Please note that our webpages (including this one) are owned by the Cabinet Office that has it's own Privacy Notice which you can read.
Your information is being collected by the Department of Infrastructure (DOI) which is a data controller for the purposes of current Data Protection Legislation as applied in the Isle of Man. The DOI is a Department of the Isle of Man Government and is comprised of the following Divisions:
- Finance and Governance
- Highway Services
- Public Estates and Housing
- Strategy, Policy and Performance
- Transport Services
This privacy notice covers the entire Department and may be subject to change (this version was last updated July 2018). You may also be directed to additional supplementary notices specific to a service you wish to use. For example, if you ask to be added to the First Time Buyers Register, a supplementary privacy notice will be available explaining what extra personal data we may collect, along with details about how that data will be processed.
If you have any questions or comments on this Privacy Notice please contact the Data Protection Officer (DPO) for the DOI.
Phone: +44 1624 686785
Sea Terminal Building,
Isle of Man,
We collect and process information, including personal data, to provide efficient services, effective customer service, and carry out our lawful functions.
We collect and use your personal data in line with the rules set out in current Data Protection Legislation as applied in the Isle of Man in the following ways and for the following reasons:
How we ask you to share your personal information
- When you visit our websites (links to and from our website may lead to externally hosted sites which are not under our control. You are encouraged to read the privacy statement on that website)
- When you contact us for any reason whether in person, on paper, by phone or by any electronic means (eg email or website contact pages)
- When you complete a form, enter a competition or complete a survey (in person, on paper, or electronically)
- When you make a request under current Data Protection legislation, the Freedom of Information Act, and the Code of Practice on Access to Government Information
- Where you have agreed to the process
- When you make a payment by the various methods available
- When you request our services whether in person, by phone, on paper or electronically
- When you apply for grants or assistance under any scheme
- When you are subject to contract with us or are suppliers or sub-contractors
- CCTV at our sites or premises, or when you use our services or assets
- Automatic Number Plate Recognition (ANPR)
- Any other way you provide your personal information to us
We may also receive personal information indirectly such as where a third party refers to you in correspondence with us; when we contact a third party or organisation about an enquiry or complaint and they give us your personal information in their response; when a third party gives your contact details as an emergency contact or as a referee
Equally, before you provide us with any personal data about a third party you must consider if it is appropriate for you to do so, particularly bearing in mind that they may be entitled to know that we are processing their information
We may also collect information about you from third parties such as Land Registry, for example, where we need to establish ownership of land, or where we need additional information to provide you with advice or a service.
Why we ask you to share your personal information
- To comply with any legal obligation we may have
- To allow the DOI to communicate with you
- To process invoices for services we provide
- To make payments to you
- For job applicants and our current and former employees
- For general administration, staff administration, education and training, accounts and records, advertising, marketing and public relations
- Giving advice or rendering professional services and provision of services of an advisory, consultancy or intermediary nature, such as pre-planning advice on highways issues
- To analyse the use and quality of our services and to make improvements
- For the prevention and detection of crime
- To help prevent and detect debt, fraud and loss
- For carrying out research and statistical analysis including risk management, economic and social research in relation to residents, visitors and our services (where no decision is made about you)
- For the provision of any service to others, such as providing bus services to organisations supporting people with particular needs
Legal bases for processing your information
- The exercise of official authority or for the performance of a task carried out in the public interest
- The need to meet a legal obligation in carrying out statutory government functions
- The need to meet a request you have made for information or a service
- It will also be lawful for us to process data where it is necessary to protect an interest which is essential for your life or that of another person (for example a medical emergency)
- To enter into or perform a contract, or steps taken at your request prior to a contract
- Your consent – if we rely on your consent to process your information you may withdraw your consent at any time by contacting our DPO
- The need to prevent or investigate suspected or actual violations of law
The need to retain information for historical or archiving purposes by the Public Record Office under the Public Records Act 1999 – more information on retention is available from the Public Record Office
Types of personal information we collect about you
Depending on how you interact with us we may process different information about you. Below you will find an overview of the categories of information that we may collect.
|Category of information||Examples of that type of information|
Name, postal or email address, telephone number(s)
Invoice number and amount. We do not hold credit or debit card information
Full name, title, date of birth
Driving licence number, vehicle, vessel or aircraft registration number
Employee information (generally undertaken and held by the Office of Human Resources on behalf of the Department)
Contact and identification information, recruitment records, appraisal/personal development documentation, training, employee records, system logon details, grievances, capability records, staff health & safety, termination of employment
Images of visitors to our sites and users of our services
Sensitive (special category) information
Such as medical conditions etc - for purposes like reserved parking spaces, driving licence details or Disclosure & Barring Service (DBS) checks (for certain staff), insurance matters, housing related services etc
Your views, opinions, feedback, comments, complaints and requests
Your image or your voice
Via cameras or a few recorded telephone lines
Information we collect automatically
When you visit or use our website we may collect information sent to us by your computer, mobile phone, or other device. For example we may collect:
Category of information
Examples of that type of information
Hardware model, operating system version
Time and duration of visit
Links you click, location
How long do we keep your personal information
We will only keep your information for the minimum time necessary and in accordance with our Information Compliance Policy and associated documents.
