Overview
PDPL Implementing Regulation Article 28 establishes the rules for sending advertising or awareness materials to individuals, particularly when there is no prior interaction with the Controller. It defines how consent must be collected, documented, and respected, and it mandates transparent communication practices, clear sender identification, and simple opt-out mechanisms.
The Article strengthens Data Subject control over marketing communication, ensures compliance with the Telecommunication and Information Technology Act, and prevents misleading or intrusive advertising practices.
SDAIA's Official Text
The text below reproduces official PDPL law, regulation, or guideline issued by the Saudi Data & AI Authority, verified against the original SDAIA source. No changes or reinterpretation applied.
Article 28: Processing Data for Advertising or Awareness Purposes
- Controller shall obtain the Consent from the targeted recipient before sending advertising or awareness material in case of the absence of a prior interaction between the Controller and the targeted recipient.
- Conditions for obtaining the targeted recipient's consent for advertising or awareness materials shall be as follows:
- Consent shall be given freely, and no misleading methods shall be used to obtain it.
- Targeted recipient shall be enabled to specify the options related to advertising or awareness material subject to consent.
- Consent of a targeted recipient consent shall be documented in a manner that can be verified in the future.
- Without prejudice to the Telecommunication and Information Technology Act or any other related laws, before using communication methods for the purpose of sending advertising or awareness materials, including the post and email of the Data Subject, the Controller shall commit to the following:
- Clearly mention sender's name without hiding their identity.
- Provide a mechanism that enables the Data Subject to opt out of receiving advertising and awareness materials when desired, and ensure that the procedures for opting out of receiving such materials are easy, straightforward, and at least as easy as the procedures for giving consent to receive them.
- Stop sending advertising or awareness materials as soon as the target recipient requests it.
- The cessation of receiving advertising or awareness materials shall be free of charge.
- Keep material evidence of consent from the targeted recipient to receive advertising or awareness materials.
Plain-Language Explanation
The explanation below is provided to help you understand the SDAIA’s legal text and does not replace or override the official PDPL law, regulation, or guideline.
