15
2019
Data Protection
No.
(g) any other details as may be prescribed by the Data
Commissioner.
(3) A data controller or data processor who knowingly
supplies any false or misleading detail under sub-section
(1) commits an offence.
(4) The Data Commissioner shall issue a certificate of
registration where a data controller or data processor meets
the requirements for registration.
(5) A data controller or data processor shall notify the
Data Commissioner of a change in any particular outlined
under subsection (2).
(6) On receipt of a notification under sub-section (5),
the Data Commissioner shall amend the respective entry in
the Register.
(7) A data controller or data processor who fails to
comply with the provisions of this section commits an
offence.
20. A registration certificate issued under section 19
shall be valid for a period determined at the time of the
application after taking into account the need for the
certificate, and the holder may apply for a renewal of the
certificate after expiry of the certificate.
21. (1) The Data Commissioner shall keep and
maintain a register of the registered data controllers and
data processors.
(2) The Data Commissioner may, at the request of a
data controller or data processor, remove any entry in the
register which has ceased to be applicable.
(3) The register shall be a public document and
available for inspection by any person.
(4) A person may request the Data Commissioner for a
certified copy of any entry in the register.
22. The Data Commissioner may, on issuance of a
notice to show cause, vary terms and conditions of the
certificate of registration or cancel the registration where—
(a) any information given by the applicant is false or
misleading; or;
(b) the holder of the registration certificate, without
lawful excuse, fails to comply with any
requirement of this Act.
Duration of the
registration
certificate.
Register of data
controllers and
data processors.
Cancellation or
variation of the
certificate.
!