Grace period for compliance with Eswatini’s Data Protection Act ends in March, warns AVeS Cyber Security

Grace period for compliance with Eswatini’s Data Protection Act ends in March, warns AVeS Cyber Security
Charl Ueckermann Group CEO AVeS Cyber Security

With the two-year grace period for compliance with Eswatini’s Data Protection Act No. 5 of 2022 ending in March 2024, AVeS Cyber Security is extending its experience and expertise to its clients in the Kingdom. “Even though it is a statutory requirement, we have found that companies do not really know what to do about the requirements of the Act, let alone where to begin to implement it,” comments Group CEO Charl Ueckermann.

What is data privacy, and why is it so important?

In general, data privacy refers to the right of individuals to control how their personal information is collected, used, and shared by others. It protects individuals from identity theft, discrimination, harassment, and other harms that may result from unauthorised or inappropriate use of their data. It fosters trust and confidence in digital interactions and allows individuals to exercise their fundamental rights and freedoms in an increasingly data-driven world.

How is data privacy regulated?

Data privacy is regulated by various laws and standards, such as the General Data Protection Regulation (GDPR) in Europe and the Protection of Personal Information Act (POPIA) in South Africa, which require companies to respect and protect individuals’ data privacy rights.

Eswatini’s Data Protection Act regulates how personal data is collected, processed, disclosed, and protected, while considering the trade-offs between privacy of personal information and laws specific to different sectors and other relevant issues.

The Act empowers the Eswatini Communications Commission, which is Eswatini’s Data Protection Authority, to monitor and enforce compliance with the provisions of the Act by public and private bodies, among other things. The Act applies to any data controller or data processor who processes personal information within Eswatini.

What are the challenges posed by implementing data privacy?

Implementing robust data protection measures presents an array of challenges. Many companies attempt to get on top of compliance by using spreadsheets as a manual intervention. However, such an approach does not cater for compliance checklists and properly curated content, let alone status dashboards to monitor compliance once it is properly in place. As a result, efficient implementation is well-nigh impossible.

Another challenge is poor data inventory in terms of maintaining accurate records of the personal data collected. This is a mammoth undertaking that many companies have to face, while being exposed to potential legal and reputational damage. The risks of mishandling personal data range from regulatory fines to major financial losses.

A lack of data privacy expertise

This is often linked to a lack of data privacy expertise, which is where AVeS Cyber Security is ideally positioned to assist, especially if a company does not have a dedicated Data Protection Officer (DPO), let alone an in-house specialist. AVeS Cyber Security can identify any data privacy risks and propose a plan to mitigate these effectively.

With stakeholders, clients, and regulators breathing down a company’s back as the deadline approaches, AVeS Cyber Security is here to take the pressure off and ensure compliance is introduced from the ground up. Thanks to its extensive experience in the field of data protection and privacy, AVeS Cyber Security can assist any company in Eswatini, whether big or small, comply with tried-and-proven technical and organisational measures.

AVeS Cyber Security is experienced in all appropriate technical and organisational measures, including world-leading information security controls such as ISO/IEC 27001:2022 and ISO/IEC 27002:2022. Its expertise covers encryption, identity and access management, privileged access management, vulnerability and patch management, endpoint protection, anti-malware, virtual private networks, and zero-trust, among others.

For further information and friendly assistance, contact [email protected].


About AVeS Cyber Security

AVeS Cyber Security forms part of the AVeS Cyber International group of companies. It is a specialist in industry-specific IT Governance & Architectural services, combining expert knowledge and services with leading technology products to provide comprehensive Information Security and Advanced IT Infrastructure solutions.

Over the past 24 years, AVeS Cyber Security has strategically honed its solutions and services to help businesses future-proof their IT environments against the continually evolving threat landscape while achieving their digital transformation aspirations. The company offers a leading portfolio of professional services, products, and training in security, infrastructure, and governance solutions. Every year, the company continues to win numerous awards from some of the world’s top technology vendors, indicating competency, strength, innovation, and robustness in an industry that is fast growing in complexity due to evolving challenges, such as ransomware, advanced targeted attacks, and the Internet of Things.

The more recent awards include Kaspersky’s Africa Partner of the Year 2019, 2020 and 2021, 2022 and Partner of the year, Sophos’ Public Cloud Partner of the Year 2021, and ESET’s Best in the Biz Award 2021. AVeS Cyber Security also received prominent partner statuses across its portfolio, such as Microsoft Gold Security Partner, DellEMC Gold Partner, Veeam Silver Partner, and Sophos Platinum Partner.

Media Contact
Anna-Lize Menssink
Cell: 0792129811
Email: [email protected]



Media Contact

Andile Mbethe

Account Executive
NGAGE Public Relations
Phone: (011) 867-7763
Cell: 073 565 6536
Email: [email protected]

Browse the NGAGE Media Zone for more client news articles and photographs at