Data Protection Compliance Organisation
Document Control: V7.2
Publication: 12th April 2021
List of Licensed DPCO 2021:
Document Control: Datatable
Publication: 31st December 2021
NDPR Audit List 2021:
Document Control: NDPR Performance Report 2020-2021
Definition and Duties of DPCO
Article 1(3j) of the Nigerian Data Protection Regulation provides that a Data Protection Compliance Organisation (DPCO) is any entity duly licensed by NITDA for the purpose of training, auditing, consulting and rendering services aimed at ensuring compliance with this Regulation or any foreign Data Protection law or regulation having effect in Nigeria.
A DPCO may be one or more of the following;
with evidence of professional, academic certification or experiences in one or more of the following areas:
DPCOs are licensed to provide one or more of these services;
Documents Required for Licensing
The License obtainable shall be DATA PROTECTION COMPLIANCE LICENSE
Article 3.1.4 of the Regulation provides; The Agency shall by this Regulation register and license Data Protection Compliance Organisations (DPCOs) who shall on behalf of the Agency monitor, audit, conduct training and provide data protection compliance consulting to all Data Controllers under this Regulation. The DPCOs shall be subject to Regulations and Directives of NITDA issued from time to time.
Every filing by Data Controllers pursuant to this Regulation shall be accompanied by a DPCO Verification Statement. NITDA may appoint other DPCOs or by itself conduct investigation into a suspected breach of the Regulation.
FInancial Obligations OF DPCO
|1.||Annual License Fee||N50,000|
|2.||Filing of Report from 0 to 20,000 Data Subject||N10,000|
|4.||Filing of Report of 20,000 and above Data Subjects||N20,000|
Treasury Single Account (TSA) Payment should be made into:
NITDA Revenue e-Collection Account