KSAPDPL.COM

PDPL Compliance Services
PDPL Compliance in 4 Weeks
Start with PDPL Consulting
at HalaPrivacy.com

Table of Contents

← PDPL Compliance Ecosystem

The Rules Governing the National Register of Controllers Within the Kingdom – Introduction
The Rules Governing the National Register of Controllers Within the Kingdom Article 1 – Definitions
The Rules Governing the National Register of Controllers Within the Kingdom Article 2 – Scope and Objective
The Rules Governing the National Register of Controllers Within the Kingdom Article 3 – Controller Delegate Appointment
The Rules Governing the National Register of Controllers Within the Kingdom Article 4 – Registration Procedures
The Rules Governing the National Register of Controllers Within the Kingdom Article 5 – Profile Data
The Rules Governing the National Register of Controllers Within the Kingdom Article 6 – Circumstances for Appointing a Personal Data Protection Officer (DPO)
The Rules Governing the National Register of Controllers Within the Kingdom Article 7 – Information of the Personal Data Protection Officer (DPO)
The Rules Governing the National Register of Controllers Within the Kingdom Article 8 – Obligations
The Rules Governing the National Register of Controllers Within the Kingdom Article 9 – Representative Replacement
The Rules Governing the National Register of Controllers Within the Kingdom Article 10 – Registration Certificate Issuance
The Rules Governing the National Register of Controllers Within the Kingdom Article 11 – Making Registration Certificate Available to the Public
The Rules Governing the National Register of Controllers Within the Kingdom Article 12 – Services Provided on the Platform
The Rules Governing the National Register of Controllers Within the Kingdom Article 13 – Review and Amendment
The Rules Governing the National Register of Controllers Within the Kingdom Article 14 – Enforcement

The Rules Governing the National Register of Controllers Within the Kingdom Article 9 – Representative Replacement

  • This article is verified from SDAIA
  • halaprivacy.com
  • Updated: December 23, 2025
ChatGPT
Gemini Gemini
Claude Claude
Perplexity Perplexity

Overview

The Rules Governing the National Register of Controllers Within the Kingdom Article 9 sets out the formal procedures for replacing a Controller’s representative on the National Data Governance Platform.

It distinguishes between public and private Controllers and establishes the official communication channels required to ensure that representative changes are properly recorded and validated by the Competent Authority (SDAIA).

SDAIA's Official Text

The text below reproduces official PDPL law, regulation, or guideline issued by the Saudi Data & AI Authority, verified against the original SDAIA source. No changes or reinterpretation applied.

Article 9: Representative Replacement

  1. The public Controller must communicate with the Competent Authority if it wishes to replace the representative, using the official means of communication available on the Platform.

  2. If the private Controller wishes to replace the representative, they should use the form available on the Platform.

Plain-Language Explanation

The explanation below is provided to help you understand the SDAIA’s legal text and does not replace or override the official PDPL law, regulation, or guideline.

Article 9(1)

Replacement of a Representative for Public Controllers

This provision requires public Controllers to formally communicate with the Competent Authority when they intend to replace their designated representative. The communication must be carried out using the official channels provided through the Platform, ensuring oversight, traceability, and regulatory validation of the change.

Article 9(2)

Replacement of a Representative for Private Controllers

Private Controllers are permitted to replace their representative by submitting the designated form available on the Platform. This mechanism enables private Controllers to manage representative changes through a structured and standardized process while ensuring that the National Register remains accurate and up to date.

Saudi Personal Data Protection Law Compliance Services (KSA PDPL)

KSA PDPL Compliance Implementation

Achieve PDPL Compliance in 4 weeks or less.

Data Protection Officer As A Service (DPOaaS)

Let us handle your daily PDPL Compliance Operations.

KSA PDPL Compliance Audit (External)

Audit your PDPL compliance obligations.

Scroll to Top