DATA PROTECTION

Advising on Data Protection compliance

The EU GDPR is not directly applicable in Monaco, despite its extra territorial application and the Principality has not yet enacted equivalent provisions in its domestic law processing personal data in Monaco, including data transfer abroad, is either subject to notification or to prior authorisation from the Monaco Commission de Contrôle des Informations Nominatives (CCIN). Monaco is still in the process of being recognised as offering an “adequate level of protection” for data protection purposes.

Our Firm has a recognized expertise on Data Protection and regularly advises on:

  • Reviewing data protection policies and privacy solutions/guidelines.
  • Drafting all necessary filings of declaration or authorisation.
  • Data protection compliance audits and assessment with emphasis on banks and investment firms, including areas of professional secrecy and statutory restrictions.
  • Drafting internal compliance procedures.
  • Preparing agreements in connection with the transfer of data, safe harbours and BCRs.
  • Advising on the application of the EU GDPR to certain data processing depending on the cross-border activities of Monaco clients.
  • Drafting and adapting data protection notices to comply with client information obligations.
  • Drafting data processing records in compliance with EU GDPR.
  • Drafting article 27 GDPR representative appointment.