PDPL Article 41, says that anyone who processes personal data—whether as part of a job, a service, or a contractual relationship—must maintain confidentiality. This obligation doesn’t end when their employment or contract ends. Protecting personal data is a continuing duty, even after the person leaves the role in which they accessed the data.
Saudi PDPL Article 41
Confidentiality Survives Exit
Any person that engages in the Processing of Personal Data shall protect the confidentiality of the Personal Data even after the end of such person’s occupational or contractual relationship.
Explanation of Saudi PDPL Article 41
Confidentiality duty applies even after relationship ends
Saudi PDPL Article 41 says, anyone who handles personal data must keep it confidential—even after they leave the job or contract where they accessed the data.
