How To Become NDPR Compliant As A Tech Company

Are you looking to become NDPR-compliant as a tech company? This article covers everything you need to begin.

NDPR has outlined compliance requirements in the form of obligations for companies involved in data activities. These companies are in two categories – data controllers and data processors. The focus of this article is to explore key compliance obligations required from both entities as defined by NDPR.

Let’s begin.

What Is The Distinction Between A Data Controller And A Data Processor?

It’s vital to become NDPR compliant as a tech company. As explained earlier, tech companies comprise data controllers and data processors. Let’s look at their differences.

A data controller determines the purpose of data and decides the data processing system. On the other hand, a data processor merely processes the data on behalf of the data controller.

Importantly, NDPR compliance would usually be determined by the setup of the applicant company structure. The proceeding subheads give insight into the compliance measures for a data controller or a data processor.

Compliance Requirements For Data Controllers

The following are the major compliance requirements for data controllers as prescribed by the NDPR

• Data controllers who process the personal data of more than 2000 data subjects in a 12-month period are obligated to submit a summary of its data protection audit to the NDPR, not later than 15th March of the following year.

• A data controller has to inform the data subject of the purpose(s) of the processing for which the personal data is intended and shall also inform a data subject of any subsequent use different from originally agreed terms.

• Additionally, a data controller needs to stipulate in its privacy policy how long personal data will be stored.

• A data controller has to install an effective data security apparatus in order to keep the collected data confidential and protect it against cyber-attacks.

• Importantly, a data controller must also ensure that the consent of a data subject is obtained without fraud, coercion, or undue influence.

• A Data Controller needs to designate a Data Protection Officer (DPO), principally to ensure compliance with the obligations under the regulations.

• Data controllers have an obligation to maintain data processing records.

• Audit of its privacy and data protection practices is also a requirement for the purpose of implementation of the NDPR. Six months after the regulation came into force, this has to be ready.

Compliance Requirements For Data Processors 

• Essentially, the obligations of the data processors are largely to the data controllers. Some of them are;

• Facilitating and processing data on behalf and upon instructions of the data controllers.

• Inform data controllers of changes in legal requirements and disks with respect to personal data.

In conclusion, this compliance checklist is for companies in data activities. Complying with them helps to avoid the stringent liabilities that accompany noncompliance.

Other Informative Articles On Our Website You Might Like

References

https://www.dataguidance.com/notes/nigeria-data-protection-overview accessed on Feb 17, 2023

2 5 Steps to Compliance with the Nigeria Data Protection Regulation Read more at: https://www.appknox.com/blog/5-steps-to-compliance-with-the-nigeria-data-protection-regulation accessed on Feb 17, 2023

3 Nigeria Data Protection Regulation, available at, https://www.google.com/url?sa=t&source=web&rct=j&url=https://nitda.gov.ng/wp-content/uploads/2021/01/NDPR-Implementation-Framework.pdf&ved=2ahUKEwiVmNLpw5z9AhVXSvEDHbP-Cz4QFnoECDkQAQ&usg=AOvVaw1vqz1cxRXiekqUGjzREiCz  accessed on Feb 17, 2023

Do you seek redress or consultation on legal matters?

Our Law Firm – Scotts Legal – offers specialized law services in areas including but not limited to the following:

  • Fraud
  • Family Law
  • Legal Advice
  • Civil Litigation
  • Domestic Violence
  • International Trade
  • Commercial Litigation
  • Intellectual Property
  • Mergers & Acquisitions
  • Corporate Restructurings
  • Energy & Natural Resources

Contact Us TODAY

Follow us on our social media handles:

Constantly get our news updates and informative articles.

Share:

More Posts

Send Us A Message

Translate »