| |
| Data Protection Schedule of Fines |
| |
DIFCA Board Resolution dated 17th June 2007 by Circulation:
Amendment to Data Protection Regulations
The Commissioner for Data Protection has requested the Board of Directors, under the powers granted to them under Article 27 (2) of the DIFC Data Protection Law No.1 of 2007 (the "Law"), to issue the following schedule of fines which are to be imposed for contraventions to the aforementioned Law and Regulations. The Schedule of Fines will appear as an addendum to the existing Regulations as an appendix as follows:
Data Protection Schedule of Fines
Pursuant to Article 27 (2) (d) of the Law, the DIFC Authority hereby promulgates the following schedule of fines, as amended from time to time.
Nature of Administrative Offence
|
Maximum Fine |
| Failure to register with the Office of DP Commissioner |
$25,000 |
| Failure to notify Commissioner of any amendments in personal data operations |
$5,000 |
| Company transferring personal data outside the DIFC without obtaining permit |
$20,000 |
| Company processing sensitive personal data without obtaining permit |
$10,000 |
| Provision of false or misleading information to Commissioner |
$20,000 |
| Failure to comply with a direction or order from the Commissioner |
$15,000 |
|
|
|
