⚙️Live webinar: AI governance in controlled environments: The next compliance challenge. Register now
MarketplacePrivacyUAE Personal Data Protection Law
PrivacyLaw

UAE Personal Data Protection Law

Federal Decree Law No. 45 of 2021 Regarding the Protection of Personal Data

The UAE Personal Data Protection Law establishes an integrated framework to ensure the confidentiality of information and protect individual privacy in the UAE. It governs the processing of personal data, defines the rights of data owners, sets requirements for cross-border data transfer, and outlines obligations for businesses handling personal data.

Book your strategy callView source ↗

Overview

The UAE Personal Data Protection Law (Federal Decree Law No. 45 of 2021) applies to the processing of personal data within and outside the UAE via electronic systems. Key provisions include requiring consent for data processing, outlining obligations for data controllers to secure and maintain confidentiality, and granting individuals the right to correct, restrict, or stop the processing of their data. The law establishes controls for cross-border data sharing and applies exceptions to processing for public interest or legal procedures. It came into force on January 2, 2022, and was developed in collaboration with private sector technology companies. The UAE Data Office is tasked with overseeing its implementation, issuing guidance, and handling complaints.

Related in Privacy

PrivacyRegulation

India - (DPDP) Rules — India - Digital Personal Data Protection (DPDP) Rules

The Digital Personal Data Protection Rules, 2025 operationalize India’s Digital Personal Data Protection Act, 2023 by establishing detailed requirements for the collection, processing, storage, and protection of digital personal data. The Rules define obligations for organizations handling personal data, including consent management, breach notifications, data retention, and protections for children and vulnerable individuals. They also establish governance mechanisms such as the Data Protection Board and provide a phased implementation timeline for compliance.

Government of India • v2025

View details
PrivacyLaw

India - PDPD Act — India - Digital Personal Data Protection (PDPD) Act (Act No. 22 of 2023)

The Digital Personal Data Protection Act, 2023 (Act No. 22 of 2023) establishes India’s legal framework for processing digital personal data while balancing individuals’ privacy rights with lawful data use. The Act defines obligations for organizations handling personal data, grants rights and duties to individuals, and introduces requirements for consent, data protection, and breach accountability. It also establishes the Data Protection Board of India to oversee compliance, adjudication, and enforcement of penalties for violations.

Government of India • India • v2023

View details
PrivacyLaw

Privacy Act

The Privacy Act of Canada governs the collection, use, retention, and disclosure of personal information by federal government institutions. It ensures that individuals have the right to access and correct their personal information held by the government.

Government of Canada • Canada

View details
PrivacyLaw

Qatar PDPPL — Qatar Personal Data Privacy Protection Law (Law No. (13) of 2016)

The Qatar Personal Data Privacy Protection Law (PDPPL), formally Law No. 13 of 2016, is the primary data protection framework in Qatar. It governs how organizations collect, process, store, transfer, and secure personal data belonging to individuals in the country.

Qatar National Cyber Security Agency (NCSA) • Qatar

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks — automatically.

Book your strategy call