Table of Contents
Article 1
Article 2
Article 3
Article 4
Article 5
Article 6
Article 7
Article 8
Article 9
Article 10
Article 11
Article 12
Article 13
Article 14
Article 15
Article 16
Article 17
Article 18
Article 19
Article 20
Article 21
Article 22
Article 23
Article 24
Article 25
Article 26
Article 27
Article 28
Article 29
Article 30
Article 31
Article 32
Article 33
Article 34
Article 35
Article 36
Article 37
Article 38
Article 39
Article 40
Article 41
Article 42
Article 43
Article 31
Without prejudice to Article (18) herein, the Controller shall maintain records, for such a period as required under the Regulations, of the Personal Data Processing activities, based on the nature of the activity carried out by the Controller. Such records are to be available whenever requested by the Competent Authority. The records shall contain the following information at a minimum:
- Contact details of the Controller.
- The purpose of the Personal Data Processing.
- Description of the categories of Personal Data Subjects.
- Any other entity to which Personal Data has been, or will be, disclosed.
- Whether the Personal Data has been or will be transferred outside the Kingdom or disclosed to an entity outside the Kingdom.
- The expected period for which Personal Data shall be retained.