UAE Data Protection Law, UAEGDPR, and AI Governance Compliance
Effective Date: As per Agreement
Agreement: AI Now UAE Terms and Conditions (including any Order Forms)
Address: Techno Hub, DTech, Dubai Silicon Oasis (DSO), Dubai, UAE
Role: Processor
Privacy, data protection, and data security laws applicable in the UAE, including the UAE Data Protection Law, UAEGDPR, and any AI governance regulations directly relevant to AI Now UAE's processing of personal data.
The DPA is governed by and interpreted under UAE federal privacy and data protection laws, the UAE Data Protection Law, and any AI governance policies enforced under the Digital Dubai and Telecommunications and Digital Government Regulatory Authority (TDRA).
Any transfer of personal data outside the UAE must comply with UAE data transfer regulations, including requirements for adequate protection or appropriate safeguards analogous to GDPR adequacy.
Data protection authority is the UAE Data Office and TDRA, as competent authorities for enforcement and oversight.
AI Now UAE will process customer personal data as instructed for service provision and enhancement related to digital AI personas.
AI Now UAE shall implement organisational, technical, and physical safeguards consistent with UAEGDPR and AI governance standards, including:
Customer's written instructions for data processing will be binding following agreed amendments to the DPA.
AI Now UAE assists with UAE and GDPR-equivalent data subject rights requests where technically possible; Customer is responsible for handling such requests.
Notification of breaches to Customer without undue delay per UAE law; breach notification does not admit liability.
AI Now UAE required to ensure sub-processors meet equivalent UAEGDPR protections, with prior notification to Customer of any changes. The Customer may object if compliant with UAE law.
Customer may audit AI Now UAE's compliance upon fourteen (14) days' notice, with confidential proposed audit plan. AI Now UAE may decline requests that threaten other clients' security, confidentiality, or violate local law.
Subject to business disruption risks and confidentiality undertakings.
Upon agreement termination, AI Now UAE will return or delete all customer personal data in line with Customer instructions, unless retention is required under UAE law (e.g., records of financial transactions).
Cross-border transfers must use approved mechanisms (for example, Standard Contractual Clauses or UAE-recognized transfer tools) and be documented accordingly.
Limits of liability and exclusions as specified in Agreement.
AI Now UAE may vary the DPA to comply with evolving UAE data protection and AI governance regulations, providing reasonable notice and seeking good faith agreement from Customer.
Techno Hub, DTech, DSO
Dubai, UAE
Data Protection: Provided in Order Form or as updated by Customer
Supervisory Authority: UAE Data Office / TDRA
Applicable Laws: UAE Data Protection Law, UAEGDPR equivalence, AI Governance Regulations
Categories of Data: Personal and sensitive data included within Customer Content
Industry standard per UAE regulatory guidance and Annex 2 Security Measures.
This DPA integrates UAE-specific legal context and regulatory requirements, maintaining the structure of the original document but adapted for the Dubai-based operation and compliance needs.