SOLUTIONS / NDPA
The Nigerian Data Protection Act(NDPA)
The Nigeria Data Protection Regulation (NDPR) was a set of
guidelines issued by the National Information Technology Development Agency
(NITDA) in 2019 to regulate the processing of personal data in Nigeria. The NDPR
was repealed and replaced by the Nigeria Data Protection Act (NDPA) in June
2023.
The NDPA is still a relatively new law, and it is not yet clear how it will be interpreted and applied in practice. However, it is a significant step forward for data protection in Nigeria, and it is expected to have a positive impact on the privacy of Nigerians.
The NDPA is still a relatively new law, and it is not yet clear how it will be interpreted and applied in practice. However, it is a significant step forward for data protection in Nigeria, and it is expected to have a positive impact on the privacy of Nigerians.
NDPA COMPLIANCE
All you Need to Know
The NDPA is a comprehensive piece of legislation that sets out the rights of
data subjects and the obligations of data controllers and processors. It covers
a wide range of topics, including:
The act applies to all storage and processing of Personal Data conducted in
respect of Nigerian citizens and residents. Examples of personal data are as
follows:
- The collection, use, and disclosure of personal data
- The security of personal data
- The rights of data subjects
- The obligations of data controllers and processors
- The collection, use, and disclosure of personal data
- Employee information as managed by HR
- Customer and subscribers data
- Vendors' and services providers' information
Personal data may contain one
or more of the following:
- Name, phone numbers, contact information
- Location information, financial information,
transaction history - Customer and subscribers data
- Gender, ethnicity, health records, sexual orientation
