Montenegro Law on Personal Data Protection (2023)
Montenegro's Law on Personal Data Protection (Official Gazette No. 44/2023), effective August 2023, repeals the 2008 law and aligns the national framework with the EU General Data Protection Regulation (GDPR). The law is enforced by the Agency for Personal Data Protection (Agencija za zaštitu podataka o ličnosti). It introduces GDPR‑style principles such as lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality. It grants data subjects rights to access, rectification, erasure, restriction of processing, data portability and objection, establishes mandatory data breach notification obligations, and sets conditions for cross‑border data transfers. The law also provides for administrative fines and supervisory powers.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (8)
Cross-Border Transfer - Montenegro PDPL
| Code | Title |
|---|---|
| ME-DPA-Cross-Border-Transfer-EEA-Adequacy-Convention-108-SCC-BCR-Western-Balkans-Bilateral | Montenegro PDPL Cross-Border + EEA + Adequacy + Convention 108+ + SCC + BCR + Western Balkans + Bilateral |
Data Subject Rights - Montenegro PDPL
| Code | Title |
|---|---|
| ME-DPA-Data-Subject-Rights-Access-Rectification-Erasure-Restriction-Portability-Objection-Automated-Decision | Montenegro PDPL Subject Rights + Access + Rectification + Erasure + Restriction + Portability + Objection + Automated Decision |
Enforcement Sanctions and Remedies - Montenegro PDPL
| Code | Title |
|---|---|
| ME-DPA-Enforcement-AZLP-Penalties-EUR-20K-Individual-EUR-40K-Entity-Administrative-Court-Supreme-Court | Montenegro PDPL Enforcement + AZLP + Penalties EUR 20K Individual + EUR 40K Entity + Administrative Court + Supreme Court |
Governance DPO ROPA DPIA - Montenegro PDPL
| Code | Title |
|---|---|
| ME-DPA-Governance-DPO-Mandatory-ROPA-DPIA-AZLP-Consultation-Codes-Certification-Sub-Regulations | Montenegro PDPL Governance + DPO + ROPA + DPIA + AZLP Consultation + Codes of Conduct + Sub-Regulations |
Scope and Authority - Montenegro PDPL
| Code | Title |
|---|---|
| ME-DPA-Scope-Zakon-o-Zastiti-Podataka-o-Licnosti-2023-AZLP-Podgorica-GDPR-Convention-108-EU-Accession | Montenegro PDPL Scope + Zakon o Zastiti Podataka o Licnosti 2023 + AZLP Podgorica + GDPR + Convention 108+ + EU Accession |
Security and Breach Notification - Montenegro PDPL
| Code | Title |
|---|---|
| ME-DPA-Security-Breach-Notification-72-Hour-AZLP-CIRT-MNE-Cyber-Security-Strategy | Montenegro PDPL Security + Breach Notification + 72 Hour + AZLP + CIRT-MNE + Cyber Security Strategy |
Sensitive Data and Children - Montenegro PDPL
| Code | Title |
|---|---|
| ME-DPA-Sensitive-Personal-Data-Health-Biometric-Genetic-Political-Religious-Children-Under-16 | Montenegro PDPL Sensitive Data + Health + Biometric + Genetic + Political + Religious + Children Under 16 |
Seven Data Protection Principles - Montenegro PDPL
| Code | Title |
|---|---|
| ME-DPA-Seven-GDPR-Principles-Lawfulness-Purpose-Minimisation-Accuracy-Storage-Integrity-Accountability | Montenegro PDPL Seven GDPR Principles + Lawfulness + Purpose + Minimisation + Accuracy + Storage + Integrity + Accountability |
Frequently Asked Questions
What is Montenegro Law on Personal Data Protection (2023)?
Montenegro Law on Personal Data Protection (2023) is a compliance framework from Montenegro with 8 domains and 8 controls. Montenegro's Law on Personal Data Protection (Official Gazette No. 44/2023), effective August 2023, repeals the 2008 law and aligns the national framework with the EU General Data Protection Regulation (GDPR). The law is enforced by the Agency for Personal Data Protection (Agencija za zaštitu podataka o ličnosti). It introduces GDPR‑style principles such as lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality. It grants data subjects rights to access, rectification, erasure, restriction of processing, data portability and objection, establishes mandatory data breach notification obligations, and sets conditions for cross‑border data transfers. The law also provides for administrative fines and supervisory powers. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Montenegro Law on Personal Data Protection (2023) have?
Montenegro Law on Personal Data Protection (2023) has 8 controls organised across 8 domains. The largest domains are Cross-Border Transfer - Montenegro PDPL (1 controls), Data Subject Rights - Montenegro PDPL (1 controls), Enforcement Sanctions and Remedies - Montenegro PDPL (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Montenegro Law on Personal Data Protection (2023) map to?
Montenegro Law on Personal Data Protection (2023) does not currently have cross-framework mappings in our system. Check back as we continuously expand our mapping database.
How do I get started with Montenegro Law on Personal Data Protection (2023) compliance?
Start your Montenegro Law on Personal Data Protection (2023) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Montenegro Law on Personal Data Protection (2023) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 8 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.
Get Started Free →Free forever — no credit card required