Population: 10,524,117

Capital: Gitega

President: Pierre Nkurunziza

2019 Freedom House Score: 14/100

Despite not having a comprehensive data protection law, Burundi has been a party to meetings of the East African Community (EAC) to consider the status of cyber laws and highlight areas for reform. A few sectoral laws and regulations contain data protection provisions or impose confidentiality obligations on specific types of personal information. Employment, banking, telecommunications, and healthcare are among the sectors covered.

Personal data is not defined under Burundian law.

Certain sectoral laws and regulations require data handlers to process personal information confidentially.

Burundi has no data protection authority, and no requirement to appoint data protection officers.

There are no laws restricting cross-border transfer, but under some sectoral laws, companies are required to gain consent before transferring personal information to third parties.

Burundian law contains no data security or breach requirements.