Advice and Guidance for Organisations
![]() | The DPA (Data Protection Act) is not in place to hinder business, following its standards not only protects customers and employees but also helps a business to be more effective | |
|---|---|---|
| Jonathan Bamford, United Kingdom Assistant Commissioner |
The advice and guidance on this website are our interpretation of what the Data Protection Act requires, the rights individuals have in respect of the processing of their personal data and of how the principles are intended to apply. Please note that the advice and guidance provided do not constitute legal advice. If you require legal advice or a legal opinion you should contact a Manx Advocate.
This page contains guidance notes issued by this Office, Codes of Practice and guidance issued by other data protection authorities, which are endorsed by this Office, and relevant news items.
Please contact the Office of the Data Protection Supervisor if you have any further queries relating to the legislation and its implications.
| Older News Items (Recent news items are available here) | |||
| New laws that raise privacy issues should undergo further scrutiny, says UK Information Commissioner Click to view news item or the report to Parliament | ![]() | ||
| Community Finding The European Commission has formally recognised that Uruguay has adequate data protection legislation. | |||
| FEE INCREASE The fee for notification and for the renewal of an existing Register Entry will increase to £50 with effect from 1st May 2010. Please click here to see the new Regulations | ![]() | ||
| "Privacy guardians warn multinationals to respect laws" Ten data protection authorities from around the world say Google Inc. and other international corporations are overlooking privacy values and legislation when they launch new online products.
To see the press release issued by the Privacy Commissioner of Canada, please CLICK HERE | ![]() | ||
New EU standard contractual clauses New EU standard contractual clauses for the transfer of personal data to data processors established in third countries come into effect from 15 May 2010. Click for Press Release and the new standard contractual clauses and FAQ's issued by the Article 29 Working Party. | |||
"The Madrid Resolution" The 31st International Conference of Data Protection and Privacy Commissioners held in Madrid in November 2009 adopted "The Madrid Resolution". This Resolution defines a set of principles and rights guaranteeing the effective and internationally uniform protection of privacy with regard to the processing of personal data.Please click here for the Press Release and here for the Madrid Resolution | ![]() | ||
Acknowledgement - Some of the information contained in this website has been extracted from guidance documents published by other Data Protection Authorities |
![]()
To download these documents you will need the Adobe Acrobat Reader. This is available free of charge from Adobe by using the following link:
| Title | File Size | Format | Document Title |
|---|---|---|---|
| Brief Guide to the Data Protection Act | (56 kb) | Acrobat PDF File | Brief Guide to the Data Protection Act 2013 |
| Data Protection - The Basics | (1043 kb) | Acrobat PDF File | Basic Introduction Training Presentation |
| Overview of the Data Protection Act 2002 | (124 kb) | Acrobat PDF File | Overview of the Data Protection Act 2002 |
| Do I need to notify? | (84 kb) | Acrobat PDF File | A self-assessment guide to exemptions from notification |
| 'Data controller' or 'data processor'? | (44 kb) | Acrobat PDF File | Are you a 'data controller' or a 'data processor'? |
| Data Protection Audit - self-assessment toolkit | (410 kb) | Acrobat PDF File | Data Protection Audit - self-assessment toolkit |
| Data Protection Policy | (49 kb) | Acrobat PDF File | A self-help checklist |
| Candidates for Election | (49 kb) | Acrobat PDF File | Candidates for Election |
| Charities | (50 kb) | Acrobat PDF File | Advice note for charities |
| Cloud Computing | (43 kb) | Acrobat PDF File | Cloud Computing |
| Clubs and Societies | (46 kb) | Acrobat PDF File | Guide to the DPA for clubs and societies |
| Consent | (44 kb) | Acrobat PDF File | The requirements for valid consent (2013) |
| Liquidators | (55 kb) | Acrobat PDF File | Advice for liquidators |
| Private Medical Practitioners | (48 kb) | Acrobat PDF File | Advice note on complying with the Data Protection Act 2002 |
| Small Businesses | (57 kb) | Acrobat PDF File | Small Business - A Guide to DP |
| Surveillance camera systems - complying with the Data Protection Act | (176 kb) | Acrobat PDF File | Surveillance camera systems (inc. CCTV) and compliance with the Act |
| Is it "Personal Data"? | (68 kb) | Acrobat PDF File | How to decide if information is personal data (2013) |
| Personal Data and Relevant Filing Systems - Durant | (73 kb) | Acrobat PDF File | Implications of the Durant Judgment |
| Complying with a Subject Access Request | (207 kb) | Acrobat PDF File | Advice on dealing with s Subject Access Request |
| Subject Access Requests and Job References | (45 kb) | Acrobat PDF File | Guide to disclosure of employment references |
| Subject access requests and legal proceedings | (38 kb) | Acrobat PDF File | Subject access requests and legal proceedings |
| Subject Access Requests & Third Party Information | (49 kb) | Acrobat PDF File | Subject Access Requests & Third Party Information |
| Subject access requests - charging for health records | (50 kb) | Acrobat PDF File | How much can be charged and when for requests for health records |
| Releasing information to prevent or detect crimes | (51 kb) | Acrobat PDF File | Releasing information to prevent or detect crimes |
| Sample Data Processor Contract 2002 Act | (40 kb) | Microsoft Word | Sample Data Processor Contract 2002 Act |
| Overseas Transfers | (52 kb) | Acrobat PDF File | Guidance on transferring personal data overseas |
| Outsourcing | (46 kb) | Acrobat PDF File | Outsourcing |
| Transfers of personal data to third countries - FAQ's | (349 kb) | Acrobat PDF File | EU Council FAQ's |
| International Chamber of Commerce Model Contract Clauses | (153 kb) | Acrobat PDF File | ICC Data Controller to Data Controller Contract Clauses |
| EU Data Controller to Data Controller Clauses | (119 kb) | Acrobat PDF File | EU standard contractual clauses for Data Controller to Data Controller transfers to Third Countries |
| EU data controller to data processor in third countries model clauses | (772 kb) | Acrobat PDF File | Data controller to data processor in third countries model clauses |
| New EU standard contractual clauses introduced | (16 kb) | Acrobat PDF File | EU press release |
| EU model clauses Art 29 WP FAQs | (55 kb) | Acrobat PDF File | EU model clauses Art 29 WP FAQs |
| Unsolicited Communications Regulations Guidance 2012 | (107 kb) | Acrobat PDF File | Regulations regarding direct marketing activites |
Material on the Data Protection Supervisor's site is independent of that hosted by the Isle of Man Government and is protected by copyright. The copyright owner is the Isle of Man Data Protection Supervisor. You may not make alterations or additions to the material on this site, or sell it or misappropriate it. Material may be downloaded or copied for personal use. However, appropriate acknowledgement of the copyright owner is required if material is re-published in any format.






