What We Do

You Are Now Protected Should Your Personal Data Be Disclosed Unlawfully





The Act designates the Eswatini Communications Commission as the National Data Protection Authority, meaning the Commission is mandated to regulate how personal information is handled, investigate breaches in the handling of information and resolve any complaints relating to data breaches. In doing so the Commission may issue any sanction available in terms of the Act and may as well impose administrative fines whilst enforcing the Act’s provisions.

Regulate


The function of the authority is to regulate how personal information is handled.

investigate


The authority investigates breaches in the handling of information.

Resolve Complaints


It is the function of the authority to resolve any issues leading to data breaches.

Issue Sanctions


As part of our mandate, the authority issues sanctions




FUNCTIONS OF THE AUTHORITY FUNCTIONS OF THE AUTHORITY
  1. Authorize data controllers to process personal information for public interest consideration.
  2. Monitor and enforce compliance with Act.
  3. Ensure information processing compliance by controllers.
  4. Impose sanctions for the violation of the Act.
  5. Protect the respective rights of information privacy.
  6. Maintain, publish and provide copies of the registers under the Act.
  7. Receive, investigate and resolve complaints on alleged violations.
  8. Issue, approve, amend or revoke code of conduct.
  9. Conduct from time to time, audits of personal information maintained by controllers.
  10. Promote an understanding and acceptance of data protection principles.
  11. Undertake research and monitor developments in information processing.

STRATEGIC GOALS FOR EDPA STRATEGIC GOALS FOR EDPA
  1. Ensure Legal Compliance and Rights Protection: Administer the Data Protection Act and safeguard information privacy rights under the Act or any other applicable law. Engage in proactive measures to ensure that the processing of personal data by controllers aligns with the stipulations of the Data Protection Act.

  2. Promote Awareness and Understanding: Undertake educational initiatives to foster a broader understanding and acceptance of information protection principles among the public. Make public statements and publications to raise awareness about matters affecting the protection of personal information.

  3. Enforce Compliance and Monitor Developments: Monitor and enforce compliance with the Data Protection Act by both public and private bodies. Conduct research and monitor technological developments, ensuring that adverse effects on the protection of personal information are minimized

  4. International Collaboration and Advocacy: Collaborate with international data protection authorities, engaging in cooperative efforts on matters of data protection. Participate in international and regional cooperation and negotiations to address data protection issues impacting Eswatini.

  5. Effective Oversight and Resolution: Receive, investigate, and resolve complaints related to alleged violations of the Data Protection Act. Establish mechanisms for cooperation with other authorities and data protection bodies for the resolution of cross-border disputes. Impose administrative sanctions, including punitive measures, for violations, such as cancelling processing authorizations, fines, or damages awarded to the affected data subject.

              Privacy Statement               Copyright   ©   All rights reserved | Designed & Developed by ESCCOM IT