The Cayman Islands Data Protection Law, 2017 (DPL) came into force on September 30, 2019, and will regulate the future processing of all personal data in the Cayman Islands. Drafted around a set of internationally recognized privacy principles, the new law provides a framework of rights and duties designed to give individuals greater control over their personal data. Managers of Cayman funds must ensure that they understand their funds’ obligations under the new law, including enacting policies and procedures to ensure the proper protection of all personal data under their control. Managers must also create an effective governance regime for approving, overseeing, implementing and reviewing those data-protection policies. Cayman funds must get it right – reputations and criminal liability are at stake. In a guest article, Appleby partners Sailaja Alla and David Lee, along with counsel Peter Colegate, review the key provisions of the DPL and how Cayman funds can achieve compliance with it. For more on data protection in the E.U., see “How the GDPR Will Affect Private Funds’ Use of Alternative Data” (Jun. 14, 2018).