PDPL & NDMO by design
KSA-native compliance mapping, evidence packs, and DPO enablement — not a Western framework retrofitted after the fact.
PDPL, NDMO and ISO 27001 aligned governance for KSA and GCC enterprises — from automated catalog and lineage to policy-as-code enforcement in the query engine.
KSA-native compliance mapping, evidence packs, and DPO enablement — not a Western framework retrofitted after the fact.
Automated discovery, PII classification and column-level lineage across warehouses, lakes and operational systems.
Row, column and purpose-based access enforced in the query engine — never in application code where it silently drifts.
We ship this practice as a small, opinionated system — running infrastructure, evaluation harnesses, and the rituals that make leadership trust the numbers.
Every engagement is scoped as a small system, not a slide deck. You get running infrastructure, documentation, and the metric-store hooks to measure it.
Scope an engagementBefore Go-Live on a Tier-1 KSA bank data lake.
With automated evidence packs — down from 90 days.
Post-implementation across two regulated engagements.
Regulators don't want a PDF of your data map — they want to see who accessed a specific customer record last Tuesday, and whether the query respected purpose. That's only possible when the catalog, lineage and access policy live inside the platform. We stand that up.
Every engagement follows the same phased spine so leadership always knows what ships in the next two weeks.
Automated discovery, PII classification and initial risk scoring across every source.
Stand up the catalog, assign data owners and stewards, publish glossary.
Column-level lineage plus row / column / purpose-based access policies as code.
Automated evidence packs, access reviews, DPO enablement and audit dry-run.
Yes. PDPL differs from GDPR on cross-border transfer, consent and data-subject rights. Our mapping is PDPL-native and cross-references NDMO domains — GDPR alignment is a by-product, not the starting point.
It depends on your warehouse. Databricks estates default to Unity Catalog; Microsoft-heavy estates to Purview; multi-warehouse enterprises to Collibra or DataHub. We benchmark for your context.
Enforcement lands in the query engine (Unity, Snowflake, Immuta) so applications keep issuing the same SQL — filtered rows and masked columns are transparent. No app rewrites required.
Yes. We've supported SAMA, NCA and external Big-4 audits with automated evidence packs and lineage exports on demand.
Book a working session with a lead architect.