Overview
PDPL Implementing Regulation Article 10 sets out the communication methods a Controller must make available for Data Subjects to exercise their rights (DSR).
It requires the Controller to provide appropriate channels and gives the Data Subject the choice to use any of the available methods, including electronic and traditional communication formats.
SDAIA's Official Text
The text below reproduces official PDPL law, regulation, or guideline issued by the Saudi Data & AI Authority, verified against the original SDAIA source. No changes or reinterpretation applied.
Article 10: Means of Communication
The Controller is required to provide appropriate means to process requests related to Data Subject rights as stipulated in the Law. The Data Subject shall have the choice to use one or many among the following means according to their preference considering options made available by the Controller:
- E-mail.
- Text messages.
- The national address.
- Communication via electronic applications.
- Any other communication mean provided by the Controller for this purpose.
Plain-Language Explanation
The explanation below is provided to help you understand the SDAIA’s legal text and does not replace or override the official PDPL law, regulation, or guideline.
Article 10
Providing Communication Channels
This provision requires the Controller to provide appropriate means to process requests related to Data Subject rights as stipulated in the Law. It confirms that the Data Subject may choose one or multiple communication methods from the options provided by the Controller.
It establishes flexibility for the Data Subject while ensuring that the Controller offers channels suitable for submitting rights requests.
Article 10 (1)
Use Of Email
This provision states that email is one communication method the Data Subject may use. It identifies email as one of the available channels for submitting rights requests.
Article 10 (2)
Use Of Text Messages
This provision identifies text messages as another method through which the Data Subject may submit rights requests. It adds mobile messaging to the supported communication options.
Article 10 (3)
Use Of National Address
This provision states that the national address may be used for communication regarding rights requests. It provides a physical addressing method as part of the available choices.
Article 10 (4)
Electronic Application Channels
Article 10 (5)
Permit Any Other Suitable Method
This provision states that any other communication method provided by the Controller for this purpose may be used by the Data Subject. It allows for additional channels created by the Controller beyond the ones explicitly listed.
