Frequently Asked Questions - All FAQs

FAQs - All FAQs

Sensitive Data refers to the religious or philosophical beliefs, ethnic origin, race, Trade Union membership, political opinions, health, sexual life or criminal behavior individual

A data controller may appoint a certified and qualified data supervisor to act as a data protection supervisor. The data protection supervisor is responsible for the monitoring of the data controller’s compliance with the provisions of this Act. (Section 58)

Yes, a data subject has the right of access to his/her personal data. (Section 32 & 35)

Yes. A data subject may request a data controller to correct or delete his/her personal data. (Section 33)

Subject to subsection (5) of Section 35 a data controller shall comply with a request under this section promptly and in any event within forty days from the

date of receipt of the request.

Where an individual suffers damage or distress through the contravention by a data controller of the requirements of this Act, that individual is entitled to compensation from the data controller for the damage or distress. (Section 43)

Yes, it does. There are Sections of the Act that mandate the commission to take enforcement actions against and issue fines to data controllers who are non-compliant of this Act

A data controller who records personal data shall not retain the personal data for a period longer than is necessary to achieve the purpose for which the data was collected and processed

The Commission provides for the process to obtain, hold, use or disclose personal information and for other related issues bordering on the protection of personal data.