View All - 2022 Acts
Section No :  
Acts & Ordinances
Marginal Notes
1. Short Title and date of operation
2. Application of this Act
3. The provisions of this Act to prevail in case of any inconsistency
4. Compliance with the data protection obligations
5. Obligation to process personal data in a lawful manner
6. Obligation to define a purpose for personal data processing
7. Obligation to confine personal data processing to the defined purpose
8. Obligation to ensure accuracy
9. Obligation to limit the period of retention
10. Obligation to maintain Integrity and confidentiality
11. Obligation to process personal data in a transparent manner
12. Accountability in the processing of personal data
13. Right of access to personal data
14. Right of withdrawal of the consent and the right to object to processing
15. Right to rectification or completion
16. Right to erasure
17. Grant or refusal of rectification, completion, erasure or refrain from further processing
18. Automated individual decision making
19. Right of appeal of the data subjects to the Authority and the process of determination of such appeal
20. Designation or appointment of the Data Protection Officer
21. Additional obligations of a controller
22. Additional obligations of the processors
23. Personal Data breach notifications
24. Personal data protection impact assessments
25. Measures to mitigate risks of harm and the requirement for prior consultation
26. Cross-border data flow
27. Solicited messages to data subjects by controllers
28. Establishment of the data Protection Authority
29. Constitution of the Board of Directors
30. Chairperson of the Board
31. Objects of the Authority
32. Powers of the Authority
33. Duties and functions of the Authority
34. Authority may issue licences
35. Directives made by the Authority
36. Appointment of the Director- General
37. Staff of the Authority
38. Imposition of penalties
39. Matters to consider when imposing a Penalty
40. Exemptions, restrictions or derogations
41. Fund of the Authority
42. Financial year and Audit of Accounts
43. Power to borrow
44. Delegation of powers, duties and functions of the Authority
45. Delegation of powers, duties and functions by the Director-General
46. Expenses to be paid out of the Fund of the Authority
47. Review of the performance of the Authority
48. Annual Report
49. Protection of officers of the Authority from suit or prosecution
50. All officers and employees of the Authority deemed to be public servants for the purposes of Penal Code
51. Authority deemed to be a scheduled institution for the purposes of Bribery Act
52. Rules
53. Regulations
54. Official Secrecy
55. Removal of difficulties
56. Interpretation
57. Sinhala text to prevail in case of inconsistency