Safeguard Your Personal Information with the Personal Data Protection Law.
Personal data protection is a crucial aspect of our digital age, where individuals' private information is vulnerable to cyber threats. It refers to the measures taken to safeguard this information from unauthorized access, use, or disclosure.
Personal Data Protection Law
The Personal Data Protection Law (PDPL) was introduced in July 2018 to provide a legal framework for the access and use of individuals' personal information. The law aims to foster public trust in the security of their personal data when it is in the possession of companies and organizations. The PDPL sets out guidelines and regulations for handling personal data, including how it should be collected, processed, stored, and shared. The Personal Data Protection Law came into effect in 2019, marking a significant step towards protecting individuals' personal information and promoting trust in the digital economy.
The Personal Data Protection Law (PDPL) is a comprehensive regulation that addresses several critical aspects to ensure the security and privacy of individuals' personal information. The law includes the following provisions:
As part of its commitment to establishing legal frameworks that regulate cybersecurity and information security activities, the Kingdom has implemented several laws and regulations. These laws and legislations reflect the Government's dedication to maintaining a secure and protected cyber environment for all citizens. They include the following:
The Personal Data Protection Authority (PDPA) is responsible for ensuring that personal data is processed and used in accordance with legal standards. The Ministry of Justice, Islamic Affairs and Waqf has been appointed to carry out these tasks, as per Cabinet Decision No. (78) of 2020.
Personal data refers to any information that belongs to an identified person or one that can be directly or indirectly identified. This includes any statement that can lead to the identification of an individual, such as their names, ID or passport numbers, phone numbers, membership numbers in any organization, personal photos, copies of documents related to their personal lives or jobs, bank details, or email addresses. All such data is considered protected by the law.
Processing Personal Data
Any individual or entity responsible for receiving and managing personal data is considered a data manager and must follow legal standards while processing it. Any company that receives the personal data of its customers must ensure that it is processed in accordance with personal data protection laws and regulations. It is the responsibility of the data manager to ensure that personal data is processed and used in a lawful, fair, and transparent manner. This includes obtaining the necessary consent from the data owner and ensuring the confidentiality and security of the data.
Use the provided eServices immediately, effortlessly, and around the clock.
Find information about the offered government services across different channels.
Content Last Updated: 23 Aug, 2023