PDPL (UAE Personal Data Protection Law)
قانون حماية البيانات الشخصية
The PDPL is the UAE's federal data protection law, issued in 2021 as Federal Decree-Law No. 45 of 2021. Conceptually similar to Europe's GDPR, it requires a lawful basis — typically consent or defined exceptions — for processing personal data, grants individuals rights of access, correction, deletion and objection, restricts cross-border data transfers, and mandates breach notification. It applies to businesses processing data of people in the UAE, while the DIFC and ADGM apply their own, older data protection regimes inside their zones. A federal Data Office is designated as regulator, with executive regulations completing the framework. Companies meet the PDPL in privacy policies, HR data handling, marketing consent and vendor contracts. Lawyers advise on compliance programmes, data processing agreements, transfer mechanics and the interplay between federal, DIFC and ADGM rules.
Also in
قانون حماية البيانات الشخصية هو القانون الاتحادي لحماية البيانات في الإمارات، الصادر بالمرسوم بقانون اتحادي رقم 45 لسنة 2021. وهو قريب في فلسفته من اللائحة الأوروبية لحماية البيانات، إذ يشترط أساساً قانونياً لمعالجة البيانات الشخصية وفي مقدمته الموافقة، ويمنح الأفراد حقوق الاطلاع والتصحيح والمحو والاعتراض، ويقيد نقل البيانات عبر الحدود، ويوجب الإبلاغ عن الاختراقات. ويسري على المنشآت التي تعالج بيانات الأشخاص في الدولة، بينما يطبق مركز دبي المالي وسوق أبوظبي العالمي نظاميهما الخاصين. ويعمل المحامون على برامج الامتثال واتفاقيات معالجة البيانات وآليات النقل.
Related terms
Penal Code
The UAE Penal Code — currently Federal Decree-Law No. 31 of 2021 on the Issuance of the Crimes and Penalties Law, which
Payment Order
A payment order is a fast-track procedure in UAE civil procedure for collecting debts that are confirmed in writing and
TDRA (Telecommunications & Digital Government Regulatory Authority)
The TDRA is the federal authority that regulates the UAE telecommunications sector and drives the digital government age
VARA (Virtual Assets Regulatory Authority)
VARA is Dubai's dedicated regulator for virtual assets — the world's first standalone crypto authority, established by D
90-Day Notice
The 90-day notice is the written notice a party — in practice almost always the landlord — must give before a Dubai tena
Absconding Case
An absconding case (bulaq taghayyub) is a formal report filed by a UAE employer or sponsor with the Ministry of Human Re
Related legislation
Need advice on this?
Contact a verified UAE lawyer specialised in this area, or ask the AI assistant first.