The EU General Data Protection Regulation (GDPR) represents the biggest shake-up of European data protection law for more than two decades. It brings significant changes to the rules governing how we use and store data. All businesses in the Channel Islands will be affected as new Guernsey and Jersey laws have come into force to adopt the GDPR into domestic legislation.
Our lawyers are at the forefront of developments and have been working closely with industry bodies, associations and government in shaping the statutory and regulatory frameworks relating to cybersecurity and data protection.
The primary focus of the GDPR is to protect the personal data of citizens of the European Union wherever it is held, processed or transferred. While the Channel Islands stand outside the EU, the legislation affects all local companies undertaking business in the EU or profiling EU citizens. Accountability will be fundamental to the process and businesses will need to comply with - and be able to demonstrate compliance with - six key data protection principles. Penalties for non-compliance include a fine of up to 4% of annual global turnover or up to €20 million.
Bearing in mind the nature and scope of the changes, there is a significant amount of work to be undertaken in order to be prepared for the new regime. Organisations will have different requirements and compliance will need to be tailored accordingly. We can review your individual situation and progress. Our specialists can advise you on all aspects of the collection, processing and storage of data on your customers, staff and suppliers to help you achieve a secure and robust data management framework that complies with the law. We can also review and draft relevant contracts, policy documents and privacy notices.
Along with our legal services, we provide the following information, training and development services in relation to data protection and the GDPR:
- Client briefings and regular updates
- Seminars in Guernsey and Jersey
- Bespoke in-house courses
If you would like to sign up to our GDPR seminar programme or receive future briefings, please email [email protected]
To assist businesses in understanding the core areas of GDPR and to help them consider how best to approach compliance, we have produced a detailed Channel Islands Guide to GDPR, which can be downloaded here.
The Channel Islands regulator (the Data Protection Commissioner in Guernsey and the Information Commissioner in Jersey) has published some broad data protection guidance, available here and has also launched a website targeted specifically at GDPR compliance, available here. Its website contains a lot of the information needed to guide you through the data protection landscape.
Recent news and updates
- GDPR will see businesses fulfil ethical expectations, Carey Olsen conference told
- Channel Islands data protection laws gain Privy Council approval
- Webinar: All change? New data protection law in the Channel Islands - an introduction to the new Guernsey and Jersey laws
- Carey Olsen teams up with DLA Piper on 2016 Data Protection Laws of the World Handbook
- Guernsey's new data protection legislation is here
- The value of data protection officers
- Guernsey ahead of the game on GDPR preparations, Carey Olsen conference told
- Carey Olsen conference tells businesses 'the time to prepare for GDPR is now'
Our articles and briefings
News and deals
25 October 2017
12 July 2018
08 December 2017
25 May 2017