Cayman fund managers are being encouraged by law firm Ogier to ensure they fully comply with new legal obligations that will enact a framework of rights and duties aimed at regulating the processing of personal data. It is largely based on the internationally recognised privacy principles that form the basis of other data protection laws worldwide
The new requirements are part of the Cayman Islands Data Protection Law 2017, which is scheduled to come into effect on 30 September 2019.
Ogier partner James Heinicke explained that the law will regulate the processing of all personal data in the Cayman Islands. It will affect any entity established in the Cayman Islands, including investment funds, that processes personal data regardless of whether the processing takes place within the Cayman Islands or elsewhere. It will also not be relevant whether the personal data relates to Cayman individuals.
Outlining the practical consequences of the law, Mr Heincke said that each Cayman fund will be considered a data controller. Therefore, the fund will be expected to comply with data protection principles in regards to personal data processed by the fund or on behalf of the fund by any third-party processors. This includes administrators and service providers.
He added: "With significant penalties in place for non-compliance we strongly recommend Cayman funds seek advice on the implications of the law for them.”
Ogier provides advice on the British Virgin Islands, the Cayman Islands, Guernsey, Jersey and Luxembourg law through a network of offices that additionally includes Hong Kong, Shanghai and Tokyo.