Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[AfriNIC-rpd] Regional Internet Registry Privacy

Adiel Akplogan adiel at
Thu Nov 1 12:40:25 UTC 2012

Hello SM,

On 2012-05-18, at 16:45 PM, sm+afrinic at wrote:
>> In reply to your mail regarding data retention, this
>> matter falls to be governed by the Data Protection Act
>> 2004 which regulates the whole domain of Data protection.I
>> have to underline that this Act is limited to data of a
>> personal nature.
> Is AfriNIC Ltd registered as a "Data Controller" under the Data Protection Act 2004?


> Does the Data Protection Act 2004 have any restriction against sending data which is of personal nature outside the jurisdiction of country to another country which does not provide similar protection for data of a personal nature?

Yes it has in it section 31 specifically sub-section 3.

>> If the query relates to other kind of data, then this
>> comes within the province of the Civil laws of Mauritius
>> if the data is retained within the jurisdiction of the
>> country. It then becomes an issue of contract e.g in the
>> case of data kept within the framework of cloud computing.
>> I hope this answers the query. I am at your disposal for
>> further clarification if need be.
> Is there any specific law(s) for the protection of financial information, e.g. credit card numbers, bank details, etc.?

There should be something that regulates how Bank in MU handle those data if they 
are considered different from personal data (I would think that they are not). The 
data protection act does not specifically cover these aspects.  The only related 
information I have find so far is from the DPO at:

and it still refers to the Data Protect Act. I will further look into this to check.

Hope that helps.

- a.

More information about the RPD mailing list