The General Data Protection Regulation (GDPR), or in Dutch de Algemene Verordening Gegevensbescherming (AVG), was adopted by the European Union as a successor to the Data Protection Directive. It entered into force on 24 May 2016 and became applicable in Belgium on 25 May 2018. The organisations concerned were therefore given two years to adapt to the new regulations.

The right to privacy and the protection of personal data play an increasingly prominent role in today’s digitised society. The GDPR tries to translate this evolution into legislation in order to make every organisation aware of the collection and processing of personal data. It sets out the basic principles relating to the processing of personal data and also explains the rights of the data subjects and the obligations of the controller, processor and the recipient of these data.

The question of who the GDPR applies to is easy to answer. Basically anyone who processes personal data falls within the scope of the GDPR, unless the processing is carried out by a natural person in the course of a purely personal or domestic activity. Also, the processing of personal data falls outside the scope of the GDPR in the context of the prevention,

investigation, detection and prosecution of criminal offences or the execution of criminal penalties, including the protection against and prevention of threats to public security.

Thus, three conditions are necessary to fall within the scope of the GDPR: (i) the processing of (ii) personal data (iii) beyond private life. Personal data refers to any form of information by which a person can be identified, such as a name, telephone number, address, age, e-mail address, photograph, etc. In addition, almost any action involving data qualifies as processing, such as the collection, structuring, storage, modification, consultation and dissemination of personal data.

Moreover, the territorial scope of the GDPR has been considerably extended compared to the former Privacy Directive. Thus it also applies to the processing of personal data in the context of activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union. The controller specifies how and why personal data are processed, while a processor is the party that processes the data. They must comply with the GDPR.

The new European privacy policy applies to all companies

across all sectors worldwide that process data of European individuals. Whether in human resource, IT, marketing or product development, companies need to ensure they are GDPR compliant.

Making your organisation GDPR compliant is not always easy. What needs to be done? Do I need to appoint a DPO? Where do I start? These are all questions you are likely to have.

To assist you in the process of making your organisation GDPR compliant, you can always call on us. Generaldataprotection. be consists of two partners who are always ready to assist you in your GDPR project.

Therefore, do not hesitate to book an introductory meeting with us via the contact form. During this meeting we will go through the situation of your organisation and look at the possibilities to make your organisation GDPR compliant.

Hoofdwebsite Contact
make appointment upload

      GDPR proof area
      upload uw documenten

      drag your documents here or choose file

      drag your correspondence here or choose file

        Benelux (€... )EU (€... )International (price on request)

        By submitting this application, you expressly agree to our General Terms and Conditions and confirm that you have carefully read our Privacy Policy. Sending this application is considered as order confirmation.
        error: Helaas, deze content is beschermd!