This may be to:
- Respond to an enquiry from you
- Continue to give you access to a service you have requested
- Comply with any legal obligations
We may retain your data for a short time (up to 6 months) beyond any specified retention period, to allow for information to be reviewed and any deletion to take place. In some instances, laws may require us to hold certain information for specific periods other than those listed above.
The Isle of Man Public Record Office holds selected records of Isle of Man public authorities that are of long-term historic and cultural value, for permanent preservation. Access to and the use of records at the Isle of Man Public Record Office is governed by legislation under the Public Records Act 1999 - more information on retention is available from the Public Record Office.
Protecting your information
The security and confidentiality of your information is very important to us. To protect it from access by unauthorised persons and against unlawful processing, destruction and damage the DOI will:
- Have safeguards in place to make sure personal data is kept secure in compliance with any security policies and procedures;
- Ensure that your data remains under the control of our authorised controllers and processors with adequate safeguards to protect your rights
- Ensure staff are only able to view your data where it is a requirement of their role
- Not make your information available for commercial use
- Only ask you for what is needed
- Only keep it for as long as required and then dispose of it securely
All information is stored on servers that are under the control of the Isle of Man Government Technology Services, or with other system providers where we can be certain that your data remains within the jurisdiction of the Isle of Man, UK or the wider European Economic Area (EEA), or in countries that either hold Adequacy Status or have data protection legislation equivalent to, or greater than the GDPR.
Sharing the information we collect about you
We may share your information with third parties, such as:
- Other Isle of Man Government Departments, Boards and Offices to provide a service or information you have requested, or where it is otherwise lawful to do so
- With our contractors or selected third parties in order to provide services to you
- In the event of an emergency situation and with appropriate safeguards if we believe that doing so is in your vital interests, we may share your information with external public sector bodies (including other ISLE OF MAN Government Departments, local authorities, police, fire ambulance, civil defence)
- With our professional advisors for legal matters
- Any officer of any court, Government department or office, Local Authority, statutory board or governing body (such as the CAA); and the Driver & Vehicle Licensing Agency (DVLA), both in the Isle of Man and the UK, in connection with vehicle and driver licensing
- Medical practitioners, in connection with special driving licence conditions (with your prior consent)
- Insurance companies in the Isle of Man and the UK
- The police or law enforcement agencies in any country to meet international obligations e.g. for the prevention or detection of crime, this includes CCTV images or any other recordings
- Advocates and lawyers, if it is required in connection with legal proceedings or prospective legal proceedings
- The Courts and tribunals on production of a valid court order
- Isle of Man Post, for the provision of counter services on our behalf
- External organisations, who maintain and develop our information and communications infrastructure, with whom we have, or plan to have a contract agreement
We will not sell your personal data to other companies, organisations or individuals.
The DOI will only share your personal data with other companies, governments, competent authorities, organisations or individuals where it is fair and lawful for us to do so.
Under the Data Protection Act, you have rights as an individual which you can exercise in relation to the information we hold about you. At any point while we are in possession of or processing your personal information, you have the following rights:
You have the right to request a copy of the information that we hold about you. This would be in the form of a subject access request. If we do hold information about you we'll provide you with a copy and information about what we do with it. Unless you ask us to provide it in a different way we will email this to you where you have given us an email address. You have the right to see CCTV images of yourself and, in certain situations, be provided with a copy of the images. A subject access request does not have to be in a particular format, however we provide a document that may help you in forming your request, and that gives you details on the process. You are not required to use this form, and if you wish to make a request by phone please contact our DPO. Where you agree, we may try to deal with your request informally, for example by providing you with the specific information you need over the telephone
You have the right to ask us to correct data that we hold about you if it is inaccurate or incomplete
Erasure (the right to be forgotten)
In certain circumstances you can ask for the data we hold about you to be deleted. Please note that as part of any contract we have with you, any service we still provide to you, for legal reasons, or as part of Isle of Man Government statutory functions, some information may need to be retained;
Restriction of processing
Where certain conditions apply, you have the right to restrict the processing of your data
You have the right to object to certain types of processing such as direct marketing
Objection to automated processing
Although the DOI is unlikely to carry out any automated decision-taking that does not involve some human element, under DP legislation, and subject to certain exemptions, an individual has the right to request a manual review of the accuracy of any automated decision that would significantly affect them, if they are unhappy with it
To make a complaint
In the event that the DOI refuses your request under rights of access, we will provide you with a reason why.
If you are unhappy with the way we deal with your personal information you can submit a complaint through our DPO who will work with you to resolve any issues.
The Information Commissioner is the independent authority responsible for upholding the public's information rights and promoting and enforcing compliance with the Island's information rights legislation. Further information can be found on the Information Commissioner's website.
You have the right to request the Information Commissioner to undertake an assessment as to whether the processing of your personal data has been carried out in accordance with the provisions of current Data Protection legislation.