The UAE Cabinet Office announced the eagerly awaited Federal Decree-Law No. (45) of 2021 regarding the Protection of Personal Data (“PDPL”) on November 27, 2021 which regulates the data protection of the individual’s personal data it’s the control and processing.
The collection and use of personal data in the UAE is regulated under the PDPL, the country’s first comprehensive federal data privacy law.
On September 20, 2021, the UAE Federal Decree-Law No. 44 of 2021, which established the Emirates Data Office, was also published. The UAE Data Office (“Data Office”) will serve as the organization responsible for enforcing data protection laws and putting PDPL regulations into practice.
The General Data Protection Regulation (“GDPR”) clearly has an impact on the PDPL, which is typically in line with broader international data protection norms and contains important transparency and accountability elements.
The Personal Data Protection Law, which provides proper governance for the best data management and protection, as well as defining the rights and obligations of all parties involved, serves as an integrated framework to ensure the confidentiality of information, and protect the privacy of community members.
The legislation outlines the safeguards for the processing of personal data as well as the basic responsibilities of businesses that handle personal data. These responsibilities include securing personal data and maintaining its privacy and confidentiality.
The important headlines are briefly summarized here, followed by a more in-depth look at the comparison between PDPL and GDPR.
The term “personal data” expressly refers to information about a living individual, including name, voice, picture, social security number, electronic identifier, and location.
When a non-EU organization processes personal data of persons in the EU, the GDPR does not automatically apply; instead, several requirements must be satisfied (targeting or monitoring). In this sense, PDPL is more inclusive.
The Personal Data Protection Law, which provides proper governance for the best data management and protection, as well as defining the rights and obligations of all parties involved, serves as an integrated framework to ensure the confidentiality of information, and protect the privacy of community members.
The legislation outlines the safeguards for the processing of personal data as well as the basic responsibilities of businesses that handle personal data. These responsibilities include securing personal data and maintaining its privacy and confidentiality.
The law forbids the processing of personal data without the owner’s consent, apart from a few circumstances, such as when the processing is required to uphold a legal right or procedure.
The data subject must express their precise, and unquestionable consent by making a statement or taking a clear action, whether in writing or electronically.
All enterprises operating in the UAE and those handling personal data of data subjects residing in the UAE will need to carefully review their operations and make modifications to comply with the new PDPL. Our firm, Mouannes International Service is here to assist you in navigating the PDPL in all its facets.
For more information, please get in touch with us.
info@misconsultants.ae
Tel: 04 381 2021