This privacy notice explains what information the Attorney General’s Chambers (AGC) collects and what that information is used for.
Her Majesty’s Attorney General is the AGC data controller for the purposes of the Data Protection Act 2018 and the Data Protection (Application of GDPR) Order 2018 and the Data Protection (Application of LED) Order 2018, together with any regulations made under them (Manx Data Protection legislation).
AGC is an office of the Isle of Man Public Service which provides legal services to His Excellency the Lieutenant Governor, the Council of Ministers, Government Departments, Statutory Boards and Offices.
This Privacy Notice may change. We will not reduce your rights under this Privacy Notice without your consent. If any significant change is made to this Privacy Notice we will provide a prominent notice on this website so that you can review the updated Privacy Notice. The last privacy notice was updated on 5 March 2020.
When we collect your personal data we will:
- Only collect what we need and no more
- Keep your information secure
- Tell you how we will use your information
- Delete your information when it is no longer needed
- Only process your information in line with rules set out in the Manx Data Protection legislation.
This Privacy Notice explains:
- What information is collected and why
- Who is collecting it
- How it is collected
- Why it is being collected
- How it will be used
- How long it will be kept
- Who it will be shared with
- How that information will be kept secure
- Your rights, including how to access and update information
If you have any questions or comments on this Privacy Notice please email the Data Protection Officer, Scott Wilson.
To contact the Data Protection Officer for the AGC:
Phone +44 1624 686778
Attorney General’s Chambers
How we will use the information we collect about you
AGC collects and processes personal data to assist us to provide legal services to Government organisation, including advising and acting on behalf of our clients Help prevent and detect crime and to prosecute criminal offences, procure goods and services by Government Departments, Boards and Offices and provide services to support the above which includes:
- Accounts and records
- Administration of Justice including following instructions from a Court
- Advertising, marketing and public relations
- Archiving, transfer and preservation of public records
- Crime prevention and prosecution of offenders
- Staff administration
- To provide assistance to other countries in legal matters
Whose Personal data do we collect or handle
In order to carry out the services outlined above, the AGC may obtain, use and disclose personal data relating to a variety of individuals including the following:
- Advisors, consultants and other professional experts
- Customers and clients
- Complainants, correspondents and enquirers
- Offenders and suspected offenders
- Staff including volunteers, agents, temporary and casual workers
- Suppliers to AGC and other Government organisations
- Witnesses and victims
We use your personal data in line with the rules set out in Manx Data Protection legislation for the following reasons:
- To allow Government Departments, Boards and Offices to communicate with you
- To provide legal advice to the public service on decisions it makes which may affect you personally, such as defending against litigation you take against a Department, Board or Office
- To process procurement applications that you make
- To safeguard vulnerable children and adults
- To represent our clients in court proceedings which involve you
Types of personal data we collect about you
Information you provide to us directly
|Category of data||Examples of that type of data|
|Contact information||Name, email address, telephone number, address, social media account details|
|Financial data||Invoice number, amount invoiced to you, amount paid by you and any amount owed by you|
|Government identifiers||Driving licence number, NHS number, national insurance number|
|Health information||Health reports relevant to court proceedings|
|Other information||Feedback, comments, complaints|
|Personal identification data||Name, title, data of birth, marital status|
|Property owned or leased to you||Car registration, mortgage information, proceeds of sale|
Information we collect automatically
We use an external website for Procurement services and e-tendering, hosted by In-tend.
When you visit or use our external website for procurement we may collect information sent to us by your computer, mobile phone, or other device. For example we may collect:
|Category of data||Examples of that type of data|
|Device information||IP address, Hardware model, operating system version|
|Log information||Time and duration of visit|
|Other information||Links you click, location|
What legal basis do we use to process your personal data
We will only process your personal data if there is a legal reason to do so. We may rely on:
- The need to meet the legal obligation in carrying out statutory government functions
- The need to meet a request you have made for information or a service
- The need to prevent or investigate suspected or actual violations of law
- Your consent – (although it is rare for us to rely on your consent, but where we do you may withdraw your consent at any time by contacting the Data Protection Officer for the relevant part of government.
- The need to protect public interest
The need to retain information for historical or archiving purposes by the Public Record Office under the Public Records Act 1999. For more information on retention by the Public Record Office.
How long do we keep your personal data
We will only keep your information for the minimum time necessary, this may be to:
- Provide a history of transactions for your Procurement account
- Until we have responded to an enquiry
- Conclude legal proceedings and allow reasonable time to seek further redress
- Confirm the transfer of your information to the Department, Office or Board providing a service you have requested.
You should note that a public record we create may be selected for permanent preservation under the Public Records Act 1999. Records are only retained for longer term periods if their retention can be justified for statutory, regulatory, legal or security reasons or for their historic value.
Further information on Public Records retention is available.
