• Part 7 Part 7 General Exemptions

    • 19. General exemptions

      (1) The Board may make rules exempting Data Controllers from compliance with these Regulations or any parts of these Regulations.
      (2) Without prejudice to subsection (1) above, section 12 shall not apply to the Board, the Court, the Regulator or the Registrar, except that the Registrar is still required to maintain records per section 12(1) and where necessary, prescribe written notifications per section 12(2).
      (3) Without prejudice to subsection (1) above, sections 4, 5, 6, 7, 10, 11 and 17 shall not apply to the Board, the Court, the Regulator or the Registrar if the application of these sections would be likely to prejudice the proper discharge by those entities of their powers or functions in so far as such powers or functions are designed for protecting members of the public against —
      (a) financial loss due to dishonesty, malpractice or other seriously improper conduct by, or the unfitness or incompetence of, persons carrying on any Controlled Activities; or
      (b) dishonesty, malpractice or other seriously improper conduct by, or the unfitness or incompetence of, persons carrying on Regulated Activities.

    • 20. Interpretation

      In these Regulations, unless the context indicates otherwise, the defined terms listed below shall have the following meanings —

      "Company" has the meaning given to that term in the Financial Services and Markets Regulations 2015;

      "Controlled Activities" means controlled activities as defined in the Commercial Licensing Regulations 2015.

      "Court" means the Court of First Instance;

      "Data Controller" means any person in the Abu Dhabi Global Market (excluding a natural person acting in his capacity as a staff member) who alone or jointly with others determines the purposes and means of the Processing of Personal Data;

      "Data Processor" means any person (excluding a natural person acting in his capacity as as a staff member) who Processes Personal Data on behalf of a Data Controller;

      "Data Subject" shall mean the natural person to whom Personal Data relate;

      "Group" has the meaning given to that term in the Financial Services and Markets Regulations 2015;

      "Identifiable Natural Person" means a natural person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;

      "Personal Data" means any information relating to an identified natural person or Identifiable Natural Person;

      "Processing" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction, and "Processed", "Processes" and "Process" shall be construed accordingly;

      "Recipient" means any person to whom Personal Data are disclosed, whether a Third Party or not, but does not include any person to whom disclosure is or may be made as a result of, or with a view to, a particular inquiry by or on behalf of that person made in the exercise of any power conferred by law;

      "Regulated Activities" has the meaning given to it in the Financial Services and Markets Regulations 2015;

      "Sensitive Personal Data" means Personal Data revealing or concerning (directly or indirectly) racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership and health or sex life;

      "Staff" include past, existing or prospective employees, directors, partners, trustees, officers, office holders, temporary or casual workers, agents and volunteers; and

      "Third Party" means any person other than the Data Subject, the Data Controller, the Data Processor and the persons who, under the direct control of the Data Controller or the Data Processor, are authorised to Process the Personal Data.

    • 21. Short title, extent and commencement

      (1) These Regulations may be cited as the Data Protection Regulations 2015.
      (2) These Regulations shall apply in the Abu Dhabi Global Market.
      (3) These Regulations shall come into force on the date of their publication. The Board may by rules make any transitional, transitory, consequential, saving, incidental or supplementary provision in relation to the commencement of these Regulations as the Board thinks fit.
      (4) Rules made under subsection (3) may amend any provision of any other enactment (including subordinate legislation made under such enactment).