The Data Protection and Privacy Act (the Act) was passed in 2019 and the Data Protection and Privacy Regulations (DPP Regulations) under it were gazette in March 2021. Following the passing of the DPP Regulations, the Personal Data Protection Office (PDPO), an independent office under National Information Technology Authority (NITA) was operationalized in August 2021 whose mandate is to regulate the collecting and processing of personal data in Uganda.
Section 29 of the Act and Regulation 15 (1) of the DPP Regulations require the registration of all persons, institutions, and public bodies collecting and processing personal data with the PDPO. In our publication on the right handside, we have highlighted that this includes all who have employees and/or clients.
The PDPO has given a grace period up to the end of December 31, 2021, to enable all entities to register as required by the law.
Starting January 2022, the office shall start enforcement measures against entities that have not registered.
Guidance notes on how to register can be accessed from the PDPO’s website at https://www.pdpo.go.ug/register/
Please download our brief on the right hand side which contains its implication to your Organisation, key points to note and how we can help.
Kindly do not hesitate to reach out to us at advisory@ug.gt.com for any inquiries.