Mauritius Data Protection Act ("DPA"), 2017

The act governs privacy rights of individuals pertaining to requirements of personal information.

What is Privacy and why is it important?

The Mauritius Data Protection Act, 2017 (DPA) governs privacy rights of individuals in relation to requirements of collection, processing, storage, transfer and handling of personal information/sensitive personal information. The formulation of DPA is a response to the requirement of public security, transparent business practices, efficiency in administrations, economic development and growth in technology. The said regulation is seeking to strike a balance between the interests of businesses, Government and the fundamental right to privacy of individuals.

Our brief provides an overview and the evolution of the Mauritius Data Protection Act, 2017 and highlights the key differences between the Mauritius DPA and General Data Protection Regulation (GDPR) which came into effect on 25 May, 2018, changing the global privacy landscape.

Deloitte has a dedicated team of specialists with a deep expertise in privacy data protection programs across large scale and complex organizations, embedding change and offering a full spectrum of DPA and GDPR related services.


Peter Manju Palal
Partner, Risk Advisory, Deloitte
Mobile +230 54225818

Did you find this useful?