How do we keep your personal data secure
In order to carry our statutory functions, AGC may disclose personal data to a variety of recipients, including some within the EU or Worldwide. This includes those from whom personal data is obtained (as listed above) and may include the following:
- Criminal Justice partners, such as the police or law enforcement agencies where there is a legal requirement to do so
- Data processors
- To support Government organisations with debt collection and tracing agencies
- Trade, employer associations and professional bodies
- Elected Representatives in their capacity as a Member of a Government organisation
- Government organisations
- Local Authorities and Commissioners
- Auditors, insurance and other compliance or regulatory body
- Current, past or prospective employers of the data subject
Disclosures of personal data will be made on a case-by-case basis, using the personal data appropriate to a specific purpose and circumstances and with necessary controls in place.
- With or between other Government Departments, Boards and Offices to provide a service or information you have requested
- The courts on production of a valid court order or to file necessary information
The Attorney General’s Chambers will also disclose personal data to other bodies or individuals when required to do so by, or under, any act of legislation, by any rule of law and by Court Order.
AGC has a statutory obligation to check and verify the data you provide to us i.e. in application forms, legal proceedings or transactions such as property sale or acquisition. This may include checks of publicly available information but in some cases, where it is necessary and relevant to your application, the information you provide may be disclosed or shared with other organisations including our clients. This will only be done where there is a legal obligation for us to do so. We will do this to allow us to:
- Verify the information and documentation you have provided is correct
- Help prevent and detect crime including fraud, money laundering, identity theft or other criminal offences
Protecting your information
- Keep your information safe and secure in compliance with its information security arrangements
- Only use and disclose your information as detailed above, where necessary
- Retain the information for no longer than is necessary and your information will be permanently deleted once the timeframes set out below have been reached (there is an authorisation process to dispose of this in line with our Records Management Policy and retention periods as outlined below (unless there is an over-riding reason to retain this information, such as for preservation as a public record).
We will not sell to, or share, your personal data with other companies, organisations or individuals. Individual Departments may share your personal data with other companies, organisations or individuals where there is a legal requirement to do so. For information on how your information may be shared by an individual Department, please click on the relevant Department link.
Transfer of Information outside the EEA
AGC provides mutual assistance in criminal legal matters through a network of worldwide competent authorities. AGC assists other competent authorities and can make requests in relation to the suspected criminal activities of an individual. Should your data be transferred it will be protected by appropriate security measures and strict handling conditions regarding how the recipient may use that information.
You have a right to access your personal data to ensure that it is accurate, and to request that it is rectified, blocked, erased or destroyed if it is inaccurate. We will review your request and may determine that exemptions apply in relation to the Law Enforcement Directive, particularly in relation to the prosecution function.
To make any request relating to your data held by us, please contact the Data Protection Officer for the AGC.
You can review your personal information and ensure it is accurate
Where possible we will provide you with access to the information we hold about you so that you can view this information and provide a means for you to have this information changed if it is not accurate.
Alternatively you can ask for information we hold about you to be amended by sending your request to the DPO.
To remove your personal information
Where possible we will provide you with access to the information we hold about you so that you can view this information and request that your information is deleted.
Alternatively you can ask for information we hold about you to be deleted by sending your request to the DPO.
To ask if we hold personal information about you
You can ask to see what information we hold about you by submitting a Subject Access Request to the DPO.
To make a complaint
If you are unhappy with the way we deal with your personal information you can submit a complaint to the DPO for AGC, who will work with you to resolve any issues.
If you are not satisfied with the response you receive, you may also complain to the Information Commissioner or the relevant supervisory authority. You may have a right to other remedies.
The Information Commissioner is the independent regulator responsible for enforcing the Data Protection Act and can provide useful information about the Act's requirements. The Information Commissioner's Office may be contacted using the following:
The Isle of Man Information Commissioner’s Office,
P.O. Box 69,
Isle of Man,
Telephone: +44 1624 693260
Your personal data may be permanently retained for research use at the Isle of Man Public Record Office if the records containing your personal data are selected for permanent preservation under the Public Records Act 1999. The Isle of Man Public Record Office preserves records of Isle of Man public authorities that are of long-term historic and cultural value.
Access to and use of records at the Isle of Man Public Record Office is governed by legislation, in particular the Public Records Act 1999, the Public Records Order 2015 and the Freedom of Information Act 2015.
Some records are made available to the public for research use, whilst others are covered by access restrictions to ensure sensitive information that should be confidential for a period of time is protected. Where your personal data is included in records transferred to the Record Office, an assessment will be made of whether the records should be covered by an access restriction based on this legislation. Access restrictions will be applied to records as appropriate under this legislation to prevent unlawful access to your personal data. Your personal data will not be used by the Isle of Man Public Record Office for any automated decision making.
The Isle of Man Public Record Office is part of the Department for Enterprise and can be contacted at:
Spring Valley Industrial Estate,
Isle of Man,
The Department for Enterprise Data Protection Officer can be contacted by email.