Crest
Isle of Man Government
Reiltys Ellan Vannin
Isle of Man Government Crest

O.D.P.S.

Office of the Data Protection SupervisorOffice of the Data Protection SupervisorOik Oaseir Coadey Fysseree Ellan Vannin

The Eight Data Protection Principles

The Eight Data Protection Principles are central to the Act and are intended to protect the rights of the individuals about whom Personal Data are processed. The data protection principles set out good practice and by complying with the principles businesses(data controllers) will protect their own interests as well as those of Data Subjects.

All data controllers, even those exempt from the requirement to notify, must comply with the data protection principles.

In summary the eight data protection principles are:

The Data Protection Principles
Personal data must be
1. Used fairly and lawfully
2. Used for specific and lawful purposes, in a manner that is compatible with those purposes
3. Adequate, relevant and not excessive
4. Accurate and where necessary kept up to date
5. Kept for no longer than necessary
6. Used in accordance with the rights of individuals under the Act
7. Kept secure to avoid unauthorised or unlawful use, accidental loss, or damage
Personal data must not be
8. Transferred to another country unless that country has an adequate level of protection.

It is recommended that a Data Controller should consider the development of policies and Codes of Practice to ensure compliance with the Principles.

The Office of the Data Protection Supervisor is happy to assist any organisation which wishes to develop policies or Codes of Practices.

banner