Exemption from the requirement to notify
The Data Protection Act requires all data controllers to notify the Supervisor of their processing of personal data unless an exemption from this requirement applies.
Whilst the Act provides exemptions from the requirement to notify in certain circumstances this is not an exemption from the requirement to comply with the remaining provisions of the Act.
Please use our assessment tool to assist you in deciding whether you are, or are not, exempt from the requirement to notify. ![]()

There are exemptions from the requirement to notify which are detailed below.
Three Core Business Purposes
The Act identifies three purposes for processing personal data which are fundamental to the functioning of organisations. These are known as the three core business purposes and they are in relation to processing for the organisation's own:
- staff administration
- accounts and records
- advertising, marketing and public relations
![]()
"Non profit-making" organisations
The exemption from the requirement to notify for "non profit-making" organisations is intended for small clubs, sports associations, church administration and some registered charities. In such cases any profit made from the running of these organisations or fundraising activities is ploughed back into the organisation for the benefit of the members.
The Notification Regulations set out the limitations on the processing that can be undertaken by a "non profit-making" organisation to permit it to claim exemption from the requirement to notify and this is:
"The processing -
(a) is carried out by a data controller which is a body or association which is not established or conducted for profit;
(b) is for the purposes of establishing or maintaining membership of or support for the body or association, or providing or administering activities for individuals who are either members of the body or association or have regular contact with it;
(c) is of personal data in respect of which the data subject is —
(i) a past, existing or prospective member of the body or organisation;
(ii) any person who has regular contact with the body or organisation in connection with the exempt purposes; or
(iii) any person the processing of whose personal data is necessary for the exempt purposes;
(d) is of personal data consisting of the name, address and other identifiers of the data subject or information as to —
(i) eligibility for membership of the body or association; or
(ii) other matters the processing of which is necessary for the exempt purposes;
(e) does not involve disclosure of the personal data to any third party other than —
(i) with the consent of the data subject; or (ii) where it is necessary to make such disclosure for the exempt purposes; and
(f) does not involve keeping the personal data after the relationship between the data controller and data subject ends, unless and for so long as it is necessary to do so for the exempt purposes."
If the processing by a "non profit-making organisation" is for any other purpose, for example a registered charity selling its database of members to another organisation, or the organisation has CCTV, or in the case of a sports club, it undertakes vetting checks of its coaches, then the exemption from the requirement to notify cannot be claimed.
However, in such cases, although there will be a requirement to notify there is an exemption from the payment of the annual fee.
![]()
Domestic Purposes
If an individual process personal data only for domestic purposes, there is no requirement to notify.
Domestic purposes are :
"that individual's personal, family or household affairs (including recreational purposes)"
This does not, however, include an individual's own business.
![]()
To download these documents you will need the Adobe Acrobat Reader. This is available free of charge from Adobe by using the following link:
| Title | File Size | Format | Document Title |
|---|---|---|---|
| Do I need to notify? | (84 kb) | Acrobat PDF File | A self-assessment guide to exemptions from notification |
Material on the Data Protection Supervisor's site is independent of that hosted by the Isle of Man Government and is protected by copyright. The copyright owner is the Isle of Man Data Protection Supervisor. You may not make alterations or additions to the material on this site, or sell it or misappropriate it. Material may be downloaded or copied for personal use. However, appropriate acknowledgement of the copyright owner is required if material is re-published in any format.

