EMEA Data Protection Authorities (DPAs)
  1. INTRODUCTION

Data Protection Authorities (DPAs) involves understanding the entities responsible for safeguarding individuals' privacy and enforcing data protection laws within a given jurisdiction. DPAs play a crucial role in overseeing compliance with regulations, addressing privacy concerns, and ensuring the responsible handling of personal data by organizations.

  1. Data Protection Authorities (DPAs) for EMEA:
  2. Europe
  3. Middle East
  4. Africa

Europe

Albania:

Authority: Information and Data Protection Commissioner

The Right to Information and Data Protection Commissioner (the "Commissioner") is the Albanian independent authority in charge of supervising and monitoring the protection of personal data and the right to information by respecting and guaranteeing the fundamental human rights and freedoms in compliance with the legal framework.

Official Website: IDP


Andorra:

Authority: Andorran Data Protection Agency

the Andorran independent control authority, responsible for ensuring the privacy and data protection of citizens. The aim of this space is, on the one hand, to encourage people to know their rights and the possibilities that the Agency offers them to exercise them and, on the other hand, that the obliged subjects have at their disposal an agile instrument that makes it easier for them to comply with the regulations.

Official Website: APDA

 

Armenia:

Authority: Personal Data Protection Agency

Decision of 10.02.2022 on revising the list of states providing a sufficient level of personal data protection. Advisory decision on the publication of children's personal data. Advisory decision on the use of telephone numbers for advertising purposes. Decision on setting serial numbers of decisions (administrative cases) of the Personal Data Protection Agency of the Ministry of Internal Affairs of RA.

Official Website: PDPA

 

Austria:

Authority: Austrian Data Protection Authority

The Austrian Data Protection Authority (Datenschutzbehörde or DSB) is the independent supervisory authority responsible for ensuring compliance with data protection laws in Austria. It was established in accordance with the General Data Protection Regulation (GDPR), which is the primary law governing data protection and privacy in the European Union (EU).

Official Website: APDA

 

Azerbaijan:

No specific DPA. The Ministry of Transport, Communications and High Technologies deals with some aspects of data protection.

Official Website: No Website

 

Belarus:

No specific DPA. The Ministry of Communications and Informatization may handle issues related to data protection.

Official Website: No Website

 

Belgium:

Authority: Data Protection Authority

The Data Protection Authority (GBA) is an independent body that ensures that the basic principles of the protection of personal data are correctly observed. The Data Protection Authority was established by the Belgian Federal Chamber of Representatives by the Act of 3 December 2017 establishing the Data Protection Authority and is the successor to the former Privacy Commission.

Official Website: GBA

 

Bosnia and Herzegovina:

Authority: Personal Data Protection Agency

In Bosnia and Herzegovina, the authority responsible for data protection is the Agency for Personal Data Protection (Agencija za zaštitu ličnih podataka), commonly referred to as the Data Protection Agency.

Official Website: AZLP

 

Bulgaria:

Authority: Commission for Personal Data Protection

The Commission for Personal Data Protection is an independent state authority responsible for overseeing and enforcing data protection laws in Bulgaria. It ensures compliance with the Bulgarian Personal Data Protection Act (PDPA) and other relevant regulations concerning the processing of personal data.

Official Website: CPDP

 

Croatia:

Authority: Croatian Personal Data Protection Agency

The Croatian Personal Data Protection Agency is an independent regulatory body responsible for overseeing and enforcing data protection laws in Croatia. Its primary role is to ensure compliance with the General Data Protection Regulation (GDPR) and the Croatian Personal Data Protection Act. Official Website: AZOP

 

Cyprus:

Authority: Commissioner for Personal Data Protection

The Commissioner for personal data protection is an independent public authority responsible for monitoring the implementation of Regulation (EU) 2016/679 (GDPR) and other laws aiming at the protection of individuals with regards to the processing of their personal data.

Official Website: CPDP

 

Czech Republic:

Authority: The Office for Personal Data Protection

The Office for Personal Data Protection has the authority to investigate complaints related to violations of data protection laws, including unauthorized data processing, data breaches, and non-compliance with GDPR requirements. It can conduct inspections, audits, and issue warnings, corrective measures, and administrative fines for infringements.

Official Website: UOOU

 

Denmark:

Authority: Danish Data Protection Agency

The Data Protection Agency is the national independent supervisory authority in Denmark with responsibility for upholding the fundamental right of data protection. The DPA’s statutory powers, functions and duties derive from the Data Protection Act, General Data Protection Regulation, Law Enforcement Directive, The Danish Law Enforcement Act as well as the Danish TV Surveillance Act.

