In 2018, the manner into which Companies dealt with personal data changed definitely. With the coming into force of the Mauritius Data Protection Act 2017 (DPA) in January 2018, Companies processing personal data in Mauritius have to abide by this new Law and its subsequent legal requirements. In May 2018, the European Union General Data Protection Act 2016/679 (GDPR) came into force, requiring data controllers and processors, wherever located, that are processing personal data of data subjects located in the EU, to comply with the aforementioned EU privacy legislation. This, coupled with the enhanced rights of data subjects and the enormous penalties that may be imposed on non-compliant controllers or processors, make it a must for entities to put in place an appropriate Data Protection framework, with appropriate policies and processes.
In order to assist our clients to comply with these two above-mentioned legislations, ADS proposes multiple services that are tailor made to the business and manner of processing data of our clients. These comprises, but are not limited to:
- Reviewing the current framework in place to ensure adequate protection of personal data
- Implementation of an appropriate Data Protection framework in line with the new laws
- Acting as Data Protection Officer
- Advising on matters relating to the security of personal data
- Drafting / reviewing policies, procedures and processes related to Data Protection
- On the job training to staff to ensure they have the know-how on how to implement the policies and procedures in their day to day operations
Note that the above list of services is not exhaustive and will depend on the specific business activities of our clients, whatever the industry they are in.