GDPR (General Data Protection Regulation)

general data protection regulation

European privacy regulation for the collection and processing of personal data, aimed to better protect the consumer. This is called the General Data Protection Regulation (GDPR or AVG Algemene Verordening Gegevensbescherming in Dutch).

As of 25 May 2018, everyone in the European Union must conform to the regulations stipulated in the General Data Protection Regulation (GDPR). The GDPR ensures that personal data can only be collected under strict conditions and only if it is used for legitimate purposes. In addition, organizations are obliged to protect the collected personal data from improper use and respect the rights of all persons involved.

What should your company do in order to be GDPR-compliant?

be transparent and clear:

– indicate what personal data you collect and process
– explain why you use and process personal data
– clearly demonstrate how you collect the personal data
– specify how long you will store the personal data

privacy by design & privacy by default

make sure the correct protection of personal data is already taken into account in the design phase of the products and services. Make sure no additional data is registered without permission

Data Protection Officer

appoint a Data Protection Officer if you process data of more than 5,000 persons per year

double opt-in

make sure you can show individuals have given their consent, for the collection and processing of their data, based on complete information

overview processing

make sure you can provide the collected information to the individual involved

notification requirements breach

make sure the collected data is properly protected from data breaches

data portability

make it possible to electronically transfer the collected individual personal data from your system to another

right to delete data

give individuals the option to have their data deleted

New compared to previous privacy regulations:
– being able to prove valid consent from individuals to collect their personal data
– making it just as easy for individuals to give and to take back their consent

  • X icon
  • Linkedin icon
  • Email icon