Sole traders / Organisations / Business / Charities

Find out about the Data Protection (Jersey) Law 2018 and how to comply with it.

Our office will be closed for the Christmas period from 4pm on Tuesday 23 December 2025 and will reopen at 8:45am on Friday 2 January 2026.

You can Manage your Registration, Report a Breach, Raise a Concern, Ask a Question or view our guidance at any time on our website.

If your matter is urgent, please email enquiries@jerseyoic.org and a member of our team will respond to you as soon as we can. Non-urgent enquiries will be responded to upon the office reopening.

Who is this for?

The Data Protection (Jersey) Law 2018 covers all Jersey businesses and organisations (including sole traders to larger companies, charities, social clubs and Government of Jersey)

In brief
Governance
Guidance
Report a breach
Events
Tell us in confidence
Stay in touch
Self assessment
Ask a question

Do I need to register?

If you collect or process any personal information (e.g. staff, customer, tenant or member’s personal information) you must register with us.

Do I need to register?

Register/Renew

Report a data breach

You must report certain types of personal data breaches to us, within 72 hours of becoming aware of it.

What constitutes a data breach?

Report a data breach

Submit a Data Protection Impact Assessment

You must submit your DPIA for consultation with us for “high risk” processing and where you have not been able to mitigate (manage) the risks. You must do this before you start any processing activity.

DPIA guidance

Submit a DPIA