The concept of legal framework concerning protection of personal data is not new but the same is gaining momentum globally and most of the countries have either implemented specific piece of legislation or are in the process to develop a specific law on the subject matter. Legal framework on protection of personal data has got its very roots to protect the privacy of the natural persons. For this purpose, the legal frameworks worldwide confer extensive rights to the natural persons (commonly named “data subjects”) and the users of the personal information of the natural persons (commonly named “data controllers” or “data processers”) are put to stringent obligations to protect the rights of the data subjects. The third pillar besides “data subjects” and “data controllers/data processers”, concerning personal data protection, is a regulatory body who is to enforce and implement the subject law.
In United Arab Emirates, the following laws are relevant for the purposes of personal data protection:
- Federal Decree Law No. 45 of 2021
- Data Protection Regulations 2021 (of Abu Dhabi Global Market)
- Data Protection Law 2020 (of Dubai International Financial Centre)
Our services, in this regard, tend to develop and implement appropriate and focused data privacy practices that adequately fits peculiar circumstances of respective client. Our methodology concerning privacy practices involves advising on standards based on laws, regulations and general privacy principles, processes and procedures to comply with the incumbent obligations.
Our Services
Situational Analysis & Compliance Framework
- Development of Compliance Framework
- Initial Assessment
- Gap identification between Initial Assessment and Compliance Framework
- Advisory on filling the Gaps
- Implementation of Compliance Framework
Awareness & Orientation
- Basic awareness workshops for employees and management
- Capacity Building
- Specific Training Sessions
- Advisory
- Application & Scope of principles
- Compliance management
- Reg Tech
- Development & Review of Documentation (Polices & Procedures, Notices etc)
- Breach Reporting
- External Data Protection Officer services
Health Check
- Compliance Review
- Risk Assessment
- Compliance Profiling
- Remediation