Senegal Law on Personal Data Protection (Law No. 2008-12)
Senegal's Law No. 2008-12 on the Protection of Personal Data (2008) establishes a comprehensive data protection framework, making Senegal one of the first West African countries with dedicated data protection legislation. The Commission de Protection des Données Personnelles (CDP) oversees compliance. The law establishes processing principles, consent requirements, registration obligations, and individual rights. Aligned with the ECOWAS framework.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (6)
Breach
| Code | Title |
|---|---|
| SENEGAL-6 | Breach and Enforcement |
Consent
| Code | Title |
|---|---|
| SENEGAL-2 | Consent, Notice, Sensitive Data |
Governance
| Code | Title |
|---|---|
| SENEGAL-5 | CDP Notification, DPO, Governance |
Rights
| Code | Title |
|---|---|
| SENEGAL-3 | Data Subject Rights |
Scope
| Code | Title |
|---|---|
| SENEGAL-1 | Scope, Lawful Basis (Senegal Law 2008-12) |
Security
| Code | Title |
|---|---|
| SENEGAL-4 | Security and Cross-Border |
Frequently Asked Questions
What is Senegal Law on Personal Data Protection (Law No. 2008-12)?
Senegal Law on Personal Data Protection (Law No. 2008-12) is a compliance framework from Senegal with 6 domains and 6 controls. Senegal's Law No. 2008-12 on the Protection of Personal Data (2008) establishes a comprehensive data protection framework, making Senegal one of the first West African countries with dedicated data protection legislation. The Commission de Protection des Données Personnelles (CDP) oversees compliance. The law establishes processing principles, consent requirements, registration obligations, and individual rights. Aligned with the ECOWAS framework. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Senegal Law on Personal Data Protection (Law No. 2008-12) have?
Senegal Law on Personal Data Protection (Law No. 2008-12) has 6 controls organised across 6 domains. The largest domains are Breach (1 controls), Consent (1 controls), Governance (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Senegal Law on Personal Data Protection (Law No. 2008-12) map to?
Senegal Law on Personal Data Protection (Law No. 2008-12) does not currently have cross-framework mappings in our system. Check back as we continuously expand our mapping database.
How do I get started with Senegal Law on Personal Data Protection (Law No. 2008-12) compliance?
Start your Senegal Law on Personal Data Protection (Law No. 2008-12) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Senegal Law on Personal Data Protection (Law No. 2008-12) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 6 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.
Get Started Free →Free forever — no credit card required