saudi-pdpl.com

SAUDI PDPL

BLOG

Menu

FAQ

Table of Contents

Article 1

Article 2

Article 3

Article 4

Article 5

Article 6

Article 7

Article 8

Article 9

Article 10

Article 11

Article 12

Article 13

Article 14

Article 15

Article 16

Article 17

Article 18

Article 19

Article 20

Article 21

Article 22

Article 23

Article 24

Article 25

Article 26

Article 27

Article 28

Article 29

Article 30

Article 31

Article 32

Article 33

Article 34

Article 35

Article 36

Article 37

Article 38

Article 39

Article 40

Article 41

Article 42

Article 43

Article 4

Data Subject shall have the following rights pursuant to this Law and as set out in the Regulations:

  1. The right to be informed about the legal basis and the purpose of the Collection of their Personal Data.
  2. The right to access their Personal Data held by the Controller, in accordance with the rules and procedures set out in the Regulations, and without prejudice to the provisions of Article (9) of this Law.
  3. The right to request obtaining their Personal Data held by the Controller in a readable and clear format, in accordance with the controls and procedures specified by the Regulations.
  4. The right to request correcting, completing, or updating their Personal Data held by the Controller.
  5. The right to request a Destruction of their Personal Data held by the Controller when such Personal Data is no longer needed by Data Subject, without prejudice to the provisions of Article (18) of this Law.

FAQs

Under this law, an individual (Data Subject) has several core rights, which are central to modern data protection regulations like the GDPR. These rights give individuals more control over their personal information. The primary rights include: 

  • The Right to Be Informed You have the right to know the legal basis and purpose for the collection of your personal data. Organizations must be transparent about what data is being collected and why. 
  • The Right to Access You can request access to the personal data an organization (Controller) holds about you. 
  • The Right to Data Portability You have the right to ask for a copy of your personal data in a clear and readable format. This right is similar to the right of data portability in other regulations, which facilitates the transfer of data between service providers. 
  • The Right to Rectification You can request that any inaccurate, incomplete, or outdated personal data be corrected. 
  • The Right to Destruction You can request the deletion of your personal data when it is no longer needed for its original purpose. This is widely known as the “right to erasure” or the “right to be forgotten”. 

You have the right to request the correction, completion, or updating of your personal data. This is often referred to as the “right to rectification“. If you find that the information a controller has about you is inaccurate or incomplete, you can ask for it to be updated.Under regulations like the GDPR, organizations are typically required to respond to such requests within one month.

Yes, the law grants you the right to request the “Destruction” of your personal data. This right applies when the data is no longer needed for the purpose for which it was collected. In other data protection laws like the GDPR, this is called the “right to erasure“. This right can be exercised under certain conditions, such as when you withdraw consent or when the data was processed unlawfully. However, there are exceptions, such as when the data must be retained to comply with legal requirements or to defend a legal claim. 

Article 3
Article 5
Scroll to Top