Holy See

The Holy See and Data Protection 

European Economic Area countries are governed by the GDPR and the UK is governed by equivalent measures in the UK GDPR.  Therefore, in principle and where GDPR has been enshrined in domestic legislation, the sharing of personal data within and across the countries of the NWE Region of the Prelature should follow the same rules. 

The Vatican City state is outside of the EU, and therefore there are challenges around sharing information of a personal nature with relevant dicasteries. The Catholic Church is not a PLC, a single entity, and so the relationship between the Holy See and Church leaders in other countries requires careful consideration. 

In 2019, Pope Francis issued a motu proprio – Vos estis lux mundi – partly in response to these concerns.  The Holy Father wishes to ensure the exchange of relevant information so that those who need to know are informed about allegations and that risk can be assessed and managed. This document was re-issued in a final version on March 25th, 2023.

Article 19 specifies that church procedures are without prejudice to the "reporting obligations to the competent civil authorities" in state legislation.