Official Website: DDPA

 

Estonia:

Authority: Estonian Data Protection Inspectorate

The Estonian Data Protection Inspectorate collaborates with other data protection authorities within the European Union (EU) and internationally to ensure consistent application and enforcement of data protection laws. This cooperation is essential for addressing cross-border data protection issues and ensuring the protection of individuals' personal data.

Official Website: EDPI

 

Finland:

Authority: Office of the Data Protection Ombudsman

The Data Protection Ombudsman is a national supervisory authority which supervises the compliance with data protection legislation. With Data Protection Ombudsman and two Deputy Data Protection Ombudsmen there works approximately 55 specialists in the office. Official Website: Office of the Data Protection Ombudsman

 

France:

Authority: National Commission on Informatics and Liberty (CNIL)

The National Commission on Informatics and Liberty (Commission Nationale de l'Informatique et des Libertés), commonly known as CNIL, is the independent administrative authority in France responsible for ensuring compliance with data protection laws and safeguarding privacy rights.

Official Website: CNIL

 

Georgia:

Authority: Personal Data Protection Service

The Personal Data Protection Service operates in accordance with the Georgian Law on Personal Data Protection and other relevant regulations. It ensures that organizations and individuals comply with national data protection laws to protect individuals' privacy rights and promote responsible data processing practices.

Official Website: PDPS

 

Germany:

Authority: Federal Commissioner for Data Protection and Freedom of Information

The data protection supervisory authorities in Germany, Europe and the world cooperate closely. By agreeing on common positions, they take a stand in debates and create the practical basis for a good implementation of the law in companies and authorities. The BfDI is involved in all committees and their working groups.

Official Website: BFDI

Greece:

Authority: Hellenic Data Protection Authority

The Hellenic Data Protection Authority is the national Data Protection Authority for Greece. It resides in Athens and is in charge of enforcing GDPR in Greece, the Greek Data Protection Act 2019, the ePrivacy Directive implementation law and other provisions regarding the protection of personal data.

Official Website: HDPA

 

Hungary:

Authority: National Authority for Data Protection and Freedom of Information

The National Authority for Data Protection and Freedom of Information (NAIH) is responsible for monitoring and promoting the enforcement of two fundamental rights: the right to the protection of personal data and the right to freedom of information (access to data of public interest and data accessible on public interest grounds), as well as for the promotion of the free movement of personal data within the European Union.

Official Website: NAIH

 

Iceland:

Authority: Icelandic Data Protection Authority

The purpose of the Act is to promote the practice of personal data being processed in conformity with the fundamental principles of data protection and the right to privacy, and to ensure the accuracy and quality of personal data and the free movement of personal data within the EEA.

Official Website: IDPA

 

Ireland:

Authority: Data Protection Commission

The Data Protection Commission (DPC) is the national independent authority responsible for upholding the fundamental right of individuals in the EU to have their personal data protected. The DPC is the Irish supervisory authority for the General Data Protection Regulation (GDPR), and also has functions and powers related to other important regulatory frameworks including the Irish ePrivacy Regulations (2011) and the EU Directive known as the Law Enforcement Directive.

Official Website: DPC

 

Italy:

Authority: Italian Data Protection Authority

The Italian Data Protection Authority (Garante per la protezione dei dati personali) is an independent administrative authority established by the so-called privacy law (Law No. 675 of 31 December 1996) and regulated subsequently by the Personal Data Protection Code (Legislative Decree No. 196 of 30 June 2003)

Official Website: GPDP

 

Kazakhstan:

No specific DPA. The Committee on Legal Statistics and Special Records of the General Prosecutor's Office oversees some aspects of data protection.

Official Website: No Website

 

Latvia:

Authority: Data State Inspectorate

The Data State Inspectorate is a direct administrative institution under the supervision of the Cabinet of Ministers in accordance with Section 3 of the Law on the processing of personal data and is a supervisory authority for the processing of personal data within the meaning of the General Data Protection Regulation. The Authority carries out the tasks laid down in the General Data Protection Regulation and other laws and regulations in the field of the processing of personal data.

Official Website: DVI

 

Liechtenstein:

Authority: Data Protection Office

The DSS is responsible for ensuring compliance with data protection laws and regulations within Liechtenstein. Its primary role is to protect the privacy and personal data of individuals in accordance with national legislation and the European Union's General Data Protection Regulation (GDPR), as Liechtenstein is a member of the European Economic Area (EEA).

Official Website: DSS

 

Lithuania:

Authority: State Data Protection

The SDPI is tasked with regulating and enforcing data protection laws in Lithuania. It ensures that organizations processing personal data adhere to the principles and requirements outlined in the GDPR and other relevant legislation.

Official Website: SDPI

 

Luxembourg:

Authority: National Commission for Data Protection

The National Commission for Data Protection (CNPD) is an independent public institution with legal personality. It enjoys financial and administrative autonomy. It is responsible for verifying the legality of the files and all collection, use and transmission of information concerning identifiable individuals and must ensure in this context respect for the fundamental rights and freedoms of natural persons, in particular their privacy.

Official Website: CNPD

 

Malta:

Authority: Office of the Information and Data Protection Commissioner

The Office of the Information and Data Protection Commissioner is the national supervisory authority responsible for monitoring and enforcing the provisions of the GDPR and the Data Protection Act.

 

This Office is also responsible to enforce the provisions of the Freedom of Information Act and ensure that public authorities observe the requirements thereof.

Official Website: IDPC

 

Moldova:

Authority: National Center for Personal Data Protection

The NCPDP is responsible for regulating and enforcing data protection laws in Moldova. It ensures compliance with the national legislation on personal data protection, which includes the Law on Personal Data Protection and other relevant regulations.

Official Website: NCPDP

 

Montenegro:

Authority: Agency for Personal Data Protection and Free Access to Information

The agency works to promote a culture of data protection awareness and compliance within Montenegro. It engages in public outreach activities, campaigns, and initiatives to raise awareness of data protection rights and responsibilities among businesses, public authorities, and individuals.

Official Website: PDPL

 

Netherlands:

Authority: Dutch Data Protection Authority

The Data Protection Officer (DPO) is a relatively new position in the Netherlands. A DPO supervises the application of and compliance with privacy legislation within an organisation. There are now about 10,000 DPOs in the Netherlands. They have an independent function. For some organisations, it is mandatory to appoint a DPO and register him or her with the Dutch Data Protection Authority (DPA). Official Website: DPA

 

North Macedonia:

Authority: Directorate for Personal Data Protection

The Directorate upholds the rights of individuals regarding their personal data. This includes the right to access, rectify, erase, and restrict the processing of their personal information. The Directorate also handles complaints and inquiries from data subjects related to the processing of their data.

Official Website: PDPA

 

Norway:

Authority: Norwegian Data Protection Authority

The Norwegian Data Protection Authority is an agency of the Norwegian Government responsible for managing the Personal Data Act 2000, concerning privacy concerns. This Act replaced the Data Register Act 1978.

Official Website: DPA

 

Poland:

Authority: Personal Data Protection Office

UODO works to promote a culture of data protection awareness and compliance in Poland. It engages in public outreach activities, campaigns, and initiatives to raise awareness of data protection rights and responsibilities among businesses, public authorities, and individuals.

Official Website: UODO

 

Portugal:

Authority: National Data Protection Commission

The National Data Protection Commission (CNPD) is an independent administrative entity, with legal personality under public law and with authoritative powers, endowed with administrative and financial autonomy, which works alongside the Assembly of the Republic.

Official Website: CNPD

 

 

Romania:

Authority: National Supervisory Authority for Personal Data Processing

The National Supervisory Authority for the Processing of Personal Data, as an autonomous central public authority with general competence in the field of personal data protection, represents the guarantor of respecting the fundamental rights to private life and to the protection of personal data, stipulated especially by Articles 7 and 8 of the Charter of Fundamental Rights of the European Union, by Article 16 of the Treaty on the Functioning of the European Union and Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms.

Official Website: NSAPDP

 

Serbia:

Authority: Commissioner for Information of Public Importance and Personal Data Protection

The Commissioner for Information of Public Importance and Personal Data Protection is an autonomous public authority, who exercises his/her powers independently and whose competences are set by Article 44 of the Law on Personal Data Protection. For the purpose of exercising the duties within his/hers sphere of competence.

Official Website: PDP

 

Slovakia:

Authority: Office for Personal Data Protection of the Slovak Republic

The Office is a state administration body with nationwide competence, which participates in the protection of fundamental rights of natural persons in the processing of personal data and which supervises the protection of personal data, including supervision of the protection of personal data processed by competent authorities in the performance of tasks for the purposes of criminal proceedings.

Official Website: UOOU

 

Slovenia:

Authority: Information Commissioner

In Slovenia, the authority responsible for overseeing data protection and privacy issues, as well as access to public information, is known as the Information Commissioner (Slovene: Informacijski pooblaščenec).

Official Website: DPA

 

Spain:

Authority: Spanish Data Protection Agency

The independent public authority in charge of ensuring the privacy and data protection of citizens. The aim of this space is, on the one hand, to encourage people to know their rights and the possibilities that the Agency offers them to exercise them and, on the other hand, that obliged subjects have at their disposal an agile instrument that facilitates compliance with the regulations.

Official Website: AEPD

 

Sweden:

Authority: Swedish Data Protection Authority

The authority upholds the rights of individuals regarding their personal data. This includes the right to access, rectify, erase, and restrict the processing of their personal information. Individuals can file complaints with the Swedish Data Protection Authority if they believe their data protection rights have been violated.

Official Website: SDPA

 

Switzerland:

Authority: Federal Data Protection and Information Commissioner

The FDPIC is responsible for regulating and enforcing data protection laws in Switzerland. This includes ensuring compliance with the Federal Act on Data Protection (FADP) and other relevant legislation related to the processing of personal data.

Official Website: DPA

 

United Kingdom:

Authority: Information Commissioner's Office

In cases of serious data protection violations, the ICO has the authority to initiate legal proceedings against offending organizations. This may involve imposing fines, issuing enforcement notices, or taking other enforcement action to address non-compliance.

Official Website: ICO

 

Middle East

Bahrain:

Authority: Personal Data Protection Authority

The Law aims to protect the rights and freedoms of individuals and their personal data, by establishing a legal framework that defines the methods and means of processing data in a way that gives individuals confidence in all matters concerning their data handled by companies and organizations, and to be managed in an accurate, up-to-date and secure manner.

Official Website: PDP

 

Egypt:

Authority: Data Protection Authority

the Data Protection Centre ('DPC') is empowered to oversee and enforce the Data Protection Law including, inter alia, issuance of required licenses and authorization and certification in accordance with the Data Protection Law. Please note, however, that the DPC is not yet operational.

Official Website: DPC

 

Iran:

Authority: The Supreme Council of Information

Notification is not necessary if the breach couldn't result in identity deception, identity theft, or fraud affecting an Indiana resident.

Official Website: The Supreme Council of Information

 

Iraq:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Israel:

Authority: Data Protection Authority The Privacy Protection Authority

The Privacy Protection Authority is the Israeli regulatory and enforcing authority for personal digital information, in accordance with the Privacy Protection Law. The authority is responsible for the protection of all personal information held in digital databases.

Official Website: PPA

 

Jordan:

Authority: Ministry of Digital Economy and Entrepreneurship

Jordan is considered one of the leading countries in the MENA region to regulate personal information protection rules, as of September 17, 2023, the Jordanian Data Protection Law (the Law) is published in the Official Gazette, and according to the Law, it shall be effective after six months of being published.

Official Website: Ministry of Digital Economy and Entrepreneurship

 

Kuwait:

Authority: Communication and Information Technology Regulatory Authority (CITRA)

The Data Protection Regulation applies to all service providers irrespective of whether the data processing is undertaken inside or outside Kuwait, which requires that service providers inform users about how their data is collected, processed, and stored.

Official Website: CITRA

 

Lebanon:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Oman:

Authority: Information Technology Authority (ITA)

the ITA may not have direct responsibility for data protection and privacy regulation, it could still play a role in promoting best practices in data security and privacy within the ICT sector. Additionally, it may collaborate with other governmental bodies or agencies that have a more direct focus on data protection and privacy matters.

Official Website: ITA

 

Palestine:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

Qatar:

Authority: Data Protection Authority Ministry of Transport and Communications

In Qatar, the NCGAA is responsible for the enforcement of the Data Protection Law. Any data subject may submit a complaint to the NCGAA in the case of a violation of the Data Protection Law.

Official Website: DPA

 

Saudi Arabia:

Authority: Data Protection Authority Saudi Data and Artificial Intelligence Authority (SDAIA)

The SDAIA has a significant role in data protection and privacy regulation through the implementation and enforcement of relevant laws and regulations. One of the key laws in this regard is the Personal Data Protection Law, which was approved in Saudi Arabia in 2019 and came into effect in March 2022.

