Rwanda: National Cyber Security Authority issued guidance right to portability, rectification and erasure

On 11 May 2022, the National Cyber Security Authority (NCSA) published guidance on the right to portability, rectification, and erasure. The guidance defines and clarifies three rights, the right to data portability, which enables individuals to transfer personal data between services, the right to rectification, which allows correction of inaccurate data and the right to erasure, which permits deletion of personal data under specific conditions. Data controllers must facilitate portability requests by providing personal data in a structured, commonly used, machine-readable format. They must also ensure data accuracy, promptly rectify inaccuracies, and delete personal data when conditions for erasure are met.