The General Data Protection Regulation (GDPR) is a framework mandated by the European Union for the drafting of new data protection laws in each member state.
The Data Protection (Jersey) Law 2018 and the Data Protection Authority (Jersey) Law 2018 both incorporate all the applicable elements of GDPR for Jersey, to ensure that Jersey has a level of protection equivalent to that of the European Union.
Neither the GDPR nor the European GDPR-based laws apply in Jersey. However, Jersey companies that target customers in the European Union or monitor behaviour of individuals in Europe would be subject to the laws of the European Union members states in which they conduct these activities.
There could be additional legal requirements for conducting these activities in the European Union, and we recommend you contact us to find out more.