GDPR-What will it mean for your business?

What will the GDPR and Data Protection (Jersey) Law 2018 (DPJL) mean for your organisation?

The GDPR is applicable to:

  • EU organisations processing personal data of EU individuals;
  • Non-EU organisations offering goods/services to EU individuals;
  • Non-EU organisations monitoring the behaviours of individuals in the EU.

The DPJL is applicable to any organisation holding or using personal information about customers based in Jersey. It reflects the provisions and principles of the GDPR. The core aims of the GDPR and DPJL are to protect the rights and freedoms of individuals in respect of their personal information. Organisations (data controllers and data processors) have obligations under both laws to respect those rights under the general principles of transparency and accountability, to the extent that such legislation applies to them. This guide and the accompanying checklist have been designed to assist SMEs based in Jersey, who may not have access to extensive planning and legal resources. Using this guide, along with our twelve-step guide, will help those businesses in particular to prepare for a business future that is data-protection compliant. If you process personal data as part of your business, the DPJL will apply to you and the GDPR might apply to you if you fulfil the criteria set out above. It is important to remember that:

  • Customer AND employee data is personal data
  • Simply storing personal data electronically or in hardcopy constitutes ‘processing’ personal data
  • The DPJL (and where applicable, the GDPR) applies to both controllers AND processors.

GDPR Infographic – Why GDPR matters to SMEs  

Other useful sources of information.

Get advice and support

Whether you’re a new start-up or an established business we’re here to help you steer your business in the right direction. For more information or advice please contact us on 01534 610300 or by email at [email protected].