Egypt Personal Data Protection Law (Law No. 151 of 2020)
Egypt's first comprehensive personal data protection law. Law No. 151 of 2020 promulgates the annexed Personal Data Protection Law (14 chapters, 49 articles) governing the electronic processing of personal data of natural persons by holders, controllers and processors, establishing the Personal Data Protection Centre, a licensing/permit regime, data subject rights, cross-border transfer controls, breach notification, and criminal/administrative penalties. Ratified 13 July 2020; effective from 15 October 2020.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (14)
Egypt PDPL - Budget and Financial Resources
| Code | Title |
|---|---|
| EGY-PDPL-Art.31 | Budget and financial resources of the Centre |
Egypt PDPL - Controller and Processor Obligations
| Code | Title |
|---|---|
| EGY-PDPL-Art.4 | Controller obligations |
| EGY-PDPL-Art.5 | Processor obligations |
| EGY-PDPL-Art.6 | Lawful bases for processing |
| EGY-PDPL-Art.7 | Personal data infringement (breach) notification |
Egypt PDPL - Crimes and Penalties
| Code | Title |
|---|---|
| EGY-PDPL-Art.35 | General penalty provision |
| EGY-PDPL-Art.36 | Penalty for unauthorised processing |
| EGY-PDPL-Art.37 | Penalty for denying rights and unlawful collection |
| EGY-PDPL-Art.38 | Penalty for breach of controller/processor obligations |
| EGY-PDPL-Art.39 | Penalty for failure to appoint a DPO |
| EGY-PDPL-Art.40 | Penalty for DPO failure of duties |
| EGY-PDPL-Art.41 | Penalty for unlawful sensitive-data processing |
| EGY-PDPL-Art.42 | Penalty for unlawful cross-border transfer |
| EGY-PDPL-Art.43 | Penalty for marketing violations |
| EGY-PDPL-Art.44 | Penalty for breach of Centre confidentiality |
| EGY-PDPL-Art.45 | Penalty for license/permit/certification violations |
| EGY-PDPL-Art.46 | Penalty for obstructing Centre officers |
| EGY-PDPL-Art.47 | De facto manager and juristic-person liability |
| EGY-PDPL-Art.48 | Publication of sentences and recidivism |
| EGY-PDPL-Art.49 | Settlement and reconciliation |
Egypt PDPL - Cross-Border Data Transfer
| Code | Title |
|---|---|
| EGY-PDPL-Art.14 | Cross-border transfer adequacy and licensing |
| EGY-PDPL-Art.15 | Derogations from the cross-border protection level |
| EGY-PDPL-Art.16 | Disclosure to controllers/processors abroad under licence |
Egypt PDPL - Data Protection Officer
| Code | Title |
|---|---|
| EGY-PDPL-Art.8 | Appointment of the Data Protection Officer |
| EGY-PDPL-Art.9 | Data Protection Officer obligations |
Egypt PDPL - Data Subject Rights and Processing Conditions
| Code | Title |
|---|---|
| EGY-PDPL-Art.2 | Data subject rights and consent requirement |
| EGY-PDPL-Art.3 | Conditions for lawful collection and processing |
Egypt PDPL - Definitions and Scope
| Code | Title |
|---|---|
| EGY-PDPL-Art.1 | Definitions |
Egypt PDPL - Direct Electronic Marketing
| Code | Title |
|---|---|
| EGY-PDPL-Art.17 | Conditions for direct electronic marketing |
| EGY-PDPL-Art.18 | Obligations of the direct-marketing sender |
Egypt PDPL - Disclosure of Personal Data
| Code | Title |
|---|---|
| EGY-PDPL-Art.10 | Procedures for disclosure of personal data |
| EGY-PDPL-Art.11 | Determinative effect of digital evidence |
Egypt PDPL - Judicial Control
| Code | Title |
|---|---|
| EGY-PDPL-Art.34 | Judicial control powers |
Egypt PDPL - Licenses, Permits and Certifications
| Code | Title |
|---|---|
| EGY-PDPL-Art.26 | Types of licenses, permits and certifications |
| EGY-PDPL-Art.27 | Procedures for issuing licenses, permits and certifications |
| EGY-PDPL-Art.28 | Amendment of license and permit conditions |
| EGY-PDPL-Art.29 | Cancellation of licenses, permits and certifications |
| EGY-PDPL-Art.30 | Administrative sanctions |
Egypt PDPL - Personal Data Protection Centre
| Code | Title |
|---|---|
| EGY-PDPL-Art.19 | Establishment and mandate of the Personal Data Protection Centre |
| EGY-PDPL-Art.20 | Board of Directors of the Centre |
| EGY-PDPL-Art.21 | Competencies of the Centre's Board |
| EGY-PDPL-Art.22 | Board meetings and resolutions |
| EGY-PDPL-Art.23 | Chief Executive Officer of the Centre |
| EGY-PDPL-Art.24 | Confidentiality obligation of Board members and Centre staff |
| EGY-PDPL-Art.25 | International cooperation by the Centre |
Egypt PDPL - Requests and Complaints
| Code | Title |
|---|---|
| EGY-PDPL-Art.32 | Requests by data subjects |
| EGY-PDPL-Art.33 | Complaints to the Centre |
Egypt PDPL - Sensitive Personal Data
| Code | Title |
|---|---|
| EGY-PDPL-Art.12 | Processing of sensitive personal data and children's data |
| EGY-PDPL-Art.13 | DPO security duties for sensitive personal data |
Maps to 2 other frameworks
Frequently Asked Questions
What is Egypt Personal Data Protection Law (Law No. 151 of 2020)?
Egypt Personal Data Protection Law (Law No. 151 of 2020) is a compliance framework from Egypt with 14 domains and 49 controls. Egypt's first comprehensive personal data protection law. Law No. 151 of 2020 promulgates the annexed Personal Data Protection Law (14 chapters, 49 articles) governing the electronic processing of personal data of natural persons by holders, controllers and processors, establishing the Personal Data Protection Centre, a licensing/permit regime, data subject rights, cross-border transfer controls, breach notification, and criminal/administrative penalties. Ratified 13 July 2020; effective from 15 October 2020. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Egypt Personal Data Protection Law (Law No. 151 of 2020) have?
Egypt Personal Data Protection Law (Law No. 151 of 2020) has 49 controls organised across 14 domains. The largest domains are Egypt PDPL - Crimes and Penalties (15 controls), Egypt PDPL - Personal Data Protection Centre (7 controls), Egypt PDPL - Licenses, Permits and Certifications (5 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Egypt Personal Data Protection Law (Law No. 151 of 2020) map to?
Egypt Personal Data Protection Law (Law No. 151 of 2020) maps to 2 other compliance frameworks. The top mapping partners are GDPR (20% coverage), Rwanda Law No. 058/2021 Relating to the Protection of Personal Data (4% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Egypt Personal Data Protection Law (Law No. 151 of 2020) compliance?
Start your Egypt Personal Data Protection Law (Law No. 151 of 2020) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Egypt Personal Data Protection Law (Law No. 151 of 2020) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 49 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 701 frameworks.
Get Started Free →Free forever — no credit card required