The article considers how data protection rules in Directive 95/46 EC and in national law apply to data processing carried out by an embassy. Three situations are discussed: processing inside and from the embassy, processing in the recieving country on behalf of an embassy, and transference of personal data from the embassy to the home country. Although an embassy may represent an unsafe area for the personal integrity of citizens, this topic has not been considered in data protection law and for this reason there are no references ind the article.