Official Website: SDAIA

 

Syria:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Turkey:

Authority: Data Protection Authority Turkish Personal Data Protection Authority

The Turkish Data Protection Authority is a government organization in Turkey which provides the protection of personal data and works to develop awareness in this respect in the public eye in line with the fundamental rights related with privacy and freedom.

Official Website: DPAT

 

United Arab Emirates:

Authority: Data Protection Authority Various authorities per emirate; Dubai International Financial Centre (DIFC) Data Protection Commissioner

The DIFC Commissioner of Data Protection is responsible for supervision and enforcement of the Data Protection Law, DIFC Law No. 5 of 2020. The law prescribes rules and obligations regarding the collection, handling, and use of personal data as well as rights and remedies for individuals who may be impacted by such processing. It is designed to balance the legitimate needs of businesses and organizations to process personal information with upholding an individual’s right to privacy.

Official Website: DIFC

 

Abu Dhabi:

Authority: The Abu Dhabi Global Market (ADGM) Office of Data Protection

The Office of Data Protection is responsible for promoting data protection within ADGM, maintaining the register of Data Controllers, enforcing the obligations upon Data Controllers and upholding the rights of individuals. It provides a range of information, guidance and tools not only to entities operating within ADGM, but also to individuals and the general public.

Official Website: ADGM

 

Dubai:

Authority: Dubai International Financial Centre (DIFC): Data Protection Commissioner. The DIFC Data Protection Commissioner oversees the data protection law within the DIFC, which is a financial free zone in Dubai

 

Dubai Healthcare City (DHCC): Dubai Healthcare City Authority Regulatory (DHCR). While not exclusively a data protection authority, DHCR oversees compliance with healthcare regulations, including patient data privacy, within the Dubai Healthcare City free zone

The DIFC Commissioner of Data Protection is responsible for supervision and enforcement of the Data Protection Law, DIFC Law No. 5 of 2020. The law prescribes rules and obligations regarding the collection, handling, and use of personal data as well as rights and remedies for individuals who may be impacted by such processing. It is designed to balance the legitimate needs of businesses and organizations to process personal information with upholding an individual’s right to privacy.

Official Website: DIFC

 

Sharjah:

Authority: Personal Data Protection Law

Official Website: No Website

 

Ajman:

Authority: Personal Data Protection Law

Official Website: No Website

 

Umm Al Quwain:

Authority: Personal Data Protection Law

Official Website: No Website

 

Ras Al Khaimah:

Authority: Personal Data Protection Law

Official Website: No Website

 

Fujairah:

Authority: Personal Data Protection Law

Official Website: No Website

 

Yemen:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

 

Africa:

Algeria:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

Angola:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Benin:

Authority: 

Not specifically designated as of April 2023

Official Website: No Website

 

Botswana:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Burkina Faso:

Authority: Commission de l'Informatique et des Libertés (CIL)

It oversees privacy matters, promotes awareness, and ensures compliance with privacy legislation within the province.

Official Website: CIL

 

Burundi:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Cabo Verde:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Cameroon:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Central African Republic:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Chad:

Authority: Agence Nationale de Sécurité Informatique et de Certification Electronique (ANSICE)

Official Website: No Website

Comoros:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Congo (Democratic Republic):

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Djibouti:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Egypt:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Eritrea:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Eswatini (Swaziland):

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Ethiopia:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Gabon:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Gambia:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

 

Ghana:

Authority: DPA Data Protection Commission

The Commission provides for the process to obtain, hold, use or disclose personal information and for other related issues bordering on the protection of personal data. The Commission is given several powers under the Act including the power to acquire property under the State Property and Contracts Act, 1960 (C.A.6) or the State Lands Act, 1962 (Act 125).

Official Website: DPA

 

Guinea:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

GuineaBissau:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Ivory Coast (Côte d'Ivoire):

Authority: Autorité de Protection des Données Personnelles (APDP)

The Autorité de Protection des Données Personnelles (APDP), also known as the Data Protection Authority in English, is responsible for overseeing data protection and privacy matters in Ivory Coast (Côte d'Ivoire). The APDP's role involves regulating the processing of personal data, ensuring compliance with data protection laws, and protecting individuals' privacy rights in the country.

Official Website: APDP

 

Kenya:

Authoity: Office of the Data Protection Commissioner
 Kenya has established the Office of the Data Protection Commissioner (ODPC) as the regulatory authority responsible for overseeing data protection matters in the country. The ODPC plays a crucial role in enforcing data protection laws, promoting compliance with data protection regulations, and protecting individuals' privacy rights.

