Nigeria: Data Protection Commission adopted General Application and Implementation Directive (NDPC/NDP ACT-GAID/01/2025) including registration as a data controller or data processor of major importance requirement

Data Protection Commission adopted General Application and Implementation Directive (NDPC/NDP ACT-GAID/01/2025) including registration as a data controller or data processor of major importance requirement

On 20 March 2025, the Nigeria Data Protection Commission (NDPC) adopted the Nigeria Data Protection Act (NDP Act) 2023 General Application and Implementation Directive (GAID) 2025 (NDPC/NDP ACT-GAID/01/2025), which mandates registration for data con…

Scope

Policy Area

Authorisation, registration and licensing

Policy Instrument

Business registration requirement

Regulated Economic Activity

infrastructure provider: internet and telecom services, infrastructure provider: cloud computing, storage and databases, infrastructure provider: network hardware and equipment, infrastructure provider: other

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2025-03-20

adopted

On 20 March 2025, the Nigeria Data Protection Commission (NDPC) adopted the Nigeria Data Protection…

2025-09-19

in force

On 19 September 2025, the Nigeria Data Protection Commission’s (NDPC) General Application and Imple…

Description

Data Protection Commission adopted General Application and Implementation Directive (NDPC/NDP ACT-GAID/01/2025) including registration as a data controller or data processor of major importance requirement

Scope

Complete timeline of this policy change