GDPR – new EU privacy rules: African organisations take note
On 25 May 2018, a new set of privacy rules formed by the European Union (“EU
”) will take effect. The General Data Protection Regulation (“GDPR
”) seeks to replace the Data Protection Directive 95/46/EC.
Organisations – including many African ones – will need to make changes to their oversight, technology, processes, and human resources to comply with the GDPR.
The GDPR not only applies to organisations located within the EU, but also applies to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. The GDPR will also apply to all companies processing and holding personal data of data subjects residing in the EU, regardless of the company’s location.
As such, many African organisations will be directly affected by the GDPR and will need to comply. Failure to do so can result in organisations being fined up to 4% of annual global turnover or EUR20-million. Such fines are significant and the time to comply is running out.
For further information on GDPR compliance and on aligning compliance to South African legislation such as the Protection of Personal Information Act, 2013 (“POPI
”), please contact:
No information provided herein may in any way be construed as legal advice from ENSafrica and/or any of its personnel. Professional advice must be sought from ENSafrica before any action is taken based on the information provided herein, and consent must be obtained from ENSafrica before the information provided herein is reproduced in any way. ENSafrica disclaims any responsibility for positions taken without due consultation and/or information reproduced without due consent, and no person shall have any claim of any nature whatsoever arising out of, or in connection with, the information provided herein against ENSafrica and/or any of its personnel. Any values, such as currency (and their indicators), and/or dates provided herein are indicative and for information purposes only, and ENSafrica does not warrant the correctness, completeness or accuracy of the information provided herein in any way.