GDPR

The EU General Data Protection Regulation (GDPR) represents the biggest shake-up of European data protection law for more than two decades. It brings significant changes to the rules governing how we use and store data. All businesses in the Channel Islands will be affected as new Guernsey and Jersey laws have come into force to adopt the GDPR into domestic legislation.

Our lawyers are at the forefront of developments and have been working closely with industry bodies, associations and government in shaping the statutory and regulatory frameworks relating to cybersecurity and data protection.

The primary focus of the GDPR is to protect the personal data of citizens of the European Union wherever it is held, processed or transferred. While the Channel Islands stand outside the EU, the legislation affects all local companies undertaking business in the EU or profiling EU citizens. Accountability will be fundamental to the process and businesses will need to comply with - and be able to demonstrate compliance with - six key data protection principles. Penalties for non-compliance include a fine of up to 4% of annual global turnover or up to €20 million.

Bearing in mind the nature and scope of the changes, there is a significant amount of work to be undertaken in order to be prepared for the new regime. Organisations will have different requirements and compliance will need to be tailored accordingly. We can review your individual situation and progress. Our specialists can advise you on all aspects of the collection, processing and storage of data on your customers, staff and suppliers to help you achieve a secure and robust data management framework that complies with the law. We can also review and draft relevant contracts, policy documents and privacy notices.

Along with our legal services, we provide the following information, training and development services in relation to data protection and the GDPR:

  • Client briefings and regular updates 
  • Seminars in Guernsey and Jersey 
  • Bespoke in-house courses

If you would like to sign up to our GDPR seminar programme or receive future briefings, please email [email protected]

Resources

To assist businesses in understanding the core areas of GDPR and to help them consider how best to approach compliance, we have produced a detailed Channel Islands Guide to GDPR, which can be downloaded here

The Channel Islands regulator (the Data Protection Commissioner in Guernsey and the Information Commissioner in Jersey) has published some broad data protection guidance, available here and has also launched a website targeted specifically at GDPR compliance, available here. Its website contains a lot of the information needed to guide you through the data protection landscape.

Follow these links for information relating to Guernsey's data protection law and data protection in Jersey.

Recent news and updates

Our articles and briefings 

News and deals