Saudi Arabia’s Personal Data Protection Law (PDPL)

Customize a Data Subject Rights Request Portal for Seamless Customer Care

Create customized web forms according to your brand image with the DSR request format and accept verified data subject rights requests. Automate the initiation of fulfilment workflows when verified requests are received.

Automate Data Subject Request Handling

Articles: PDPL 4; Implementing Regulation 3, 4, 5, 6, 7, 8

Data subjects need to be notified about their data privacy rights, and organizations are required to simplify the initiation of verified DSR requests. Automating the delivery and generation of secure data access reports will greatly reduce the risk of compliance violations and reduce the workforce required to comply with all requests.

Automate Processing of Rectification/Completion & Updation Requests

Articles: PDPL 4(4), 17; Implementing Regulation 7

With the help of automated data subject verification workflows across all appearances of a subject’s personal data, you can seamlessly fulfil all personal data rectification, completion, and updation requests.

Automate People Data Graph

Articles: PDPL 31; Implementing Regulation 33

Discover personal information stored across all your internal and external systems within the organization and link them back to a unique data subject. Also, visualize personal data sprawl and identify compliance risks.

Meet Cookie Compliance

Articles: PDPL 5, 6, 7; Implementing Regulation 11, 12

Automatically scan the web properties within your organization, categorizing tags and cookies. Also, build customizable cookie banners, collect consent, and provide a preference center.

Monitor and Track Consent

Articles: PDPL 5, 6, 7, 10(1), 15(1), 24(1), 25(1), 26, Implementing Regulation 11, 12, 13 Personal Data Transfer Regulation Outside the Kingdom 2.

Track consent revocation of data subjects to prevent the transfer or processing of data without their consent. Seamlessly demonstrate consent compliance to regulators and data subjects and fulfill any consent revocation requests

Map Data Flows

Articles: PDPL 19, 28, 30, Implementing Regulations 28, 29, 30, 31, Personal Data Transfer Regulations Outside the Kingdom 2, 4, 5

Track data flows in your organizations, trace this data, catalogue, transfer, and document business process flows internally and to service providers or third parties in and outside the Kingdom. Additionally, the controller must take appropriate measures to ensure that its employees are all adequately trained and informed of the PDPL’s provisions related to the rights of individuals and breach notification/security threat procedures.

Breach Response Notification

Articles: PDPL 20; Implementing Regulations 23, 24

Automates compliance actions and breach notifications to concerned stakeholders in relation to security incidents by leveraging a knowledge database on security incident diagnosis and response.

Privacy Policy and Notice Management

Articles: PDPL 4(1), 12, 13 Implementing Regulation 4(3)

Automate how you publish your privacy notices with the help of pre-built templates to make the process faster. Enable centralized management by tracking and monitoring privacy notices to maintain compliance.