top of page
Search

Amendment 13 to Israel’s Privacy Protection Law: What Startups & Businesses Need to KnowBig Changes, But Nothing to Fear

  • Writer: Tomer Amrani
    Tomer Amrani
  • Mar 13
  • 3 min read

If you run a business or startup in Israel, you may have heard about Amendment 13 to the Privacy Protection Law. With the rise of data regulations worldwide, Israel is modernizing its privacy rules to align with global standards like the EU’s GDPR. But don’t worry: while this law brings some important changes, it’s purpose is NOT to create unnecessary burdens for businesses. Instead, it aims to clarify privacy requirements, enhance transparency, and strengthen consumer trust.

So, what does this mean for you? Let’s break it down in plain business terms.

The Key Changes You Need to Know

1. What Counts as Personal Data?

The definition of personal data has been expanded. It now includes not just names and ID numbers, but also indirect identifiers like location data, online behaviors, and even digital footprints.

If your business collects email addresses, customer preferences, or website tracking data, you might need to revisit how you handle and store this information.


2. No More Mandatory Database Registration (for Most Businesses)

Under the old law, businesses had to register their databases with the Privacy Protection Authority (PPA). That’s no longer required for most companies.

Now, only businesses that process:

  • Over 10,000 records for commercial purposes, or

  • 100,000 records of highly sensitive data

will need to report their activities to the PPA. If you’re a regular business with customer lists and email subscribers, you likely won’t need to do anything extra.


3. Clearer Privacy Policies & Customer Transparency

If you collect personal data, you’ll need to tell people exactly what you’re doing with it.

This means your privacy policy should now include:

Whether providing data is mandatory or optional

What the data will be used for

Whether the data will be shared with third parties

What happens if the customer refuses to provide their data

What rights customers have regarding their data

If your business already follows GDPR or other international privacy standards, you’re probably covered. If not, this is a great opportunity to refresh your privacy policy.


4. Do You Need a Data Protection Officer (DPO)?

For most startups, the answer is NO. But if your business processes a large amount of sensitive personal data or regularly monitors people’s behavior, you may need to appoint a Data Protection Officer (DPO).

The DPO’s job is to ensure your company follows privacy laws and protects customer data. If this applies to you, it’s best to consult an expert.


5. Stronger Enforcement, But Common-Sense Compliance

The Privacy Protection Authority (PPA) now has more enforcement power. This means:

  • Higher fines for serious data protection failures

  • More investigations into data breaches

  • A greater focus on consumer rights

That said, this isn’t about punishing small businesses—it’s about making sure companies handle personal data responsibly. If your business follows basic good data hygiene, you have nothing to worry about.

What Should You Do Now?

1️⃣ Review your data – Do you collect personal information? If so, is it stored securely and only used for legitimate business purposes?

2️⃣ Update your privacy policy – Make sure it’s clear, easy to understand, and meets the new transparency requirements.

3️⃣ Check if you need a DPO – If you process large amounts of sensitive data, this might be required.

4️⃣ Educate your team – Make sure your employees know how to handle customer data responsibly.

5️⃣ Follow security best practices – Use strong passwords, encrypt sensitive data, and always verify recipients before sharing information.


Final Thoughts: Privacy as a Business Advantage

Rather than seeing privacy regulations as a headache, businesses should treat them as an opportunity to build trust with customers. People care about their data—and by showing you take privacy seriously, you stand out as a reliable and professional business.

At SimplySec.io, we specialize in helping businesses simplify security and compliance. If you need help adapting to Amendment 13 or improving your privacy practices, we’re here to help!

Got questions? Reach out to us today.



This article is for informational purposes only and does not constitute legal advice.

 
 
 

Recent Posts

See All
vCISO, more than you think

The Benefits of Hiring a vCISO: Streamline Cybersecurity, Improve Compliance, and Manage Risks In today’s world, understanding and...

 
 
 

Comments

© 2035 by BizBud. Powered and secured by Wix

bottom of page