On August 27, 2020, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) announced it approved the “Data Pro Code,” a code of conduct drafted by industry association NLdigital (the “Code”). This Code is the first code of conduct approved by the Dutch DPA under the EU General Data Protection Regulation (the “GDPR”). Adhering to the Code will help organizations active in the Information and Communications Technology sector comply with their obligations under the GDPR. The Code includes, among other things, a series of practical GDPR compliance tools, such as the “Data Pro Statement” that companies may use to inform potential customers of the data protection safeguards they have in place.

Continue Reading Dutch “Data Pro Code” Approved

On July 6, 2020, the Dutch Data Protection Authority imposed a 830,000 euro fine on the Dutch Credit Registration Bureau for non-compliance with Articles 12 (2) and 12 (5) of the EU General Data Protection Regulation between May 2018 and March 2019.
Continue Reading Dutch DPA Fines Dutch Credit Registration Bureau 830,000 Euros for Non-Compliance with Data Subject Rights

On May 19, 2020, the Belgian Data Protection Authority announced that the Litigation Chamber had imposed a €50,000 fine on a social media provider for unlawful processing of personal data in connection with the “invite-a-friend” function offered on its platform.
Continue Reading Belgian DPA Sanctions Social Media Company for Unlawful Processing of Personal Data in Connection with “Invite-a-Friend” Function

The Dutch Data Protection Authority recently published materials regarding the COVID-19 crisis, including recommendations and FAQs for employers, and recommendations for employees that emphasize that privacy must not be overlooked and the crisis should not become a prelude to a “Big Brother” society.
Continue Reading Dutch DPA Publishes Recommendations Regarding COVID-19 and Privacy in the Workplace

On March 3, 2020, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) announced that it had imposed a €525,000 fine on the Royal Dutch Tennis Association (De Koninklijke Nederlandse Lawn Tennisbond, “KNLTB”) for an illegal sale of personal data.
Continue Reading Dutch DPA Fines Royal Dutch Tennis Association 525,000 Euros For Illegal Data Sale

On August 12, 2019, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) announced its intent to approve Nederland ICT’s Data Pro Code (the “Code”), a code of conduct for the ICT sector. Nederland ICT represents data processors from the IT sector. Data processors that process personal data on behalf of and for a data controller can join this code of conduct. The draft decision of the Dutch DPA regarding the Code was published in the Official Journal of the Netherlands (the “Staatscourant”) on August 12 and interested parties have six weeks to submit their opinion on the draft decision.

Continue Reading Dutch DPA to Approve Netherlands Code of Conduct for ICT