Register of Data ControllersIt is a fundamental concept of data protection that the public should be able to find out who is processing their personal data and for what purposes. The Supervisor is required by the Data Protection Act 2002 to keep a register of data controllers.
Search the Register of Data ControllersA regularly updated extract from the Register is available in a searchable PDF document. This list contains the names of those entities who have notified under the Data Protection Act 2002 and who process personal data outside the three core business purposes. It does NOT, however, contain any trading names but you may contact the Office if you wish to make such an enquiry. If you require a copy of an entry, please email the office, stating the data controllers name and the notification number. We will supply a copy of a register entry free of charge, however, if you require a certified copy of a register entry a nominal fee of £2 will be charged.
Purpose of the Register of Data Controllers
The register serves three purposes:
The register of data controllers is available for public inspection in the Office, between the hours of 09:00 and 13:00 and 14:00 and 17:00 Monday to Friday (excluding public holidays).
List of Data Controllers who have claimed an exemption from notificationThere is no requirement for data controllers who are not required to have a register entry to advise the Supervisor of that fact, nor for the Supervisor to maintain such a list. However, a list of data controllers who have claimed an exemption from notification is maintained and is available below. This list primarily assists third parties undertaking due diligence enquiries when seeking to engage in a business relationship giving an outward indication of whether that company r organisation has considered compliance with the Data Protection Act. These data controllers, whilst exempt from notifying, are still obliged to comply with the Act and its remaining provisions. They may claim this exemption from notification because they only process personal data for the three core business purposes, namely staff administration, accounts and records and advertising and marketing on behalf of the organisation. They may also be registered charities or non-profit making organisations who only process personal data for the three core business purposes and the other purposes specific to those types of organisation.
|    Search the Register  Click here to search |
To download these documents you will need the Adobe Acrobat Reader. This is available free of charge from Adobe by using the following link:
| Title | File Size | Format | Document Title |
|---|---|---|---|
| Exempt data controllers as at 25th January 2013 | (270 kb) | Acrobat PDF File | List of data controllers claiming exemption from notification |
| Registered Data Controllers as at 13th June 2013 | (844 kb) | Acrobat PDF File | Registered Data Controllers as at 13th June 2013 |
Material on the Data Protection Supervisor's site is independent of that hosted by the Isle of Man Government and is protected by copyright. The copyright owner is the Isle of Man Data Protection Supervisor. You may not make alterations or additions to the material on this site, or sell it or misappropriate it. Material may be downloaded or copied for personal use. However, appropriate acknowledgement of the copyright owner is required if material is re-published in any format.
