsletter are accessible by Cracknell Group’s IT and Marketing team.

    7. How does Cracknell Group protect Personal Data?
    Cracknell Group takes the security of your data seriously by various hardware and software methodologies. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused, or disclosed, and is not accessed except by the relevant employees of Cracknell Group in the proper performance of their duties.

    8. Your Rights- GDPR and PDLP
    In addition to the foregoing Website Privacy Policy, European Union individuals and individuals accessing the Site in KSA, have certain rights over their Personal Data and data controllers are responsible to fulfilling these rights as follows:
    • request access to their Personal Data held by Cracknell Group as the data controller.
    • request to rectify Personal Data submitted to Cracknell Group or, where appropriate, contact Cracknell Group via the Site
    • request that Cracknell Group erase your Personal Data
    • where Personal Data is processed based on consent, at any time by contacting us or clicking on the unsubscribe link in an email received from Cracknell Group, withdraw your consent;
    • restrict or object to the processing of Personal Data
    • request information about or human intervention into any automated data processing Cracknell Group may undertake.

    9. Exercising your rights
    If you believe that we have not complied with your data protection rights or if you would like to exercise any of your rights, please email

    10. Data breaches and reporting
    If it becomes apparent that a potential data breach has occurred, Cracknell Group will endeavour to report this to the applicable authority within 72 hours of becoming aware of the data breach. This will be the case if the data breach is likely to result in damage to a person’s reputation, financial loss, loss of confidentiality, or major financial or social disadvantage. If the breach is likely to result in a high risk to the rights and freedoms of the data subject, Cracknell Group will also contact the data subject without undue delay.

    11. What if you do not provide Personal Data?
    You are under no statutory or contractual obligation to provide Personal Data to Cracknell Group. However, if you do not provide the information, you may not be able to use all services on the Site where your Personal Data is requested.

    12. Other websites
    Please be aware that our Site may contain links to other sites on the Internet that are owned and operated by third parties. The information practices of such websites are not covered by this policy and Cracknell Group is not responsible for the privacy policy of websites to which it links. If you provide information to such third parties, different rules regarding the collection and use of your Personal Data may apply. We strongly suggest you review such third party’s privacy policies before providing any data to them and should contact these entities directly if you have any questions about the use of the information they collect.

    13. Children
    Cracknell Group does not knowingly collect Personal Data from children under the age of 13. Children are not permitted to use the Site and Cracknell Group requests that children under the age of 13 do not submit any Personal Data to the Site. Since information regarding children under the age of 13 is not collected, Cracknell Group does not knowingly distribute such Personal Data.