Rwanda: National Cyber Security Authority published guidance on data protection terms and their meanings

On 8 April 2022, the National Cyber Security Authority (NCSA) published guidance on data protection terms and their meanings. This guidance outlines terminology related to personal data protection and privacy, necessary for understanding and complying with Rwanda’s laws. Terms include personal data, sensitive personal data, privacy, data controller, data processor, data processing, data subject, and third party. In particular, the guidance defines sensitive data as any information revealing a person’s race, health status, criminal records, medical records, social origin, religious or philosophical beliefs, political opinion, genetic or biometric information, sexual life or family details.