DIFC
  • Stay up-to-date with DIFC’s response to Covid-19
  • Read more

Comprehensive Data Protection Guidance & Assessment Tools

 

Guidance and Handbooks

The guidance documents and tools on this page provide important insights on interpretation of DIFC DP Law 2020.  Please note that some guidance documents or handbooks may be repeated under certain headings as they cover elements of several important data protection concepts. 

Also, please note that the Commissioner's guidance and handbooks are not meant to express an opinion on lawfulness of specific business activities, nor do they have the force of law, and are not intended to constitute legal advice. Please contact legal counsel for assistance in determining data protection and privacy policies in respect of the topics addressed below, to ensure compliance with the applicable laws and regulations. The Commissioner does not make any warranty or assume any legal liability for the accuracy or completeness of the information herein as it may apply to the particular circumstances of an individual or a firm.  

 


General Requirements for DP Law 2020


Lawful Processing


Accountability & Notifications


Data Protection Officers


Risk Assessments (DPIAs, DPO Annual Assessment)


Obligations of Controllers & Processors


Data Export & Sharing


Information Provision & Rights of Individuals


Personal Data Breaches


Remedies, Liability and Sanctions


Data Protection Tuesday Talks


External Guidance, Policies & Other Presentations


Data Protection Assessment Tools

Please note that these assessment tools are not meant to express an opinion on lawfulness of specific business activities, the outcomes provided do not have the force of law, and they are not intended to constitute legal advice. Please contact legal counsel for assistance in determining data protection and privacy policies in respect of the topics addressed below, to ensure compliance with the applicable laws and regulations. The Commissioner does not make any warranty or assume any legal liability for the accuracy or completeness of the information herein as it may apply to the particular circumstances of an individual or a firm.  


DP Assessment Tool – Applicability
Conduct assessment

DP Assessment Tool – Notifications to the Commissioner of Processing Operations
conduct assessment

DP Assessment Tool – Data Protection Officers
conduct assessment

DP Assessment Tool - Privacy Notices (Articles 29 & 30)
Conduct Assessment

DP Assessment Tool - High Risk Processing
conduct assessment

DP Assessment Tool - EDMRI+ Due Diligence Assessment
Conduct Assessment

DP Assessment Tool – Data Export / International Transfers
conduct assessment

DP Assessment Tool - Article 28 Data Sharing
conduct assessment

DP Assessment Tool - Rights Request Response Assessment
Conduct Assessment

DP Assessment Tool – Personal Data Breach Reporting Obligations
Conduct Assessment

DP Assessment Tool - Marketing and Electronic Communications
Conduct Assessment

For better web experience, please use the website in portrait mode