ARTICLE
11 October 2017

GDPR – New EU Privacy Rules: African Organisations Take Note

E
ENS

Contributor

ENS is an independent law firm with over 200 years of experience. The firm has over 600 practitioners in 14 offices on the continent, in Ghana, Mauritius, Namibia, Rwanda, South Africa, Tanzania and Uganda.
As such, many African organisations will be directly affected by the GDPR and will need to comply.
Worldwide Privacy

On 25 May 2018, a new set of privacy rules formed by the European Union ("EU") will take effect. The General Data Protection Regulation ("GDPR") seeks to replace the Data Protection Directive 95/46/EC.

Organisations – including many African ones – will need to make changes to their oversight, technology, processes, and human resources to comply with the GDPR.

The GDPR not only applies to organisations located within the EU, but also applies to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. The GDPR will also apply to all companies processing and holding personal data of data subjects residing in the EU, regardless of the company's location.

As such, many African organisations will be directly affected by the GDPR and will need to comply. Failure to do so can result in organisations being fined up to 4% of annual global turnover or EUR20-million. Such fines are significant and the time to comply is running out.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More