The Data Protection Office (the “DPO”) is an independent institution of the Qatar Financial Centre. It is charged with administrating the QFC Data Protection Regulations 2021 (the “Regulations”) and all aspects of data protection within the QFC. Specifically, the DPO provides support, advice, and guidance to the QFC community on all data protection matters, adjudicating complaints and investigating alleged contraventions of the Regulations. 

The role of the DPO is instrumental in ensuring data protection rights of individuals, building trust with QFC firms and stakeholders, and safeguarding the QFC’s reputation. 

The Regulations

The Regulations, supported by the QFC Data Protection Rules 2021, came into force on 19 June 2022. The Regulations focus on ensuring firms, as Data Controllers, manage Personal Data lawfully and transparently whilst providing the Data Subjects with sufficient enforceable rights over how their data is Processed. The Regulations place the responsibility on those who collect, hold and Process Personal Data while giving rights to the people whose data is collected.

The Regulations were drafted considering international best practices and ensure Data Subjects have sufficient rights over their data, Data Controllers and Data Processors protect and secure this data against accidental or unlawful destruction, loss, alteration, and unauthorised disclosure of, or access to, that data.