Published: Jul 29, 2021

ADGM Issues New Data Protection Rules on Fees and Fines

The ADGM has published two new rules supplementing the Data Protection Regulations of 2021 (“DPR 2021”): (i) Data Protection Regulations (“Fees”) Rules 2021 (“Fees Rules”); and (ii) Data Protection Regulations (“Fines”) Rules 2021 (“Fines Rules”) on 25 July 2021.

As per Article 24 of the DPR 2021, Controller is required to pay to the Commissioner a Data Protection Fee before it starts its data processing activities and subsequently pay a Renewal fee on every anniversary of its processing activities. The Fees Rules sets out this Data Protection Fee and Renewal Fee which is USD 300 each.

Further, Article 56 of the DPR 2021 states that the Commissioner may impose a fine where a Controller fails to pay the Data Protection Fee or the Renewal Fee in accordance with Section 24 of the DPR. Such fines have been determined by the Fines Rules which states that a fine of up to a maximum of 750 (USD) for a failure to pay the Data Protection Fee and a fine of up to a maximum of 250 (USD) for failure to pay the Renewal Fee.

The Fees Rules and Fines Rules will come into effect from the date of DPR 2021 that is:

  • For entities registered on or after 14 February 2021, the DPR 2021, DPR Fees Rules and DPR Fines Rules will apply to these entities from 14 August 2021; and

  • For entities in existence before 14 February 2021, the DPR 2021, DPR Fees Rules and DPR Fines Rules will apply to these entities from 14 February 2022.

How we can help

As the leading law firm in the Middle East & North Africa region and with a reputable and dedicated regional data privacy practice, Al Tamimi & Company is well placed to assist you all matters relating to Data Protection and Privacy. Please reach out to our team if you have any queries.