Data Protection in Monaco

Data protection laws in Monaco

Within the Principality of Monaco (Monaco) data protection law have been recently updated by Data Protection Law n° 1.565 of December 3, 2024 (the “DPL”). Article 22 of the Monegasque Constitution still protects the right to privacy and the secrecy of correspondence of every citizen.

Monaco is not part of the EU and did not adopt Data Protection Directive 95/46/EC (hereinafter referred to as the “European Directive”) or its successor the General Data Protection Regulation (Regulation EU 2015/679) of April 27, 2016 (hereinafter referred to as the “GDRP”). However, the new DPL recently adopted offers a strong level of protection similar to GDPR. The aim of the new law was to obtain an adequacy decision from EU.

Monaco is also part of the Council of Europe and entered into Convention n° 108 of the European Council of January 28, 1981 for the protection of individuals with regard to automatic processing of personal data, and into its protocol addendum regarding the controlling authorities and cross-border flows of data, both effective from April, 1st 2009 (through Sovereign Ordinances 2.118 and 2.119 of March 23, 2009).

It is however important to note that, pursuant to Article 3.2. of the GDPR and waiting for this adequacy decision, GDPR is still applicable to companies established in Monaco that process personal data of persons (or “data subjects”) residing in the EU where such processing is related to:

  1. the supply of goods or services to such persons (irrespective of a payment for such supply); and
  2. the monitoring of their behavior taking place within the Union.

It shall be noted that in such a case, the company established in Monaco may be required to designate in writing a representative in the European Union (article 27 of GDPR) and that both GDPR and Monaco DPL will be applicable to these companies.

Continue reading

  • no results

Back to top