Section 32, NDPA

Data Protection Officers

(1) A data controller of major importance shall designate a Data Protection Officer with expert knowledge of data protection law and practices, and the ability to carry out the tasks prescribed under this Act and subsidiary legislation made under it.

(2) The Data Protection Officer may be an employee of a data controller or engaged by a service contract. ;

(3) The Data Protection Officer shall —

(a) advise the data controller or the data processor, and their employees, who carry out processing made under this Act;

(b) monitor compliance with this Act and related policies of the data controller or data processor; and

(c) act as the contact point for the Commission on issues relating to data processing.

This is Section 32 of the Nigeria Data Protection Act 2023. To explore the rest of the legislation, please use the links below:

• See the Full Act (Index)
• Next, Read Section 33: Data protection compliance services
• Back to Section 31: Children or persons lacking the legal capacity to consent

Please leave this field empty

Get Ahead of the Curve.

Receive awesome, cutting-edge insights directly in your inbox.

We don’t spam! Read our privacy policy for more info.

Almost there! Check your inbox (or spam folder) to confirm your subscription.