Official Website: ODPC

 

Lesotho:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Liberia:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Libya:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Madagascar:

Authority: Francophone Association of Personal Data Protection Authorities ('AFAPDP')

the Francophone Association of Personal Data Protection Authorities (AFAPDP) is an organization that promotes collaboration and cooperation among French-speaking countries in the field of data protection. While AFAPDP facilitates dialogue and exchange of information among its member authorities, it does not serve as a data protection authority in any specific country, including Madagascar.

Official Website: AFAPDP

 

Malawi:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Mali:

Authority: Autorité de Protection des Données à Caractère Personnel (APDP)

The APDP upholds the rights of individuals concerning their personal data. This includes the right to access, rectify, erase, and restrict the processing of their personal information. Individuals can file complaints with the APDP if they believe their data protection rights have been violated.

Official Website: APDP

 

Mauritania:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Mauritius:

Authority: Data Protection Office

Official Website: No Website

 

Morocco:

Authority: Commission Nationale de Contrôle de la Protection des Données à Caractère Personnel (CNDP)
 The Commission Nationale de Contrôle de la Protection des Données à Caractère Personnel (CNDP), also known as the National Commission for the Control of Personal Data Protection, serves as the regulatory authority responsible for overseeing data protection matters in Morocco.

Official Website: CNDP 

 

Mozambique:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Namibia:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Niger:

Authority: Commission Nationale de Protection des Données à Caractère Personnel (CNPDP)

In cases of serious data protection violations, the CNPDP has the authority to initiate legal proceedings against offending organizations. This may involve imposing fines, issuing warnings, or taking other enforcement measures to address non-compliance.

Official Website: No Website

 

Nigeria:

Authority: National Information Technology Development Agency (NITDA)

The Honduran National Constitution safeguards habeas data, granting individuals the right to access records affecting personal honor and family privacy, with a key goal of data protection being the security and safeguarding of public information.

Official Website: NITDA

 

São Tomé and Príncipe:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Rwanda:

Authority: Data Protection and Privacy Office

wanda has established the Data Protection and Privacy Office (DPPO) as the regulatory authority responsible for overseeing data protection matters in the country. The DPPO plays a crucial role in enforcing data protection laws, promoting compliance with data protection regulations, and protecting individuals' privacy rights.

Official Website: DPPO 

 

Senegal:

Authority: Superintendencia de Competencia (SC)

The CDP supervises the processing of personal data by data controllers and processors in Senegal. It conducts audits, inspections, and investigations to assess compliance with data protection laws and may impose sanctions for non-compliance.

Official Website: CDP

 

Seychelles:

Authority: Data Protection Commissioner

Official Website: No Website

Sierra Leone:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Somalia:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

South Africa:

Authority: Information Regulator

The National Authority for Transparency and Access to Information (ANTAI) of Panama is the governing authority for compliance with the Transparency Law. ANTAI also supervises conventions, agreements, commitments, provisions, treaties, programs and any other national and international issue regarding prevention against corruption.

Official Website: IR

 

South Sudan:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Tanzania:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Togo:

Authority: Commission Nationale de l'Informatique et des Libertés (CNIL)

Togo has established the Commission Nationale de l'Informatique et des Libertés (CNIL), which translates to the National Commission for Information Technology and Civil Liberties. The CNIL serves as the regulatory authority responsible for overseeing data protection matters in the country.

Official Website: CNIL

 

Tunisia:

Authority: Instance Nationale de Protection des Données Personnelles (INPDP)

Tunisia has established the Instance Nationale de Protection des Données Personnelles (INPDP), which translates to the National Instance for the Protection of Personal Data. The INPDP serves as the regulatory authority responsible for overseeing data protection matters in the country. The INPDP plays a crucial role in enforcing data protection laws, promoting compliance with data protection regulations, and protecting individuals' privacy rights.

Official Website: INPDP

 

Uganda:

Authority: National Information Technology Authority – Uganda (NITA-U)

The Personal Data Protection Office is Uganda’s independent data protection office. It is established as an independent office under the National Information Technology Authority, Uganda (NITA-U) and is responsible for overseeing the implementation of and enforcement of the Data Protection and Privacy Act No. 9 of 2019. The Office is headed by a National Personal Data Protection Director.

Official Website: NITA-U

 

Zambia:

Authority:

Not specifically designated as of April 2023

Official Website: No Website

 

Zimbabwe:

Authority:

Not specifically designated as of April 2023

Official Website: No Website