Registration of External Entities
Start ServiceThe Saudi Data & AI Authority (SDAIA) is responsible for overseeing the implementation of the Personal Data Protection Law, issued by Royal Decree No. (M/19) dated 09/02/1443 AH, and its amendments. SDAIA also ensures controllers' compliance through building a unified national register for controllers that process personal data within the Kingdom.
Requirements
1. Valid Commercial Registration: The entity must hold an active and valid commercial registration.
2. Authorized Representative Delegation: The entity’s representative must be officially authorized through the verification service for non-Saudi companies & digital identity issuance for the company’s representative under the Ministry of Foreign Affairs (MOFA).
For any inquiries or technical issues encountered during the registration process on the Platform, please submit a request via the Contact Us Service.
Steps
Step One: Ratification documents via MOFA
1. Log in to MOFA Platform: The authorized representative should log in to MOFA official website in the Kingdom and use the verification service for non-Saudi companies & digital identity issuance for the company’s representative.
2. Complete the Form and Upload Supporting Documents: The representative should fill in the online form and attach all necessary documentation as per the service requirements.
3. Submit the Application: Once the information and attached documents are verified for accuracy, the representative submits the application.
4. Review and Approval by MOFA: MOFA will assess the submission. If it fulfills all criteria, the application will be officially approved.
Step Two: Registering on the National Data Governance Platform
Upon securing attestation approval from MOFA, the authorized representative must complete the entity registration on the National Data Governance Platform by following these steps:
5. Select “Register Entities outside the Kingdom”: The representative selects the “Entities outside the Kingdom” option available on the platform.
6. Initiate the Service: The representative clicks “Start Service” to begin the registration process.
7. Set up a Representative Account: The representative creates an account on the platform.
8. Credentials Entry: The representative enters the Ministry of Foreign Affairs (MOFA) request number.
9. Entity Automated Retrieval of Data: The platform will automatically retrieve the entity’s data based on information entered.
10. Complete the Profile Information: The representative is required to complete all mandatory information within both the entity's and the representative's profiles.
11. Eligibility Assessment for Data Protection Officer (DPO) Appointment: The representative determines whether it is mandatory to appoint a DPO in accordance with the conditions outlined in Article (32) of PDPL Implementing Regulations.
12. Certificate Issuance: Upon the successful completion of all preceding steps, the National Personal Data Protection Register Certificate will be issued to the entity after approving the application.
Important Links
Privacy Impact Assessment Personal Data Breach Notification Reports and Complaints Regulatory Sandbox Program AI Service Provider Accreditation Request for Legal Opinion Clarification Request for Approval of Data Sharing MethodGet in Touch
- ${title}${badge}