Meet ComplAIIntelligence: Your AI-powered teammate for risk & complianceLearn more
All framework guides

Help Center · Framework guide

Middle East & GCC Personal Data Protection

ME Privacy · Privacy · Middle East · v2024–2025

PrivacyUAEKSAGCCPDPL

Overview

Middle East & GCC Personal Data Protection (ME Privacy) — Unified privacy controls for UAE Federal PDPL, KSA PDPL, Qatar, Bahrain, Oman, and Jordan — lawful processing, data subject rights, transfers, breach notification, and DPO obligations. ComplAI maps this framework’s controls so your team can track implementation, evidence, and audit readiness.

28 controls available in ComplAI for this framework.

Who it's for

  • Organizations that must demonstrate ME Privacy compliance
  • Security and compliance teams operating in Middle East
  • Customers and partners that require ME Privacy assurance

Why it matters

ME Privacy is a recognized privacy framework. Activating it in ComplAI lets you manage controls, evidence, and readiness in one place.

PrivacyUAEKSAGCC

How ComplAI helps

  • Activate ME Privacy in the Framework Library to load its control catalog
  • Assign owners, track compliance status, and attach evidence per control
  • Use risk register and issues workflows when controls fail or deviate
  • Export readiness views for leadership and auditors

Sample controls

  • Gov. 1

    Privacy governance and accountability

    governance
  • Gov. 2

    Data Protection Officer appointment

    governance
  • Gov. 3

    Record of processing activities (RoPA)

    data protection
  • Law. 1

    Lawful basis for processing

    data protection
  • Law. 2

    Valid consent

    data protection
  • Law. 3

    Privacy notice and transparency

    data protection

Getting started

  1. Open Framework Library and activate ME Privacy
  2. Review the control list and prioritize high-impact domains
  3. Attach policies, procedures, and technical evidence
  4. Mark controls audit-ready and monitor residual gaps