Introduction

The Ministry of Information Technology, Communication and Innovation of the Republic of Mauritius has implemented a National Authentication Framework to enable citizens to avail of Government e-services in a secured manner through a single authentication window using a single user ID and password.

The framework, commonly known as MauPass, will be rebranded to KOREK and enhanced by extending the platform’s functionality through real-time integration with the Central Population Database and the Integrated Driving License Management System (IDLMS). This will allow users to securely view their personal data, driving licence details, and penalty points on the application for informational and verification purposes only.

All processing of personal data shall be carried out in accordance with applicable Government policies and approved interoperability standards. Access to such data shall be restricted to authorised users and officers based on defined roles, supported by strong authentication mechanisms, audit logging, and monitoring controls to ensure traceability and accountability. No additional personal data shall be retained beyond what is necessary for the secure operation of the service, and all information shall be protected against unauthorised access, disclosure, alteration, or misuse in accordance with established Government security standards.

This Privacy Policy explains how the Ministry collects, uses, discloses, and safeguards information when citizens visit the website maupass.govmu.org and the mobile application, including any other media form, media channel, mobile website, or mobile application related or connected thereto (collectively, the “Site”).

The Ministry reserves the right to make changes to this Privacy Policy at any time and for any reason. Any changes or modifications will be effective immediately upon posting the updated Privacy Policy online.

Collection of Information for National Authentication Framework (Rebranded as KOREK)

KOREK provides a centralised authentication facility through, inter alia, SMS, email, and mobile authentication for a number of e-services and m-services for citizens and non-citizens. The Ministry may collect the following information:

• Personal Data: Name, address, email address, telephone number, and gender.
• Derivative Data: KOREK servers automatically collect information such as user IP address, browser type, operating system, logs, access times, and pages viewed directly before and after accessing the Site. When accessed via a mobile application, this may also include device name and type, operating system, phone number, country, and other interactions with the application. Logs are not shared with any third party and may only be disclosed to police or investigating agencies in accordance with applicable law.
• Mobile Device Data: Mobile device ID, model, manufacturer, and information about the location of the device when the Site is accessed from a mobile device.

Use of User Information

Having accurate information about users enables the Ministry to provide a smooth, efficient, and customised experience. Information collected via the Site or mobile application may be used to:

• Assist in law enforcement and respond to subpoenas;
• Compile anonymous statistical data and analysis for internal use or with third parties;
• Create and manage user accounts;
• Send emails and SMS notifications related to user accounts;
• Enable user-to-user communications;
• Generate personal profiles for access to other Government sites;
• Increase efficiency and operational effectiveness of the Site and mobile application;
• Monitor and analyse usage trends to improve user experience;
• Prevent fraudulent transactions and protect against criminal activity; and
• Respond to user service requests.

Disclosure of User Information

The Ministry may share information collected about users with other Ministries and Government departments as provided for under applicable legislation.

Tracking Technologies

Cookies and Web Beacons

The Ministry may use cookies on the Site and mobile application to enhance user experience. Personal information is not collected through tracking technologies. Most browsers accept cookies by default; however, users may choose to reject cookies, which may affect the availability or functionality of the Site or mobile application.

Security of User Information

The Ministry ensures that personal information is securely stored at the Government Online Centre (GOC), the Government data centre. Reasonable technical and organisational measures are implemented to safeguard user data.

Options Regarding User Information

Account Information

Users may review, update, or terminate their accounts at any time by:

• Logging into account settings and updating account information; or
• Contacting the Ministry using the contact details provided below.

Users are responsible for ensuring that their details, including contact information used for OTPs, remain accurate and up-to-date.

Upon a request to terminate an account, the Ministry will deactivate or delete the account from active databases. Certain information may be retained to troubleshoot issues, assist investigations, enforce Terms of Use, comply with legal requirements, and prevent fraud.

Emails and Communications

Users who no longer wish to receive communications from the Ministry may opt out by:

• Setting preferences during account registration;
• Updating preferences within account settings; or
• Contacting the Ministry using the details provided below.

User accounts will be deleted six (6) months after a user has indicated their wish to opt out of the National Authentication Framework.

As a data controller, the Ministry complies with the provisions of the Data Protection Act 2017 in the processing of personal data.

Contact Information

The Permanent Secretary
Ministry of Information Technology, Communication and Innovation
7th Floor, SICOM Tower
Wall Street
Ebène
Republic of Mauritius

Last updated on: 20th June 2025