The goal of the Commissioner of Data Protection (“Commissioner”) in producing this Comprehensive Guide is to provide easy to understand information about the Data Protection Law, DIFC Law No. 5 of 2020 (the “DP Law”) and the updated Data Protection Regulations (the “Regulations”) (collectively the “Legislation”).
Personal Data is defined in the DIFC DP Law as, “Any Data referring to an Identifiable Natural Person” and Special Category Data is defined as, “Personal Data revealing or concerning (directly or indirectly) racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, criminal record, trade-union membership and health or sex life and including genetic data and biometric data where it is used for the purpose of uniquely identifying a natural person.” Such data includes but is not limited to name, address, business or personal email address, business or personal phone numbers, geolocations, job title or other employee data, health and biometric data, religious affiliations or criminal history. In sum, Personal Data gene...