Privacy Notice

Governance and Assurance Affairs, a division of the National Cyber Security Agency (NCSA) and the Government of the State of Qatar.

Based on Emiri Decree No. 1 of year 2021, National Cyber Security Agency (NCSA) - National Governance and Cyber Assurance Affairs is the entity responsible for issuing certificates for Technology and Information Security Service Providers and certificates of compliance with National Information Security Standards and Policies.

National Governance and Cyber Assurance Affairs is committed to protect your privacy and providing a secure environment on its website and portal.

For more information about the Personal Data collected by Governance and Assurance Affairs, how it is processed and secured, please check the following Privacy notice sections:

Governance and Assurance Affairs department will collect your personal data as being considered one of its stakeholders or users only when you apply to one of these services:

  • Accreditation in relation to NISCF
  • Certification in relation to NISCF
  • Regulatory activities related to Personal Data Privacy Protection
  • Training and Certification of individuals
  • Workshops, events and promotion
  • Invoicing and payment of any fees related to the above activities.

All these conditions are considered as legitimate interest for Governance and Assurance Affairs department to operate and facilitate its procedures. Some other services will require your direct consent as well.

When you use Governance and Assurance Affairs website and portal, Governance and Assurance Affairs will consider you as a client or a stakeholder and will collect some of the below data:

Name, Designation, Contact Number, Email Address, Qatar National ID (in some cases), Nationality (in some cases), Bank details (in some cases), Qualifications and CV (in some cases), LinkedIn Account (in some cases, optional).

These collected data are limited to those necessary for the purpose of Governance and Assurance Affairs services as described in this notice and will be collected only for the specific purpose they have been collected for.

Governance and Assurance Affairs does not collect from you any data with a special nature.

Governance and Assurance Affairs will collect your data directly from you, when request to apply to any its services or procedures.

Governance and Assurance Affairs may collect some of your personal data from your organization or company when applying to Certification and Accreditation program, such data collection is covered by the contractual agreement between you and your employer/contractor.

It will collect it for the purpose of processing your request (or the request of the related applicant for Governance and Assurance Affairs services) and for communication, follow up and notification to any Governance and Assurance Affairs events and workshops.

Processing your personal data by Governance and Assurance Affairs will be for the purposes that has been collected for, or a purpose compatible with the original purpose. Governance and Assurance Affairs will not process your personal data to other purpose without your consent.

Your personal data will be stored in the infrastructure and systems belongs to National Cyber Security Agency (NCSA).

Governance and Assurance Affairs will not use your data for commercial purposes and Governance and Assurance Affairs will not share your data to any third party unless required by the law.

Governance and Assurance Affairs will store your data as long as it is fulfilling its legitimate interest for its administration and operational purposes for its offered services. In addition, it will store your data for the purpose of its lawful obligation being the competent department of PDPPL.

When you provide your personal data to Governance and Assurance Affairs , Governance and Assurance Affairs will protect its confidentiality, integrity and availability based on its information security polices and standards.

Governance and Assurance Affairs is committed to your rights mentioned in PDPPL, which are:

  • the right to withdraw consent where applicable;
  • the right to object to processing in certain circumstances;
  • the right to erasure;
  • the right to request correction;
  • the right to be notified of inaccurate disclosure;
  • and the right to access.

For any query about practicing your rights, you can communicate with Governance and Assurance Affairs at the contact section in the bottom of this page.

This website uses Mandatory Cookies. Cookies are considered as small files or logs that will be stored by the browser that you are using to store some of the information you will need to browse this website and portal like: preferred language, preferences, etc.
This website uses the following cookies:

1- Mandatory cookies that are required by HTTP protocol and should be accepted by the user to be able to browse the website.
2- Google Analytics Cookies. Governance and Assurance Affairs website uses these cookies to get more insights about number of website visitors and the number of hits/visits per page.
Data collected include: IP address, browser type. Such data is collected implicitly and are processed only for statistics related to website hits/visits.

For more information and for communicating with the department of this matter, kindly contact us on the following address:

Postal address
Governance and Assurance Affairs,
National Cyber Security Agency (NCSA),
P.O. Box 24100,
Wadi Al Sail Street,
Doha, Qatar

Phone: (+974) 2362220

Latest update to this page: 11 May 2022