DPDPA is now in force in India. Run a free privacy scan on your site. Scan now

πŸ‡¬πŸ‡­ Sub-Saharan Africa

Cookie consent in Ghana

Consent and privacy law in Ghana

In short
Ghana's Data Protection Act, Act 843 of 2012, was one of the earlier comprehensive data protection laws in West Africa and is enforced by the Data Protection Commission. A distinctive feature is a strong registration regime, under which data controllers must register with the Commission and renew that registration periodically, with registration being a prominent compliance focus. The Act sets out principles for lawful processing, data subject rights, and security requirements. Consent must be obtained where it is the basis for processing, and special care applies to sensitive data. Notices in English are common. Cookies that identify users are personal data subject to the Act.
Authority
Data Protection Commission
Status

Data Protection Act 2012, Act 843, in force with active registration requirements

Primary law
DPA GH
Languages

en

Who must comply

Data controllers established in Ghana, and those abroad that use equipment in Ghana to process personal data, handling data of people in Ghana.

Penalties

Fines and imprisonment for offences under the Act

Key obligations

  • Process only with consent or another lawful justification
  • Provide notice of purpose before collection
  • Apply stronger protection for special personal data
  • Honor access, correction and objection rights
  • Register with the commission as a data controller

Local guidance

  • Register with the Data Protection Commission and renew on time
  • Obtain consent where it is the basis for processing
  • Apply extra care to sensitive data
  • Provide notices in English

How ConsentX helps

  • Informed, non-coerced opt-in consent capture
  • Notice of purpose in the banner
  • Stronger flows for special personal data
  • Rights request workflow with evidence
  • Region rule engine tuned for Ghana
Get started free
yoursite.com
πŸ‡¬πŸ‡­ Ghana

We value your privacy

We ask for your consent before any non-essential cookie, with the rules that apply in your region.

Allow allReject non-essentialManage preferences

This page is a plain-English summary for general information and is not legal advice. Confirm your obligations with qualified local counsel.

How to comply with Ghana using ConsentX

  1. 1

    Scan your website

    Run a free scan to find every cookie and tracker on your site, so you know exactly what needs consent under Ghana.

  2. 2

    Show a geo-aware consent banner

    Add the ConsentX banner. It detects each visitor region and shows the consent experience that Ghana requires, automatically.

  3. 3

    Block trackers until consent

    Keep non-essential cookies and trackers blocked until the visitor agrees, so nothing fires before consent.

  4. 4

    Record tamper-evident proof

    Every choice is stored as a tamper-evident consent receipt you can produce in a Ghana audit.

  5. 5

    Handle data requests on time

    Use the built-in DSAR workflow with SLA timers to answer access, deletion and opt-out requests within the legal deadline.

Frequently asked questions

Do data controllers register in Ghana?+

Yes. Ghana's Act 843 requires data controllers to register with the Data Protection Commission and to renew that registration periodically, which is a central compliance obligation.

When did Ghana's data protection law take effect?+

Ghana enacted its Data Protection Act, Act 843, in 2012, making it one of the earlier comprehensive data protection laws in West Africa.

Governing law

πŸ‡¬πŸ‡­ DPA GH

Other countries in Sub-Saharan Africa

πŸ‡ΏπŸ‡¦ South AfricaπŸ‡³πŸ‡¬ NigeriaπŸ‡°πŸ‡ͺ Kenya