Law: Data Protection Act 2017 ('the Data Protection Act')
Regulator: Data Protection Office ('the Office')
Summary: The Data Protection Act was passed by the Mauritian Assembly on the 8 December 2017 and repealed the Data Protection Act 2004. Mauritius also became a signatory to Convention for Protection of Individuals with regard to Automatic Processing of Personal Data ('Convention 108') in 2016. The Data Protection Act was designed to be aligned with international standards, and specifically the EU's General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') and Convention 108. In general terms, the Data Protection Act follows many of the provisions and approaches of the GDPR.