log in
All Articles | Back

Member Articles

GDPR - New EU Privacy Rules: African Organisations Take Note 

by Ridwaan Boda

Published: October, 2017

Submission: October, 2017



On 25 May 2018, a new set of privacy rules formed by the European Union (“EU”) will take effect. The General Data Protection Regulation (“GDPR”) seeks to replace the Data Protection Directive 95/46/EC. Organisations – including many African ones – will need to make changes to their oversight, technology, processes, and human resources to comply with the GDPR. The GDPR not only applies to organisations located within the EU, but also applies to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. The GDPR will also apply to all companies processing and holding personal data of data subjects residing in the EU, regardless of the company’s location. As such, many African organisations will be directly affected by the GDPR and will need to comply. Failure to do so can result in organisations being fined up to 4% of annual global turnover or EUR20-million. Such fines are significant and the time to comply is running out. For further information on GDPR compliance and on aligning compliance to South African legislation such as the Protection of Personal Information Act, 2013 (“POPI”), please contact:

Ridwaan Boda

technology, media and telecommunications director [email protected] cell: +27 83 345 1119







WSG Member: Please login to add your comment.


WSG's members are independent firms and are not affiliated in the joint practice of professional services. Each member exercises its own individual judgments on all client matters.

HOME | SITE MAP | GLANCE | DISCLAIMER |  © World Services Group, 2018