Acts 2017
471
An Act
To provide for new legislation to strengthen the control and
personal autonomy of data subjects over their personal data,
in line with current relevant international standards,
and for matters related thereto
ENACTED by the Parliament of Mauritius, as follows –
PART I – PRELIMINARY
1.
Short title
This Act may be cited as the Data Protection Act 2017.
2. Interpretation
In this Act –
“authorised officer” means an officer to whom the Commissioner
has delegated his powers under section 13;
“biometric data” means any personal data relating to the physical,
physiological or behavioural characteristics of an individual
which allow his unique identification, including facial images or
dactyloscopic data;
“collect” does not include receive unsolicited information;
“Commissioner” means the Data Protection Commissioner referred
to in section 4;
“consent” means any freely given specific, informed and
unambiguous indication of the wishes of a data subject, either by
a statement or a clear affirmative action, by which he signifies his
agreement to personal data relating to him being processed;
“controller” means a person who or public body which, alone
or jointly with others, determines the purposes and means of the
processing of personal data and has decision making power with
respect to the processing;