Data Protection for Organisations

Home | For Organisations | Legislation

Main Legislation

General Data Protection Regulation (GDPR)

Data Protection Act (CAP 586)

Subsidiary Legislation

Processing of Personal Data (Electronic Communications Sector) Regulations (SL-586.01)

Processing of Personal Data (Protection of Minors) Regulations (SL-586.04)

Processing of Personal Data for the Purposes of the General Elections Act and the Local Councils Act Regulations (SL-586.06)

Processing of Personal Data (Education Sector) Regulations (SL-586.07)

Data Protection (Processing of Personal Data by Competent Authorities for the Purpose of the Prevention, Investigation,Detection or Prosecution of Criminal Offences or the Execution of Criminal Penalties) Regulations (SL-586.08)

Restriction of the Data Protection (Obligations and Rights) Regulations (SL-586.09)

Processing of Data concerning Health for Insurance Purposes Regulations (SL-586.10)

Processing of Child's Personal Data in Relation to the Offer of Information Society Services Regulations (SL-586.11)

Enforcement of the Rights of Data Subjects in relation to Transfers of Personal Data to a Third Country or an International Organisation Regulations, 2023

EU Legislation


Conventions

Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (CETS 108)

Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, regarding supervisory authorities and transborder data flows (CETS 181)

Directives


Directive 2002-58-EC Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 Concerning the Processing of Personal Data and the Protection of Privacy in the Electronic Communications Sector (Directive on Privacy and Electronic Communications)

Directive 2006/24/EC of the European Parliament and the Council of 15 March 2006 on the Retention of Data Generated?Processed in Connection with the Provision of Publicly Available Electronic Communications Services or Public Communications Networks

Directive 2009/136/EC of the European Parliament and the Council of 25 November 2009 Amending Directives 2002/22/EC and 2002/58/EC, and Regulation (EC) No 2006/2004 (the Regulation on Consumer Protection Cooperation)

Directive (EU) 2016/ 680 of the European Parliament and of the Council - of 27 April 2016 - on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation

Regulation

Regulation (EU) 2021/1232 of the European Parliament and of the Council of 14 July 2021 on a temporary derogation from certain provisions of Directive 2002/58/EC as regards the use of technologies by providers of number-independent interpersonal communications services for the processing of personal and other data for the purpose of combating online child sexual abuse