Data Protection

Following the coming into force of the European Union General Data Protection Regulation (“EU GDPR”), many countries and jurisdictions have enacted their own data privacy laws, most of which align closely on the provisions of the aforementioned EU legislation.

The Data Protection Act 2017 (“DPA”) came into force in 2018 and provides enhanced legal obligations for data controllers and processors together with enhanced rights for individuals. The DPA provides a national framework to ensure appropriate protection of personal data processed by data controllers and processors in or from Mauritius. It is therefore of utmost importance for organisations to assess their compliance requirements with regards to the DPA, including how they collect and process personal data.

How can we help?

Data Protection

Our team has designed Data Protection Compliance frameworks for companies established in different countries, including Mauritius and the United Arab Emirates.

We can design a framework tailor-made for your organisation, taking into consideration the category of personal data and data subjects, the line of business you are in and technical and organizational measures that would be adequate to ensure secure processing of personal data. We can manage your data protection project from inception to implementation, including providing an on the job training to your employees on how to integrate the framework in their day to day work.


A Data Protection Health Check will enable you to verify your compliance status with regards to prevailing data protection legislations. The Health Check will audit your data protection compliance framework from the initial step of collection of personal data, to how it is processed and how rights of data subjects are being exercised. As a result of the Health Check, you will be in a position to:

  • Demonstrate to the regulator that an independent third party audited your data protection compliance framework
  • Have first hand knowledge of your compliance status with prevailing laws
  • And prepare an action plan to improve your data protection framework, if required

How can we help?

Our team has the expertise, and experience in designing, implementing, auditing and acting as Data Protection Officer in Mauritius and other jurisdictions, including the United Arab Emirates.

We can conduct a Data Protection Health Check based on the Data Protection legislation in your home jurisdiction and provide you with a Health Check report which will outline your compliance status, any non-compliance areas and practical recommendations to improve your Data Protection Framework.

A Data Protection Officer is responsible to monitor data protection compliance, inform and advise on the overall data privacy obligations. This role is therefore crucial in an organisation and a legal requirement in Mauritius and other jurisdictions (depending on the applicable law).

Our compliance experts have experience in acting as Data Protection Officer for companies established in Mauritius and abroad, including the United Arab Emirates. We can provide you with the Data Protection Officer service and ensure that your compliance framework is up to the standards and mitigate risks which may arise in this area.

Our Data Protection Officer services include:

-Having a qualified and experienced professional acting as Data Protection Officer

-Ongoing Advisory and Guidance on Data Protection matters

-Ongoing monitoring of your Data Protection Compliance

-Ongoing reporting on your Data Protection Compliance to Senior Management

-Establishing and monitoring a Record of Processing of Activities

-Assisting with handling of potential Data Protection breaches or incidents

Establishing an appropriate Data Protection Compliance Framework, taking into consideration the activities of the client in different jurisdictions.

How can we help?

  • Drafting relevant policies, procedures and processes taking into consideration your specific data flow from collection to processing
  • Implement the Record of Processing Operations
  • Assist with the implementation of appropriate security measures
  • Conducting Data Protection Impact Assessments
  • Implementing a Personal Data Breach Management Process

Note that the above list is not exhaustive.

The Data Protection landscape is becoming increasingly complex with different countries enacting their own laws which may differ on several aspects. It may therefore be difficult for in-house data protection officers to kept abreast of this constant legal and regulatory evolution.

We have been acting as Data Protection Officer in Mauritius and in the United Arab Emirates, including supporting in-house officers with their obligations regarding EU GDPR. We can help your in-house Data Protection Officer by:

  • Supporting him in his day-to-day data protection duties
  • Assisting with reviewing and updating the existing framework on a regular basis
  • Monitor and Test the Data Protection Compliance Framework
  • Act as liaison person with the regulator

We can help you in the implementation of your Record of Processing Operations in line with applicable legal requirement.

Contact Info

This website uses cookies to ensure you get the best experience on our website. Please refer to our privacy policy and cookie policy for more information