This redline version of the Gibraltar GDPR has been prepared by the Information Rights, Data Protection and Privacy Team at ISOLAS LLP.

The 'Gibraltar GDPR' is defined in s.2 of the Data Protection Act 2004 (as read with s.2(1B)(a)). Essentially, it is Regulation (EU) 2016/679 ("EU GDPR"), read with certain modifications, in order to ensure that post-Brexit, the EU GDPR (with such modifications) can still form part of Gibraltar law by virtue of section 6 of Gibraltar's European Union (Withdrawal) Act 2019.

The Gibraltar GDPR has not to date been published as a separate document. Instead, it is contained as modification instructions in Schedule 1 to the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 ("the 2019 Regulations").

Reading Schedule 1 of the 2019 Regulations side by side with EU GDPR becomes impractical, and we have therefore prepared this redline version to assist our clients and other stakeholders.

Please note it is not a formal legislative act, but a document we have prepared only for information/research purposes and due to popular demand. We hope users will find it useful when applying Gibraltar GDPR.

For any queries or concerns arising as a result of this document, our Information Rights, Data Protection and Privacy team at ISOLAS LLP will be more than happy to assist.

To receive the full PDF, please complete the form here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.