Who is Data Fiduciary? A data fiduciary is any entity or individual that determines the purposes and means of processing personal data. Under the Digital Personal Data Protection Bill India, data fiduciaries are responsible for complying with the provisions of the law in respect of any processing undertaken by them or on their behalf by … Read more
The Joint Parliamentary Committee submitted its report on the Digital Personal Data Protection Bill, recommending the inclusion of “consent managers” in the upcoming Data Protection Act. The bill defines consent managers as a “Data Fiduciary which enables a Data Principal to give, withdraw, review and manage his consent through an accessible, transparent and interoperable platform.” … Read more
Points: Deemed consent can be useful in situations where obtaining explicit consent is impractical or impossible, such as when a data principal voluntarily provides personal data to a data fiduciary. This provision ensures that data fiduciaries can process personal data in certain circumstances without having to obtain explicit consent, which can save time and resources. … Read more
7. Consent(1) Consent of the Data Principal means any freely given, specific, informed and unambiguous indication of the Data Principal’s wishes by which the Data Principal, by a clear affirmative action, signifies agreement to the processing of her personal data for the specified purpose. For the purpose of this sub-section, “specified purpose” means the purpose … Read more
5. Grounds for processing digital personal dataA person may process the personal data of a Data Principal only inaccordance with the provisions of this Act and Rules made thereunder, for alawful purpose for which the Data Principal has given or is deemed to havegiven her consent in accordance with the provisions of this Act.For the … Read more
In this Act: –(1) unless the context otherwise requires, a reference to “provisions of this Act” shall be read as including a reference to Rules made under this Act. The first part of this section is stating that when the Act refers to “provisions of this Act,” it also includes any rules that are made … Read more
Saudi Arabia has joined the list of countries that have implemented a Personal Data Protection Law (PDPL). Under the PDPL, companies must obtain the consent of individuals before collecting their personal data. They must also provide clear and concise information about the purpose of collecting the data and how it will be used. The law … Read more
In this blog, we will get an understanding of Saudi Arabia’s PDPL, along with its key provisions and considerations for compliance The PDPL provides that it shall apply to the processing of personal data by companies or public entities, by any means, that (Article 2(1) of the PDPL): The PDPL applies to companies and public … Read more
Saudi Arabia’s Personal Data Protection Law (PDPL), was implemented by Royal Decree M/19 of 17 September 2021 and published in the Official Gazette on 24 September 2021. A draft of the executive regulations that supplement the PDPL was issued on 10 March 2022, and further details were added to the law. In this blog, we … Read more
2. (7) “Data Processor” means any person who processes personal data on behalf of a Data Fiduciary; The term “Data Processor” in this bill refers to any person or entity that processes personal data on behalf of a Data Fiduciary. A Data Processor could include service providers, contractors, or other third-party entities that are engaged … Read more