DPDPA is now in force in India. Run a free privacy scan on your site. Scan now

🇧🇭 Middle East & North Africa

Cookie consent in البحرين

Consent and privacy law in البحرين

In short
Bahrain's Personal Data Protection Law, Law No. 30 of 2018, took effect in 2019 and is overseen by the Personal Data Protection Authority. It is one of the earlier comprehensive Gulf laws and follows GDPR-style principles, requiring a lawful basis, transparency, and data subject rights. A distinctive feature is that certain sensitive processing requires prior authorisation or registration with the authority, and the law includes criminal penalties, with imprisonment of up to one year for some violations. Cross border transfers are restricted to countries offering adequate protection or with authority approval. Consent must be clear and documented. Notices in Arabic are expected, and cookies that identify users are personal data.
Authority
Personal Data Protection Authority
Status

Law No. 30 of 2018 Personal Data Protection Law, in force since 2019

Primary law
PDPL BH
Languages

ar

Who must comply

Data managers and processors based in Bahrain, and those abroad that use means located in Bahrain to process personal data.

Penalties

Fines and imprisonment up to one year for certain violations of the law

Key obligations

  • Obtain consent unless a legal exception applies
  • Provide notice of purpose and recipients
  • Seek prior approval for sensitive data and certain processing
  • Honor access, correction and objection rights
  • Apply security and notify the authority of relevant processing

Local guidance

  • Apply Law No. 30 of 2018 overseen by the PDP Authority
  • Seek authorisation for certain sensitive processing
  • Restrict transfers to adequate countries or seek approval
  • Provide notices in Arabic

How ConsentX helps

  • Consent capture before processing
  • Notice of purpose and recipients in the banner
  • Rights request workflow with evidence
  • Consent receipts for audit
  • Region rule engine tuned for Bahrain
Get started free
yoursite.com
🇧🇭 Bahrain

We value your privacy

We ask for your consent before any non-essential cookie, with the rules that apply in your region.

Allow allReject non-essentialManage preferences

This page is a plain-English summary for general information and is not legal advice. Confirm your obligations with qualified local counsel.

How to comply with Bahrain using ConsentX

  1. 1

    Scan your website

    Run a free scan to find every cookie and tracker on your site, so you know exactly what needs consent under Bahrain.

  2. 2

    Show a geo-aware consent banner

    Add the ConsentX banner. It detects each visitor region and shows the consent experience that Bahrain requires, automatically.

  3. 3

    Block trackers until consent

    Keep non-essential cookies and trackers blocked until the visitor agrees, so nothing fires before consent.

  4. 4

    Record tamper-evident proof

    Every choice is stored as a tamper-evident consent receipt you can produce in a Bahrain audit.

  5. 5

    Handle data requests on time

    Use the built-in DSAR workflow with SLA timers to answer access, deletion and opt-out requests within the legal deadline.

Frequently asked questions

Are there criminal penalties under Bahrain's law?+

Yes. Bahrain's Personal Data Protection Law includes criminal penalties, with imprisonment of up to one year for certain violations, alongside administrative fines.

How does Bahrain handle cross border transfers?+

Transfers outside Bahrain are restricted to countries that offer adequate protection or require approval from the Personal Data Protection Authority.

Governing law

🇧🇭 PDPL BH

Other countries in Middle East & North Africa

🇦🇪 الإمارات العربية المتحدة🇸🇦 المملكة العربية السعودية🇶🇦 قطر🇮🇱 ישראל🇹🇷 Türkiye🇪🇬 مصر