Data Protection (GDPR)Protection des Données

Jersey’s data protection regime is governed by two laws:

The Data Protection (Jersey) Law 2018 sets out the rights of individuals in respect of their personal data as well as the obligations and conditions organisations must follow to process it.The Data Protection Authority (Jersey) Law 2018 outlines the requirements for organisations to register with the Jersey Office of the Information Commissioner. It gives the Jersey Office of the Information Commissioner the power to sanction or fine organisations for misusing data or failing to keep it secure.

The Data Protection (Jersey) Law 2018 provides individuals with rights over their personal data. More specifically, the Law provides you with a right to access personal data which is processed about them by a controller, such as a Parish. You only have a right to request personal data about yourself, or about someone you have a right to ask about, such as a child you have parental responsibility for.

If the information you’re requesting is not about yourself or someone you have a right to make a request on behalf of, your request may be refused.

To make a Subject Access Request please provide:

  • your full name
  • a contact address (such as an email address or a postal address, preferably both)
  • a clear description of the information you want to receive, including if possible the time periods covered

You do not have to tell us why you want the information although you will be asked to provide proof of your identity before the information is sourced, and before it is released.