This Privacy Notice explains who we are, how to contact us, when we collect personal data, how we use that data, how long we may keep that data and your rights.
Who we are
The Isle of Man Information Commissioner (‘Commissioner’) is the controller for all personal data processed by the Commissioner, staff or other appointed Officers.
The Commissioner is an Office created by statute with specific duties and responsibilities under the Freedom of Information Act 2015, the Data Protection Act 2018, and connected data protection legislation, and the Unsolicited Communications Regulations 2005. All relevant legislation is available from this website.
Contact details for the Commissioner’s Office are provided at the foot of this page. The Commissioner also has a designated Data Protection Officer (DPO). If you wish to contact the DPO directly you can write to the DPO at the address provided below, or email DPO@inforights.im
Our approach to personal data
We respect an individual’s fundamental right to privacy. In general, the Commissioner endeavours to be open and transparent with individuals when processing their personal data. However, in some limited exceptions, for example when investigating an allegation, it is not possible to do so.
The Commissioner processes personal data for the following purposes:-
- staff administration
- accounts and records
- as part of the registration process by organisations
- when personal data breaches are reported
- when complaints or enquiries are made to the Commissioner
- for the purpose of correspondence, for example the issuing of newsletters
- when making enquires or undertaking investigations in accordance with statutory functions and duties
Detailed information about our statutory functions can be found on the website.
Disclosure of personal data
In most circumstances we will not disclose personal data without your prior knowledge. However, when we investigate a complaint, for example, we will need to share personal information with the organisation concerned and with other relevant bodies.
Complaints about our processing
The Commissioner seeks to meet the highest standards when collecting and using personal data. If you think that our collection or use of your personal data is unfair, misleading or inappropriate, please bring your concern to our attention. We would also welcome any suggestions for improving our procedures.
Right of access to personal information
The Commissioner will provide any individual with access to their personal data upon request, unless, and to the extent necessary, that the right of access is restricted.
If we do hold information about you, you can ask us to correct any mistakes. You also have the right, subject to any statutory limitations, to object to processing, to erasure or restriction of processing, and to data portability. No automated decisions, or profiling, are undertaken by the Commissioner.
Please contact the DPO or use the contact details below to exercise any of your rights. We may require additional information in order to identify you or the information you seek.
Website and cookies
Links to other websites
This privacy notice does not cover the links to other websites within this site. We encourage you to read the privacy statements on other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last reviewed on 25 May 2018.