The Data Protection (Jersey) Law 2018 controls how organisations, businesses or the government uses your personal information.The Data Protection Law 2018 is Jersey’s implementation of the European General Data Protection Regulation (GDPR).

Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is:

• used fairly, lawfully and transparently
• used for specified, explicit purposes
• used in a way that is adequate, relevant and limited to only what is necessary
• accurate and, where necessary, kept up to date
• kept for no longer than is necessary
• handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage

The Data Protection Authority (Jersey) Law 2018 outlines the requirements for organisations to register with the Office of the Information Commissioner. It gives the Office of the Information Commissioner the power to sanction or fine organisations for misusing data or failing to keep it secure. 

Data Protection (Registration and Charges) (Jersey) Regulations 2018 outlines the requirements and particulars of registration and charges for those processing personal information.

The EU General Data Protection Regulation (GDPR) is designed to:

• Harmonize data privacy laws across Europe
• Protect and empower all EU citizens data privacy
• Reshape the way organizations across the EU approach data privacy

GDPR reshapes the way in which sectors manage data, as well as redefines the roles for key leaders in businesses

GDPR has implications for the Channel Islands in two ways

• Local companies targeting goods or services to EU citizens will be required to comply with the GDPR, regardless of what regulatory or legislative regime is in place locally
• The Islands ‘adequacy’ ruling under the current EU Directive will be re-assessed against the GDPR and it is highly unlikely that the current Laws will be considered adequate against the new standard.

The Government of Jersey made the decision that the GDPR will be incorporated into local law in line with the EU legislation.

The Freedom of Information (Jersey) Law 2011 (FOI) makes the Government of Jersey accountable and transparent in the way they operate and make decisions.

The Law gives you the right to access recorded information held by public sector organisations.

Anyone can request information – there are no restrictions on your age, nationality or where you live.

Access to information under FOI can:

• help to inform you of how the government and public authorities work in Jersey
• allow you to take part in debate about issues that may affect you or your family
• help you find information to develop ideas or inform your business decisions