Senegal Law 2008-12
Law 2008-12 on the Protection of Personal Data
Senegal's data protection law requiring prior authorization for health data processing with fines up to CFA 100 million.
Jurisdiction
Senegal
Enacted
Jan 25, 2008
Effective
Jan 1, 2014
Enforcement
Commission de Protection des Données Personnelles (CDP)
Why It Matters
Senegal's prior authorization requirement for health data creates significant compliance barrier for mental health chatbots and crisis support apps serving Senegalese users.
At a Glance
Applies to
Requires
Who Must Comply
- Data controllers and processors in Senegal
- Entities processing health or sensitive data
- Cross-border data transfers from Senegal
Safety Provisions
- Health data requires prior authorization from CDP
- Registration requirement for data processing
- Security measures proportionate to risk
- Cross-border transfer restrictions
- Right to access and correction
Compliance & Enforcement
Penalties
XOF 100M
View on map
Senegal
Focus Areas
Cite This
APA
Senegal. (2008). Law 2008-12 on the Protection of Personal Data.
Related Regulations
Zambia DPA
Zambia's comprehensive data protection law with special protections for vulnerable persons and DPIA requirements for high-risk processing.
Botswana DPA
Botswana's modernized data protection law requiring Data Protection Impact Assessment and establishing age 16 for consent.
Seychelles DPA
Seychelles' modern data protection law requiring DPO for large-scale processing and recognizing Cross-Border Privacy Rules certification.
Rwanda AI Policy
First African country to adopt comprehensive national AI policy. Establishes Responsible AI Office (RAIO) under MINICT. Implements RURA ethical guidelines covering beneficence, non-maleficence, autonomy, justice, explicability, transparency. Non-binding framework.
China CSL Amendments
First major revision of China's foundational Cybersecurity Law since 2017. Introduces formal AI governance provisions, significantly increases penalties, and expands extraterritorial application to all cybersecurity violations.
CA SB 524
Requires law enforcement agencies to disclose when AI is used to write or assist in creating official police reports, maintain audit trails, and preserve AI-generated first drafts.
Last updated January 22, 2026. Verify against primary sources before relying on this information.