The laws of Georgia provides certain privacy protections and rights for individuals. Companies subject to the law in Georgia, must comply with the requirements under the laws and regulations listed below.
Privacy Law and Regulations
National-Federal Laws and Regulations
Law on Personal Data Protection (Effective March 1, 2024)
Georgian
Amendments to the Law on Personal Data Protection:
Law No. 1289 of 17 December 2025, published December 23, 2025 and took effect on March 2, 2026 (Georgian), amending Article 6 (Sensitive Personal Data) and Article 9( Biometric Data) to add additional legal bases for processing.
Law No. 1054 of 12 November 2025, published November 17, 2025 and took effect on publication (Georgian), replacing the Personal Data Protection Service with the State Audit Office/Auditor General
Order No. 19, Criteria for determining an Incident that poses a significant threat to basic human rights and freedoms, the procedure for reporting the Incident to the DPA
Order No. 20, The procedure for registration of a Special Representative
Order No. 21, Criteria for determining the circumstances giving rise to the obligation to assess the impact on data protection and the assessment procedure
Order No. 22, Defining the circle of persons who do not have the obligation to define/appoint a Personal Data Protection Officer
Recommendations
