Compliance with principles and security obligations

Emergency Powers legislation has given additional powers to Tynwald, the police and government departments to manage the COVID-19 crisis, protect the public, maintain essential public services and implement assistance packages for businesses, etc.  

Other existing legislation and legal obligations continue to apply and the data protection legislation provisions are unchanged. 

Controllers must continue to comply with the data protection principles and ensure the security of personal data.

In addition, controllers must implement appropriate technical and organisational measures to ensure, among other things:

Guidance is available at:


Exemptions from complying with the principles are restricted to those specified in Schedule 9 to the GDPR and LED Implementing Regulations