Skip to Content
Docs are being rebuilt — start at Introduction → How it works.
Governance & complianceQatar PDPPL

Qatar PDPPL

Qatar’s Personal Data Privacy Protection Law (PDPPL) sets requirements for how organizations collect, process, and protect personal data. This page is guidance on configuring TeamMate and your agents to support a PDPPL-aligned program.

This is guidance, not a certification or a legal assessment. TeamMate is not certified for PDPPL, and using these features does not by itself make your workspace compliant. Consult your legal or data-protection advisor for how PDPPL applies to your organization.

Principles and how TeamMate can help

PDPPL principleHow to support it in TeamMate
Lawful, limited processingScope each agent’s instructions and connected data sources to only the personal data it needs for its task.
Access controlRestrict workspace administration with Members & Roles; enforce SSO and allowed domains in Security.
Data minimization in knowledgeOnly attach knowledge bases and integrations that an agent genuinely requires; review what each agent can read.
Accountability and recordsAgent conversations and automation runs are recorded, supporting audit trails for processing activities.
Individual rights handlingUse agents and automation under your control to help locate and respond to data-subject requests against your own systems.

Practical steps

  1. Limit who can administer the workspace

    Assign roles deliberately in Members & Roles so only authorized people change agents, integrations, and data sources.

  2. Enforce strong sign-in

    Configure Microsoft Entra ID SSO and restrict access to your organization’s email domains in Security.

  3. Scope each agent's data access

    Review the knowledge bases and integrations attached to each agent. Remove any source that exposes personal data the agent does not need.

  4. Keep usage bounded and reviewable

    Use Spending controls to cap usage, and rely on conversation and run history to review how agents handle data.

What TeamMate does not do for you

  • It does not provide a legal determination of PDPPL applicability or compliance.
  • It does not classify your data as personal data automatically — you decide what each agent may access.
  • It does not replace your organization’s data-protection policies, consent records, or breach-response procedures.
Spending controlsQCB & NCSA AI guidelines