21.07.2017
Privacy-proof: are you ready for the GDPR?
A proper privacy policy will be key as from May 2018, when the new European privacy regulation (the GDPR) comes into force. Privacy rules will become more stringent, especially for companies engaged in large-scale personal data processing. As data subjects will be given more rights and will be able to call companies to account if they fail to comply with the law, compliance risks will increase. This includes such aspects as the right of information, inspection, removal and the right to be forgotten.
Our firm can help you prepare for the new privacy rules. A first step is awareness of the new rules within your organisation. In this postletter, we will list the most important changes compared to current legislation. A next step is implementing a proper privacy policy that is tailored to your organisation.
What is this about?
On 25 May 2018, the new privacy regulation (the General Data Protection Regulation, also abbreviated as ‘GDPR’) will take effect.
Who?
The GDPR requirements will apply to all EU-based organisations that process personal data. Companies outside the EU offering products in the EU or monitoring the behaviour of European citizens, for example for the purpose of targeted advertising, will also be subject to the Regulation.
The rules are stricter for those who are engaged in the large-scale processing of personal data, as is the case for online marketing, for example. The rules are also stricter where sensitive data are being processed (such as medical data or personal data of minors) or where use is made of profiling, for instance to create customer profiles based on online behaviour.
What?
The principles of privacy law will remain unchanged, but a number of obligations will be expanded or modified compared to the current legislation. Digital-era developments are a point of focus, as that is where privacy is the most relevant. A summary of the main changes is provided below:
When?
The GDPR takes effect on 25 May 2018. This means that the GDPR will replace existing national legislation (such as the Personal Data Protection Act in the Netherlands) and the GDPR will have direct effect in the Netherlands as from that date.
How?
We can help you prepare for the GDPR. We perform a compliance check to verify whether your company is privacy-proof, analysing how you are processing personal data and identifying the specific steps needed to be compliant by 25 May 2018. We are also able to answer specific requests for advice, draw up privacy statements and processor agreements, and help you draft an internal privacy policy that complies with the law.
In the autumn of 2017, we will schedule a workshop for clients to discuss the ins and outs of the new privacy rules and share some specific tips.
Are you interested? Please send an email to one of our privacy specialists or give them a call:
Berber Brouwer (brouwer@berghstoop.com)
Astrid Sixma (sixma@berghstoop.com)
Esther Schnepper (schnepper@berghstoop.com)
T: + 31 20 620 22 88 – Bergh Stoop & Sanders Advocaten.
Op de Dag van de Persvrijheid heeft Villamedia een belangrijk artikel gepubliceerd van onderzoeksjournalist Stella Braam. In het artikel deelt Braam haar reactie op het klachtenrapport van 30 april jl., dat zij ontving van directeur-generaal van de AIVD, Erik Akerboom, naar aanleiding van haar klacht.
Het is alleen mogelijk een concurrentiebeding op te nemen in een arbeidsovereenkomst voor bepaalde tijd als er in de arbeidsovereenkomst een (extra) motivering staat in dit verband. In die motivering moeten de zwaarwegende bedrijfsbelangen staan die de werkgever heeft om 'deze specifieke werknemer' aan 'dit specifieke concurrentiebeding' te binden. Een algemene, bedrijfsbrede motivering volstaat dus niet.
Vorige week oordeelde het Benelux Court of Justice dat de merkaanvraag voor VAN WONDEREN STROOPWAFELS te kwader trouw en dus nietig is. Eerder, in 2022 wees het Benelux Office for Intellectual Property (BOIP) de vordering tot nietigverklaring nog geheel af.