Egypt: Personal Data Protection Center released Data Users Guidelines

On 26 January 2026, the Personal Data Protection Center (PDPC) released Version 1.1 of the Data Users Guidelines. These Guidelines clarify the roles and responsibilities of data users under the Personal Data Protection Law. The Guidelines distinguish between controllers who determine the essential means of processing and processors who act on behalf of controllers. These Guidelines detail legal obligations such as the requirement to appoint a Data Protection Officer and obtain the necessary licences and permits. Data users must also maintain a Record of Processing Activities and conduct data protection risk assessments. The Guidelines outline duties regarding breach notification and the facilitation of data subjects' rights. They further address cross-border data transfer obligations and compliance with electronic direct marketing rules. The Guidelines emphasise that these requirements support compliance with the regulatory framework enacted by Law No. 151 of the year 2020.