Overview
Elaboration and Developing Privacy Policy Guideline — Ninth: Complaint and Objection Filing Mechanism explains the obligation of the Controller to provide a clear and accessible mechanism for Data Subjects to file complaints and objections related to the processing of their Personal Data.
It also clarifies the information that must be provided about how complaints are handled, the timeframe for processing them, and the option available to Data Subjects to approach the Competent Authority if they are dissatisfied with the Controller’s response.
SDAIA's Official Text
The text below reproduces official PDPL law, regulation, or guideline issued by the Saudi Data & AI Authority, verified against the original SDAIA source. No changes or reinterpretation applied.
Ninth: Complaint and Objection Filing Mechanism
The Controller shall provide a mechanism for filing complaints and objections if there is a complaint by Data Subjects, such as failure to enable them to exercise their rights related to the processing of Personal Data within the period specified in the Clause (Eighth) above, or if there are objections to processing. This can be made by determining the name of the department or division involved in receiving and processing complaints, its contact details, and the period specified for processing such complaints, in addition to providing information about the Competent Authority (Saudi Data & AI Authority) in the event of Data Subjects' dissatisfaction with the results of complaint processing by the Controller.
Plain-Language Explanation
The explanation below is provided to help you understand the SDAIA’s legal text and does not replace or override the official PDPL law, regulation, or guideline.
