Data Protection in Qatar

Data protection laws in Qatar

Note: Please also see Qatar Financial Center (a business center located on-shore in Qatar with its own regulations separate from those of the State of Qatar, including separate data protection regulations).

This overview is based on an unofficial English translation of the Law No. (13) of 2016 Concerning Personal Data Protection. The Qatar government does not issue official English translations of the laws of the State of Qatar.

Qatar has implemented Law No. (13) of 2016 Concerning Personal Data Protection ("the Data Protection Law"). 

With its Data Protection Law – adopted in 2016 – Qatar became the first Gulf Cooperation Council (GCC) member state to issue a generally applicable data protection law.

The Data Protection Law is supplemented with a set of regulatory guidelines issued by the National Cyber Governance and Assurance Affairs (NCGAA) of the National Cyber Security Agency. The guidelines incorporate concepts from EU privacy regulatory frameworks and seek to clarify obligations under, and address matters that are not dealt with in, the Data Protection Law. The introduction of these guidelines provide a mechanism for which those subject to the Data Protection Law would be able to better understand their obligations under the Data Protection Law and comply with its provisions more fully.

The Data Protection Law applies to personal data when this data is any of the following:

  • Processed electronically;
  • Obtained, collected or extracted in any other way in preparation for electronic processing; and
  • Processed by combining electronic processing and traditional processing.

The Data Protection Law provides that each individual shall have the right to privacy of their personal data. Such data may only be processed within a framework of transparency, honesty, respect for human dignity and in accordance with the provisions of the Data Protection Law.

Continue reading

  • no results

Back to top