GDPR is now in force in the European Union (EU). Many clients ask us what impact GDPR has on their business in Monaco. Like Switzerland, the Principality is not a member of the EU although it has entered specific treaties with the EU, in particular on financial matters. GDPR is out of the scope of such treaties. In principle, GDPR should not affect business in Monaco.
In fact, businesses are impacted very substantially, since any processing by an entity based in Monaco of personal data from clients residing in a UE country is potentially subject to GDPR provisions. Any cross border activity a Monegasque company may carry out on UE territory is within scope. Monaco entities offering services or products to UE clients have to comply with both Monaco data protection laws and GDPR. A new law in Monaco amending the current data protection legislation is soon expected.
This change in legislation is also required to obtain the long-awaited “adequate level” of protection for the Principality of Monaco which will facilitate data transfers from an UE controller. An issue that is not relevant for Switzerland that is considered as guaranteeing an adequate level of protection.
About the author
François Poher, Associate
DL Corporate & Regulatory Monaco