Appointing a Data Protection Officer

Overview

An organisation must appoint a data protection officer (DPO) and outline their duties and responsibilities in order to ensure compliance with the data protection legislation.

Definitions

  • ADGM: Abu Dhabi Global Market.

  • Data subject: An identified or identifiable living natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • Controller: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purpose and means of the processing of personal data.

  • Commissioner of Data Protection: The person appointed by the Board to be the Head of the Office of Data Protection.

  • Court: Any of the courts established pursuant to article 10 of Abu Dhabi Law No. 4/2013 On the Global Marketplace Abu Dhabi.

  • DPO: Data protection officer