Law: National Ordinance for the Protection of Personal Data  (the National Ordinance)

Regulator: Personal Data Protection Supervisory Committee (the Committee)

Summary: Sint Maarten introduced privacy protections through the National Ordinance for the Protection of Personal Data (the National Ordinance), on October 10, 2010, following its independence. The National Ordinance was drafted prior to independence and then subsequently proclaimed after the Constitution was officially enacted. The National Ordinance sets out general principles governing the processing of personal data, including necessity, data minimization, and access limitations, and provides individual rights including access and improving, supplementing, deleting, or shielding data if it is factually incorrect. Furthermore, the National Ordinance introduces vendor management, disclosure, and data security requirements, while also establishing detail restrictions on the processing of sensitive data.

Notably, the National Ordinance provides data subjects with a private right of action and stipulates compensatory procedures for financial and non-financial losses, with the latter determined on a basis of fairness. The National Ordinance also provides for the establishment of the Personal Data Protection Supervisory Committee (the Committee) which is authorized to impose administrative orders for violations of the same. Moreover, the Committee is empowered to issue penalties, enforcement orders, and administrative orders that describe remedial measures to be taken by data controllers and processors.