Law: Law of Georgia on Personal Data Protection of 28 December 2011 No. 5669 ('the Data Protection Act')
Regulator: Personal Data Protection Service ('PDPS')
Summary: The Data Protection Act was adopted in Georgia on 28 December 2011 and is the primary law governing the area of data protection and data processing activities. In addition to the Data Protection Act, other normative acts such as the Law of Georgia on State Inspector Service (N3273-RS, 21.07.2018) and the Resolution of the Government of Georgia on the Approval of the Regulations on the Activities of the Personal Data Protection Inspector and the Rule of Exercising the Power by Him/Her (N180, 19.07.2013) (only available in Georgian here) contribute to the regulatory framework for data protection. Moreover, in May 2019 the PDP registered the draft Law on Personal Data Protection ('the Draft Law') as a bill before the Parliament of Georgia; however, the Draft Law has yet to come into effect. Specifically, the Draft Law aims at bringing Georgian legislation on personal data protection into closer alignment with the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR').