images preloader

LUCIDYA IS LOADING

Check your company’s compliance with the Personal Data Protection Law

Starting September 14, 2024, the Personal Data Protection Law (PDPL) will be implemented, which regulates the collection, storage, sharing, and processing of personal data for everyone residing in the Kingdom of Saudi Arabia

If you make use of digital platforms and technical systems in your business, we recommend that you check their compliance with the law.

separator

Lucidya is compliant with national data security and protection regulations

Lucidya complies with stringent standards set by the National Cyber Security Authority (NCA) and the Personal Data Protection Law (PDPL),
as well as passing the Data and Privacy Regulatory programme (SANDBOX), ensuring secure data handling.

separator

Frequently asked questions

The PDPL is legislation that aims to protect the personal privacy of individuals by regulating the collection, processing, storage and use of personal data. The law establishes rules and procedures to ensure the security and confidentiality of personal information.

All companies and organizations that handle personal data of citizens or residents of the Kingdom of Saudi Arabia must comply with the law, regardless of the size of the company or its field of work.

Penalties can range from large fines of up to 3 million Saudi Riyals, to other penalties such as license suspension or company ban from operating. Penalties depend on the nature and extent of the violation.

Yes, the law requires that personal data be stored within the Kingdom of Saudi Arabia. However, there are some limited exceptions that allow the transfer of data outside the Kingdom under certain conditions and after obtaining the approval of the competent authorities.

  1. Internal audit: Conduct a comprehensive review of all personal data collection, processing and storage processes in the facility.
  2. Data storage location: Ensure that all personal data is stored within the Kingdom of Saudi Arabia, unless you have special permission to store outside the Kingdom.
  3. Privacy policies: Review them and make sure they comply with legal requirements and are clear and easy for customers to understand.
  4. Consent mechanisms: Ensure that you obtain explicit consent from individuals before collecting and processing their personal data.
  5. Procedures for responding to data subject requests: Ensure that effective mechanisms are in place to respond to requests for access to, correction of, or deletion of data.
  6. Security measures: Review and evaluate the technical and organizational measures in place to protect personal data from unauthorized access or loss.
  7. Training: Ensure that all employees who handle personal data have received appropriate training on the requirements of the law.
  8. Assessment tools: You can use checklists or self-assessment tools to get a comprehensive view of your level of compliance with the law.
  9. Hire experts: If you are unsure, consider hiring a legal expert or data protection consultant to conduct an external audit.

Click to check your company's compliance

Happy employees, Happy customers

Recognized as a 'Great Place to Work,' we believe a positive workplace culture not only boosts employee happiness but directly enhances customer delight.

SOC

Award-winning platform

Ranked as the highest-rated in our category by users in the MENA region and among the best in the world