Organic Act 2004-63 Personal Data
Tunisia
2004
Privacy
Overview
Organic Act No. 2004-63 is Tunisia's primary data protection law, enacted in 2004 to regulate the collection, use, storage, and transfer of personal data. It protects individual privacy and applies to both the public and private sector.The law covers a wide range of entities including banks, insurance companies, telecom operators, healthcare providers, e-commerce platforms, and other organizations that handle personal data in Tunisia. It requires explicit consent, places restrictions on sensitive data, and mandates that all processing be reported to the national authority, INPDP.
Key Obligations
- Obtain explicit consent from individuals before collecting or processing personal data
- Avoid processing sensitive personal data unless authorized by the INPDP
- Notify the INPDP before beginning any personal data processing activity
- Limit data collection to legitimate, declared purposes
- Ensure data confidentiality, integrity, and accuracy
- Prohibit cross-border transfers unless the recipient country ensures adequate protection
- Provide individuals with rights to access, correct, and object to data processing
Stay ahead of risk with Signzy
Explore tools that help you onboard, monitor, and verify with confidence
Identity Verification
Use facial match and liveness checks paired with government ID verification to make sure the person holding the document is the person you're onboarding.
MENA API Marketplace
Comprehensive API marketplace for the Middle East and North Africa region, offering localized verification and compliance solutions.
AML Screening
Comprehensive Anti-Money Laundering screening solutions to detect and prevent financial crimes through advanced monitoring and compliance tools.
