Privacy & law
Not too long ago, apparently nobody was concerned about privacy rights. The exponentially growing digitization of our society has, however, brought a lot of change in this. Companies like Google and Facebook are only too happy to know which websites are visited. This is tracked via so-called cookies and suddenly you see advertisements on various internet sites that you visit that are very similar to your recent internet visits. For these types of organizations, your internet behaviour is a product that can be traded.
Many consumers do not have problems with this kind of storage of information. This changes when information about your medical situation, studyresults and/or belief are being stored and/or shared.
Dutch Personal Data Protection Act
In the Netherlands, the Personal Data Protection Act was in force since 2001. The law already laid down rules that apply at the time that you work with personal data. In 2016, this law added an obligation for organizations, that process personal data (these are generally companies), that they must report to the so-called Authority Personal Data when personal data has leaked or when the risk of leaking personal data is (too) high. In addition, penalties were added to the law. Both changes have led to increased attention to the law.General Data Protection Regulation
In addition, the General Data Protection Regulation (GDPR) was adopted by the European Union in May 2016. This regulation entered into force on the 25th of May 2018.Companies that process personal data (and that is virtually all companies) have further obligations regarding the processing of these personal data.
Entrepreneurs must comply with the GDPR as of the 25th of May 2018 and as an entrepreneur this regulation will become a permanent point of attention for your organization.
Our team advises on, among other things:
- further developments and the enforcement of the GDPR;
- formulating privacy policies and the implementation thereof;
- advising on the various roles and responsibilities within the applicable regulations;
- advising on the implementation of so-called privacy impact assessments, possibly the necessary appointment of a data protection official, etc.
We can also advise you on the right of privacy in on the work floor, where you can think about regulating and, if necessary, following internet use within your company, the use of social media, etc.
The same applies to advice to schools. Which internet sites may or may not be visited by the pupils? Who is responsible for the processing of the data regarding to the students? Have valid processor agreements been concluded with, for example, software suppliers (such as Magister)? And how to deal with the use by students of information carriers such as tablets, mobile phones, etc. that they have brought to school themselves?
Developments in privacy & law