Loyens & Loeff

EU General Data Protection Regulation (GDPR)

Is your organisation 'GDPR-proof'?


After years of anticipation, the EU General Data Protection Regulation (the 'GDPR') entered into force and shall apply as from 25 May 2018. This means that businesses operating in the EU have two years to make sure they are GDPR compliant. 

During the first year of this countdown, our Data Protection & Privacy Team will distribute a monthly update with respect to the most important requirements of the GDPR and guidance on how to implement these in organisations.

The monthly updates will (among others) include information on the applicability of the GDPR and the 'one-stop-shop' mechanism, rules regarding profiling, big data and pseudonymisation, an overview of new obligations for data controllers and data processors, and the applicable sanctions for non-compliance with the GDPR.

Click here to subscribe to updates on Data Protection and Privacy.

Contact
Should you require any assistance in implementing the GDPR in your organisation, please contact the Loyens & Loeff Benelux Data Protection and Privacy Team.

Are you GDPR compliant?

The GDPR is now applicable throughout Europe. One of the most well-known novelties introduced by the GDPR is the new enforcement regime. How are fines calculated under GDPR? Should you worry about sanctions? Can you count on a grace period? Should you be fully GDPR compliant by now?

Do you need to keep an internal data processing register?

The GDPR introduces the obligation to keep an internal data processing register. Is there any exception? What should you include in the register? Where can you find any guidance?

Are you obliged to appoint a DPO?

The GDPR introduces an obligation to appoint a Data Protection Officer or DPO. But is your company really required to appoint a DPO? Probably not.

Are you GDPR compliant when processing personal data?

It is still 3 months before the GDPR becomes applicable. As you know, when processing personal data, you are required to have a lawful basis for such processing. Is consent the way to go? When is consent required, when is it counterproductive? Marga Caproni and Stéphanie De Smedt inform you through this video with pragmatic and practical information.

3 practical GDPR tips for HR by Marga Caproni (Click here for Dutch version)