Privacy Center
Fully Functional In Minutes
Elegant Consumer Frontend, Fully Automated Backend, Privacy Regulation Intelligent Everywhere.
Email already in use
Looks like this email is already registered with an existing account.
Unexpected error occurred
Looks like there was an error completing your request, Please contact us here for further support.
Please do not close this window while we process your request
Qatar is the first gulf country that has passed a national data privacy law and has paved the way for all other gulf countries to follow suit. In 2016, Qatar enacted Law no. 13 Concerning Personal Data Protection (the “DPL”). Qatar became the first Gulf Cooperation Council (GCC) member state to issue an “European Style” applicable data protection law. The DPL establishes a certain degree of personal data protection, provides data subject rights, and prescribes the guidelines for organizations for the processing of personal data within Qatar.
Furthermore, on 31 January 2021, the Ministry of Transport and Communications (the “MOTC”) released a new set of guidelines on the DPL for regulated organizations as well as guidelines for data subjects.
The solution
SECURITI enables organizations to comply with the Qatar DPL through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.
SECURITI supports enterprises in their journey toward compliance with the Qatar DPL through automation, enhanced data visibility, and identity linking.
See how our comprehensive PrivacyOps platform helps you comply with various articles of the Qatar DPL.
Customize a data subject rights request portal for seamless customer care
Create customized web forms according to your brand image with the DSR request format and accept verified data subject rights requests. Automate the initiation of fulfillment workflows when verified requests are received.
Automate data subject access request handling
Articles: 6, 7, 11(6), 21
Data subjects need to be notified about their data privacy rights and organizations are required to simplify the initiation of verified DSR requests. The automation of the delivery and generation of secure data access reports will greatly reduce the risk of compliance violations and reduce the workforce required to comply with all the requests.
Secure fulfillment of data access
Articles: 6, 21
Disclosure of information to the data subjects within a limited time frame of receiving a verifiable data request is a must for any organization looking to comply. This will be free of charge and delivered through a secure, centralized portal.
Automate processing of rectification requests
Article: 5(4)
With the help of automated data subject verification workflows across all appearances of a subject’s personal data, you can seamlessly fulfill all data rectification requests.
Automate erasure requests
Article: 5(3)
Fulfill data subject’s’ erasure requests, swiftly, through automated and flexible workflows.
Automate objection and restriction of processing requests
Article: 5(2)
Create a framework for restriction and objection of processing handling based on business requirements, with collaborative workflows.
Continuous monitoring and tracking
Articles: 2, 10, 8, 11(7), 22,
Keep track of risks involved by continuously scanning and monitoring data against non-compliance to subject rights, security controls, or data residency.
Automate People Data Graph
Discover personal information stored across all your internal and external systems within the organization and link them back to a unique data subject. Also, visualize personal data sprawl and identify compliance risks.
Meet cookie compliance
Articles: 4, 5(1), 17
Automatically scan the web properties within your organization, categorizing tags, and cookies. Also, build customizable cookie banners, collect consent, and provide a preference center.
Monitor and track consent
Articles: 4, 5(1), 17, 19(3)
Track consent revocation of data subjects to prevent the transfer or processing of data without their consent. Seamlessly demonstrate consent compliance to regulators and data subjects.
Assess Qatar DPL readiness
Articles: 2, 8-13
With the help of our multi-regulation, collaborative, readiness, and privacy impact assessment system, you can gauge your organization's posture against Qatar DPL requirements, identify the gaps, and address the risks. Seamlessly being able to expand assessment capabilities across your vendor ecosystem to maintain compliance against Qatar DPL requirements.
Map data flows
Articles: 23, 24, 25
Track data flows in your organizations, trace this data, catalog, transfer, and document business process flows internally and to service providers or third parties.
Manage vendor risk
Articles: 15, 12
Keep track of privacy and security readiness for all your service providers from a single interface. Collaborate instantly with vendors, automate data requests and deletions, and manage all vendor contracts and compliance documents.
Breach Response Notification
Articles: 11(5), 14
Automates compliance actions and breach notifications to concerned stakeholders in relation to security incidents by leveraging a knowledge database on security incident diagnosis and response.
5 key data subject rights encoded within DPL
Right to withdraw consent
Organizations can process personal data only after obtaining the consent from the data dubjects. The DPL provides data subjects the right to withdraw their prior consent for the processing of personal data.
Right to Access
Data subjects have the right to access and obtain the copy of the personal data. They can also apply to review their personal data.
Right to Rectification
Data subjects have the right to request corrections to the personal data. A correction request shall be accompanied with proof of the accuracy of such request.
Right to be Notified
Data subjects have the right to be notified of processing the personal data and the purposes for which such processing is conducted.
Right to Object
Data subjects have the right to object to processing of the personal data if such processing is not necessary to achieve the purposes for which such personal data have been collected or where such collected personal data are beyond the extent required, discriminatory, unfair or illegal.
Right to Erasure
Data subjects can request omission or erasure of the personal data upon cessation of the purpose for which the processing has been conducted, or where all justifications for maintaining such personal data by the organization cease to exist.
Facts related to Qatar DPL
The DPL incorporates concepts familiar from other international privacy frameworks to protect a consumer's personal data.
Under the DPL, a data controller is responsible for identifying all parties who process personal data on its behalf.
In Qatar, the Compliance and Data Protection department (the “CDP”)at MoTC is responsible for the enforcement of the DPL. .
The MoTC can also impose fines of up to QAR 5 million (US$1.4 million) for violations of certain provisions of the DPL.
There is currently no obligation for organizations in Qatar to appoint a data protection officer under the DPL.
At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.
Copyright © 2023 Securiti · Sitemap · XML Sitemap
Newsletter
Resources
Get in touch
[email protected]
300 Santana Row Suite 450. San Jose,
CA 95128
