> On 11 Apr 2018, at 17:54, Mike Silber <silber.m...@gmail.com> wrote:
> 
> No issue with doing a proper information audit (what there is, where it is 
> stored, how it can be accessed and by whom). That is just good information 
> security practice.
> 
> However I am still not certain that holding any of that information actually 
> makes AfriNIC a controller in terms of the GDPR.

I am pretty sure that AFRINIC is a data controller in terms of the Mauritius 
Data Protection Act, which is aligned with GDPR.

Yes, we are auditing the information we hold and the way we process it, and I 
expect to be able to report on progress at the AIS meeting in early May.

Alan
_______________________________________________
Community-Discuss mailing list
Community-Discuss@afrinic.net
https://lists.afrinic.net/mailman/listinfo/community-discuss

Reply via email to