'Most Innovative Startup 2020' by RSA - Watch the video
Learn MoreOn January 31, 2020, the government of Saudi Arabia issued the Executive Regulations to the Saudi E-Commerce Law 2019 (“ECL”) that was in effect since October 2019. The Executive Regulations together with the ECL (“Law”) aim to protect consumers’ personal data by requiring organizations to take appropriate technical and administrative measures.
SECURITI.ai enables organizations to comply with the ECL through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.
SECURITI.ai supports enterprises in their journey toward compliance with the ECL through automation, enhanced data visibility, and identity linking.
See how our comprehensive PrivacyOps platform helps you comply with various sections of ECL
ECL Article: 4
Fulfill data rectification requests, seamlessly, with the help of automated data subject verification workflows across all appearances of a data subject’s personal data.
ECL Article: 4
Fulfill data subject’s’ erasure requests through automated and flexible workflows.
ECL Article: 5
Keep track of risks against non-compliance to data subjects’ rights by continuously monitoring and scanning consumer personal data.
ECL Article 18(2)(h)
Discover personal information stored across all your systems within the organization and link them back to a unique consumer. Also, allowing visualization of personal data sprawl and identifying compliance risks.
ECL Article: 5(3)
Track consents of consumers and their revocations to ensure that no data is retained for any purposes other than it was originally consented for.
ECL Articles: 5(1) and 5(2)
Measure your organization's posture against ECL requirements with the help of our multi-regulation, collaborative, readiness and privacy impact assessment system. Seamlessly expand assessment capabilities across your intermediary platforms to maintain compliance against ECL requirements.
ECL Article: 5(2)(e) and 18
Track, manage and monitor privacy and security readiness for all service providers and intermediary platforms from a single interface. Collaborate instantly, automate data requests and manage all vendor contracts and compliance documents.
ECL Article: 5(2)(e) and 18
Track, manage and monitor privacy and security readiness for all service providers and intermediary platforms from a single interface. Collaborate instantly, automate data requests and manage all vendor contracts and compliance documents.
ECL Article: 5(2)(c) and 18(2)(g)
Automate compliance actions and breach notifications to concerned stakeholders with regards to security incidents by leveraging a knowledge database on security incident diagnosis and response.
Rectification: The consumer has the right to correct an error in electronic communications if the consumer notifies the service provider of the error within 24 hours of the time the electronic communications are sent.
Information: The consumer has the right to know identifying information and contact details of the service provider and e-store and the characteristics of services or goods provided electronically.
Revocation: The consumer has the right to request suspension or unsubscribe from electronic advertisements.
Termination: Consumers have the right to cancel any e-contract within 7 days of the delivery of products or services provided that those products or services are not used. Consumers can also terminate any e-contract if delivery of the products or services is delayed beyond 15 days.
Purpose: A controller cannot use consumers’ personal data for any other purpose without the express consent of the consumer, other than the purpose it was obtained for.
1
The ECL is considered a historical phase
for Saudi Arabia in its national economy.
2
The ECL applies to e-commerce service providers providing goods or services to consumers in Saudi Arabia, even if they are NOT based in Saudi Arabia.
3
Under the ECL, service providers must notify the Ministry of Commerce and Investment if a personal data breach takes place within three days from the knowledge of the breach.
4
The severity of penalties depends on the nature of the violation, ranging from a fine up to a maximum of one million Saudi Riyals.
[email protected]
PO Box 13039,
Coyote CA 95013
Find data assets, and discover personal and sensitive data in structured and unstructured data systems, across on-premises and multi-cloud.
Classify & label data to ensure appropriate security controls are enabled on most sensitive data in your organization
Collect, organize, enrich and build a data catalog to address privacy, security and governance solutions
Connect to structured and unstructured data sources and automatically discover and build a relationship map between personal data and its owner.
Assess risk scores for every data asset, asset location, or personal data category
Auto discover personal data in Snowflake and enforce access governance
Auto discover personal data in Snowflake and enforce access governance
Discover, classify, manage and protect sensitive data in Box. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Slack. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more
Discover, classify, manage and protect sensitive data in Workday. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Github. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Jira. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Dropbox. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in SAP Successfactors. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Servicenow. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Zendesk. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Apache Hive. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Apache Spark SQL. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Cassandra. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Discover, classify, manage and protect sensitive data in Couchbase. Automate data subject rights fulfillment and maintain compliance with regulations such as GDPR, CCPA, LGPD, PCI and more.
Maintain your Data Catalog with continuous automated updates
Automate data subject rights request fulfillment and maintain proof of compliance
Connect to structured and unstructured data sources and automatically discover and build a relationship map between personal data and its owner.
Audit once and comply with many regulations. Collaborate and track all internal assessments in one place.
Automation of privacy assessment collection from third parties, collaboration among stakeholders, follow-ups and compliance analytics.
Automate global cookie consent compliance.
Simplify and automate universal consent management.
Automate the incident response process by gathering incident details, identifying the scope and optimizing notifications to comply with global privacy regulations.