DIFC Data Protection Law

The DIFC Data Protection Law (DIFC Law No. 5 of 2020) has been effective since 1 July 2020 and enforceable as of 1 October 2020. The DIFC law aims to safeguard the personal data of individuals whose data is processed by DIFC registered entities. It is heavily influenced by the EU General Data Protection Regulation (GDPR) as well as other world-class data protection laws.

Some of the key features of the new law include the clarification of data subjects’ rights, the facilitation of appropriate data sharing structures between governmental authorities, as well as the introduction of a framework that will support the DIFC’s bid for adequacy recognition by the European Commission and the UK, which will enable data transfers from the DIFC to the EU and the UK. 

Organisations may be subject to fines for non-compliance.

security picto red

Assess your ability to comply with the Law

In partnership with DIFC, we have launched a tailored online DIFC data privacy law self-assessment. The self-assessment has been developed in line with PwC’s internationally-established data protection framework, and tailored to the specifics of the DIFC law to enable you to determine your organisation’s maturity against the law’s requirements. 

This comprehensive assessment takes you through all key areas of the DIFC data privacy law in detail, and provides you with a bespoke report outlining where your organisation currently stands, and what steps are needed in order to become compliant.

Powered by our Digital Trust Manager: Assess platform, the tool uses business intelligence and data visualisation to help organisations take control of their data privacy risks.

In partnership with:

difc partnership logo
Qatar Data Protection Law  difc

Results dashboard
Clear visuals demonstrate current status versus the target maturity level.

Bespoke recommendations for improvement

Bespoke recommendations for improvement
Receive bespoke recommendations on how to progress from your current status to your target maturity level.

Contact the team

Speak to our local multidisciplinary team of data privacy experts to determine the best approach to managing data privacy in your organisation.

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Contact us

Phil Mennie

Phil Mennie

Partner, Digital Trust, PwC Middle East

Tel: +971 (0) 56 369 7736

Richard Chudzynski

Richard Chudzynski

Data Privacy and Protection Legal Leader, PwC Legal Middle East

Tel: +971 (0)56 417 6591

Follow us