Rules for Appointing Personal Data Protection Officer Article 7 requires that once a Data Protection Officer is appointed, the Controller must ensure that their contact information is both accessible to data subjects and shared with the Competent Authority (SDAIA). This facilitates communication with data subjects and enables regulatory oversight. If the DPO’s contact details change, the update must be made promptly through the National Data Governance Platform.
DPO contact details must be shared with both data subjects and SDAIA, and updated as needed.
Rules for Appointing Personal Data Protection Officer Article 7 (1)
Public Accessibility
The Controller must provide a clear and accessible means of communication with the DPO for data subjects.
Rules for Appointing Personal Data Protection Officer Article 7 (2)
Notify SDAIA
The Controller must provide the competent authority with the DPO’s contact details immediately upon their appointment, through the National Data Governance Platform, and update these details when the DPO changes.
Explanation of Rules for Appointing Personal Data Protection Officer Article 7
For data subjects:
Rules for Appointing Personal Data Protection Officer Article 7 (1) says that the Controller must make the DPO’s contact information easy to access for individuals who want to exercise their rights.
Regulatory notification:
Rules for Appointing Personal Data Protection Officer Article 7 (2) says that the Controller must submit the DPO’s contact details to SDAIA via the National Data Governance Platform and keep it updated.
