In short – yes. The European Unions’ General Data Protection Regulation (GDPR) – which applies as of May 2018 – has hit the world like a tornado, and Namibia can no longer hide. The new GDPR, which replaces the Data Protection Directive 95/46/ec, aims to protect the personal data of EU Citizens regardless of where and how they are interacting with the world.
Up to now, when dealing with EU Citizens, you had to deal with 28 different data protection laws. For many companies looking to access new markets this fragmented created costly administrative burdens. It also made the regulation of this law almost impossible and rather cumbersome.
The new regulation aims to cut red tape at the same time ensuring the protection of EU Citizen’s data.
According to the GDPR, the same rules will apply to both companies established in the EU or outside the EU. All companies processing the personal data of individuals based in the EU offering services or products will have to comply with the EU data protection rules.
If you answered yes to any of the above questions, you will need to comply to the GDPR.
While the GDPR applies from May 2018 a deadline of May 2019 has been given by the EU, which means all companies (world-wide) are given a grace period to comply before May next year. The Namibian Data Protection Authority monitors compliance; their work is coordinated at EU-level. The cost of non-compliance is rather steep:
Below are a couple of additional resources for more information about GDPR: