Why are Island businesses affected?

The GDPR is intentionally designed to apply to personal data of individuals living in the EU so that they are “not deprived of the protection to which they are entitled” just because a controller or processor is established outside the EU.

It applies directly to businesses outside the EU that offer goods or services to, or monitor the behaviour of, individuals living in the EU or process personal data either with or on behalf of EU businesses. Many Island businesses are, therefore, immediately affected.  

Other Island businesses, including government, that do not provide goods or services to EU residents, but require access to, or the sharing of, personal data processed in the EU/UK, will also be impacted by the GDPR. 

Island businesses need to consider the impact of the GDPR on their business and take steps to ensure compliance.

What about the existing Data Protection Act?

The Act will continue in force until such time as it is revised, replaced or repealed.

Therefore, until equivalent legislation to the GDPR is implemented in the Island: