Skip to content

Personal Data Protection Law (PDPL)
PDPL Implementing Regulation
Regulation on Personal Data Transfer

Personal Data Protection Law (PDPL)
PDPL Implementing Regulation
Regulation on Personal Data Transfer

PDPL Compliance Services

Saudi Personal Data Protection Law (KSA PDPL)

PDPL Implementing Regulation

Regulation on Personal Data Transfer outside the Kingdom

Rules for Appointing Personal Data Protection Officer (DPO)

Rules Governing the National Register of Controllers Within the Kingdom

Personal Data Breach Incidents Procedural Guide

Standard Contractual Clauses (SCCs) For Personal Data Transfer

Guidelines for Binding Common Rules (BCR) for Personal Transfer

Risk Assessment Guideline for Transferring Personal Data Outside the Kingdom

Personal Data Destruction, Anonymization, and Encryption Guideline

Personal Data Processing Activities Records Guideline (RoPA)

Minimum Personal Data Determination Guideline

Elaboration and Developing Privacy Policy Guideline

No posts found

PDPL Implementing Regulation

PDPL Implementing Regulation Article 1 – Definitions

PDPL Implementing Regulation Article 2 – Personal or Family Use

PDPL Implementing Regulation Article 3 – General Provisions of Data Subject Rights

PDPL Implementing Regulation Article 4 – Right to be Informed

PDPL Implementing Regulation Article 5 – Right of Access to Personal Data

PDPL Implementing Regulation Article 6 – Right to Request Access to Personal Data

PDPL Implementing Regulation Article 7 – Right to Request Correction of Personal Data

PDPL Implementing Regulation Article 8 – Right to Request Destruction of Personal Data

PDPL Implementing Regulation Article 9 – Anonymisation

PDPL Implementing Regulation Article 10 – Means of Communication

PDPL Implementing Regulation Article 11 – Consent

PDPL Implementing Regulation Article 12 – Consent withdrawal

PDPL Implementing Regulation Article 13 – Legal Guardian

PDPL Implementing Regulation Article 14 – Processing to Serve the Actual Interest of Data Subject

PDPL Implementing Regulation Article 15 – Collecting Data from Third Parties

PDPL Implementing Regulation Article 16 – Processing for Legitimate Interest

PDPL Implementing Regulation Article 17 – Choosing the Processor

PDPL Implementing Regulation Article 18 – Further Processing of Personal Data

PDPL Implementing Regulation Article 19 – Data Minimisation

PDPL Implementing Regulation Article 20 – Disclosure of Personal Data

PDPL Implementing Regulation Article 21 – Controls for Processing Personal Data for Public Interest Purposes

PDPL Implementing Regulation Article 22 – Correction of Personal Data

PDPL Implementing Regulation Article 23 – Information Security

PDPL Implementing Regulation Article 24 – Notification of Personal Data Breach

PDPL Implementing Regulation Article 25 – Impact Assessment

PDPL Implementing Regulation Article 26 – Processing Health Data

PDPL Implementing Regulation Article 27 – Processing Credit Data

PDPL Implementing Regulation Article 28 – Processing Data for Advertising or Awareness Purposes

PDPL Implementing Regulation Article 29 – Direct Marketing

PDPL Implementing Regulation Article 30 – Collection and Processing of Data for Scientific, Research, or Statistical Purposes

PDPL Implementing Regulation Article 31 – Photographing or Copying Official Documents that Reveal the Identity of Data Subjects

PDPL Implementing Regulation Article 32 – Data Protection Officer

PDPL Implementing Regulation Article 33 – Records of Personal Data Processing Activities

PDPL Implementing Regulation Article 34 – National Register of Controllers

PDPL Implementing Regulation Article 35 – Accreditation Bodies

PDPL Implementing Regulation Article 36 – Auditing

PDPL Implementing Regulation Article 37 – Filing and Processing Complaints

PDPL Implementing Regulation Article 38 – Publication and Enforcement

No posts found

“The Saudi Personal Data Protection Law (PDPL), issued under Royal Decree M/19 (2021) and amended by M/148 (2023), establishes the legal framework for personal data protection in the Kingdom under the supervision of SDAIA.”

KSA PDPL enforcement is active since 14 September 2024. Controllers and Processors must ensure continued compliance or risk penalties.

Linkedin Huge-mail-01 Mobile-alt

We are here to help! Whether you are just starting your PDPL compliance journey or exploring options like DPO-as-a-Service or a PDPL external Audit, Hala Privacy is ready to answer your questions and guide you every step of the way.

COMPANY

Talk to PDPL Experts
Refer & Earn
Founders
About
Join

PDPL TOPICS

Personal Data Discovery
Vendor Risk Assessment
Privacy by Design
PDPL Training

PDPL RESOURCES

PDPL GAP Assessment
PDPL Case Studies
PDPL Newsletter
PIA Template
PDPL Guide
PDPL FAQ

PDPL COMPLIANCE

PDPL Implementation
DPO as a Service
PDPL Audit

Copyright © KSAPDPL | All Rights Reserved

This website is not affiliated with, endorsed by, or authorized by the Saudi Data & AI Authority (SDAIA).

Privacy Notice
Sitemap
Legal Notice

Scroll to Top

Hala! Simply type the PDPL article number or keyword to search