Mauritius Data Protection Act ("DPA"), 2017

The Mauritius Data Protection Act, 2017 (DPA) governs privacy rights of individuals in relation to requirements of collection, processing, storage, transfer and handling of personal information/sensitive personal information. The formulation of DPA is a response to the requirement of public security, transparent business practices, efficiency in administrations, economic development and growth in technology. The said regulation is seeking to strike a balance between the interests of businesses, Government and the fundamental right to privacy of individuals.

Our brief provides an overview and the evolution of the Mauritius Data Protection Act, 2017 and highlights the key differences between the Mauritius DPA and General Data Protection Regulation (GDPR) which came into effect on 25 May, 2018, changing the global privacy landscape.

Deloitte has a dedicated team of specialists with a deep expertise in privacy data protection programs across large scale and complex organizations, embedding change and offering a full spectrum of DPA and GDPR related services.