In this article we consider the obligations on data controllers, under the DIFC Data Protection Law, to make formal notification in the event of a breach of personal data.

The Dubai International Financial Centre is a financial services free zone with a European-style data protection regime.