Egypt: Personal Data Protection Center released Data Protection Principles Guidelines

On 26 January 2026, the Personal Data Protection Center (PDPC) released the Data Protection Principles Guidelines (Version 1.1). The Guidelines provide interpretive and regulatory guidance on the fundamental principles governing the processing of personal data under the Personal Data Protection Law enacted by Law No. 151 of the year 2020 and the Executive Regulations issued by Decision No. 816 of 2025. The Guidelines set out nine principles, namely lawfulness, fairness, transparency, purpose limitation, data minimisation, data accuracy, storage limitation, data security, and accountability. They specify lawful bases for processing under Article 6 of the Personal Data Protection Law, including the data subject’s consent, fulfilment of a legal obligation, fulfilment of a contractual obligation, legitimate interest, claim or defence of a legal right, and execution of court judgments or orders issued by competent investigative authorities. They further set out requirements on transparency, defined and legitimate purposes, proportional data collection, retention periods, technical and organisational security measures, and demonstrable compliance.