Saudi Arabia Personal Data Protection Law (SA PDPL)
Saudi Arabia's comprehensive data protection law with specific provisions for children's data, requiring explicit parental consent and prohibiting processing that harms minors' interests.
Key Provisions
What SA PDPL requires
Explicit consent from parent or guardian required for processing children's personal data
Processing of children's data must not harm their interests or wellbeing
Data controllers must implement appropriate safeguards for children's information
Right to data deletion and correction for children and their guardians
Saudi Data and AI Authority (SDAIA) enforcement with fines up to SAR 5 million
Extraterritorial application to entities processing data of Saudi residents
Rule Categories Covered
Phosra enforcement categories for SA PDPL
Data Sharing Control
privacyControls what personal data can be shared with third parties and platform partners.
Data Deletion Request
privacyTriggers data deletion workflows on connected platforms and enables full profile removal via API.
Parental Consent Gate
otherEnforces parental consent gate rules across connected platforms.
Platforms Affected
Platforms covered by SA PDPL
MCP Enforcement
Enforce SA PDPL with a single API call
// Enforce SA PDPL compliance
tool: trigger_child_enforcement
input: {
child_id: "ch_emma_01",
law: "SA_PDPL",
rules: [
"privacy_data_sharing",
"data_deletion_request",
"parental_consent_gate"]
}
→ YouTube enforcement applied ✓
→ Instagram enforcement applied ✓
→ TikTok enforcement applied ✓
→ Snapchat enforcement applied ✓
Start building SA PDPL-compliant features today
Phosra handles the complexity of multi-platform compliance so you can focus on building great products for families.