Covid-19 Coronavirus

Data protection for individuals

What is GDPR?

It stands for General Data Protection Regulation, which is an EU law, adopted in the Isle of Man by an Order under the Data Protection Act 2018. 

The Isle of Man had to implement the GDPR into its law so that it can continue to do business with EU countries. 

New data protection provisions are in a set of regulations which set out all the data protection procedures and powers of the Information Commissioner, called the GDPR and LED Implementing Regulations 2018 which are in operation from 1 August 2018.  

These provisions were previously in the Data Protection Act 2002. 

How does it affect me – in the Isle of Man? 

The new law gives you enhanced rights, so making a request for your own data is quicker and free of charge. It also includes types of data which would not have been included under old law. 

The new law means that you will be notified if there is a failure by an organisation which means that your data was lost or exposed, and where such actions cause you damage or loss.  

It means that organisations – in the public and private sector - will need to make sure that their policies and procedures are up to date, that they are lawfully able to process your data and that they must look after the data that they collect. 

Organisations will need to make sure that they comply with the law and show that they are doing so. They must also also be transparent, telling you how and why they are processing your data and for how long they will keep it. 

Requests for information

You can make a request to find out what information the Isle of Man Government holds about you by writing to or emailing the relevant Data Protection Officer (DPO) within the respective Department or Statutory Board.

COVID-19

Due to the unprecedented circumstances of COVID-19 we are working hard to prioritise the delivery of essential front-line services to our most vulnerable people and communities. 

Public authorities, especially those providing frontline and critical services, may need to divert resources to priority work areas with consequential impacts on other areas such as the handling of Subject Access Requests. Your statutory rights are important to us and remain unchanged. Please note however that you may experience delays in our response to your request. We will inform you of any extension to the period for responding and the reasons for the delay.

If you are able to narrow the scope of your request that would be very helpful and may mean we can respond to you more quickly. In addition you may want to reconsider whether your request can be resubmitted at a later date once the impact of COVID-19 has eased.

We will be alert to any guidance from the regulator, the Information Commissioner, as the situation changes, to ensure that we comply with any guidance or changes to information rights.

For more information on Coronavirus (COVID-19), see gov.im/coronavirus.

Isle of Man Information Commissioner

The Information Commissioner provides a wealth of guidance and tools on data protection.

Back to top