The official website for the States of Guernsey


St Peter Port & St Sampson
Blue Bag
Clear Bag
Food Waste
Black Bag
Glass Bag

All Other Parishes
Blue Bag
Clear Bag
Food Waste
Black Bag
Glass Bag
More Information
weather iconSunny spells and occasional heavy showers, with hail and a risk of thunder.
5 day forecastTide timetables
Sign In

General Data Protection Regulation

Share this page

Friday 16 September 2016

A project that will see Guernsey introduce new data protection legislation in line with the EU's General Data Protection Regulation (GDPR) will be discussed by States Members next week.

The GDPR is due to come into force in May 2018, and applies to all companies worldwide that process the personal data of EU citizens. The Channel Islands must have similarly robust legislation if they are to maintain adequacy and ensure continued access to the EU single market, considered crucial for Guernsey's economy.

Deputy Mary Lowe, the President of the Committee for Home Affairs, said businesses in Guernsey could be assured by the work that the government is doing.

"While the new laws will impact how Channel Islands businesses process personal data, at this point of the project there is no specific action that companies need to take.

 As long as firms are complying with existing data protection legislation, they will be well-positioned to fulfil their obligations under the new laws."

The GDPR is in many regards similar to current Channel Islands data protection legislation, however it will:

Colin Vaudin, Chief Information Officer for the States of Guernsey and Senior Responsible Officer for the project, said a policy letter will be discussed by deputies on 21 September, with a further report providing more information taken to the Assembly either late 2016 or early next year.

"We want to further develop Guernsey as a well-regulated data protection jurisdiction with highly trained DP staff. It further evidences that Guernsey is an excellent and safe place to do business.

Our work with colleagues on the Committee for Home Affairs and Committee for Economic Development to develop our new law is gathering momentum. The new law will be based on the GDPR and will seek to ensure we have granted adequacy by the EU, therefore retaining vital access to the single market.

We have actively engaged with decision-makers and experts in Brussels on this issue. We know what the expectations are from the EU, and this project is about ensuring we meet those expectations while taking an approach that is proportionate."

The General Data Protection Regulation will enable the European Commission to strengthen and unify data protection for individuals within the EU. It also addresses export of personal data outside the EU. The Commission's primary objectives of the GDPR are to give citizens back the control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The regulation was adopted on 27 April 2016. It enters into application 25 May 2018 after a two-year transition period.

Guernsey and Jersey are working together to ensure that their respective legislation is replicated as far as possible. They are also committed to retaining the pan-island role of Data Protection Commissioner, to offer in-sync regulation.

Read the full report in the downloads section on this page.



GDPR Impact Analysis 2016 - Public Report

Share this page

Add To Home

To add this page to the homescreen of your phone, go to the menu button and "Add to homescreen".

The menu button may look like
Three Dots or Box with an Arrow *some browsers' menu buttons may vary.