Personal Data Protection Law (Royal Decree 6/2022)
Oman
2022
Privacy
Overview
Oman's Personal Data Protection Law, issued under Royal Decree 6/2022 in February 2022, establishes a national legal framework for safeguarding personal data. It aligns with international standards and sets out rights for individuals and obligations for entities that process personal data. The law is supervised by the Ministry of Transport, Communications and Information Technology (MTCIT). The regulation applies to banks, telecom operators, e-commerce platforms, insurance companies, healthcare providers, and other entities operating in Oman that process personal data. As of 2025, executive regulations are still pending, which affects full enforcement timelines.
Key Obligations
- Obtain explicit consent before collecting or processing personal data
- Process data for specific, lawful, and declared purposes
- Protect sensitive data and restrict its processing without legal justification
- Restrict cross-border data transfers unless the recipient jurisdiction provides adequate protection
- Grant individuals rights to access, correct, erase, and object to data processing
- Implement appropriate technical and organizational security measures
- Comply with future obligations once executive regulations are issued
FAQ
Related Regulations
Stay ahead of risk with Signzy
Explore tools that help you onboard, monitor, and verify with confidence
Identity Verification
Use facial match and liveness checks paired with government ID verification to make sure the person holding the document is the person you're onboarding.
One Touch KYC
Simplify the Know Your Customer (KYC) process with AI and sophisticated fraud detection algorithms to provide a seamless, efficient, and highly secure user verification.
MENA API Marketplace
Comprehensive API marketplace for the Middle East and North Africa region, offering localized verification and compliance solutions.