General Data Protection Regulation (GDPR)

We are Stibbe General Data Protection Regulation Specialists

Complying with the General Data Protection Regulation (GDPR) – What and how?

General Data Protection Regulation (GDPR)

The GDPR has a broad impact on your business, both online and offline. So let us help you avoid pitfalls so you can stay focused on the business.  



Why bother about the GDPR?


A new EU Regulation on the processing of personal data.

Since personal data is any information relating to an identified or identifiable natural person, this Regulation covers any data processing done by a company.

Directly applicable

Unlike Directives, EU Regulations are directly applicable in all EU member states, without the need for national laws to transpose them. Hence, a Regulation is automatically part of the law you need to adhere to.

Even if you are located outside the EU

The GDPR applies to both EU companies and to non-EU companies that (i) process personal data in relation to the offering of goods or services to EU data subjects or (ii) monitor the behaviour of data subjects occurring within the EU.

Even if you “only” process data on behalf of someone else

The GDPR expressly addresses the role and responsibility of data processors, i.e. those entities that process personal data on behalf of another entity that controls the data and the purpose for which they are being processed (i.e. data controllers). For example, a hosting provider is a data processor for the company owning the website and a payroll service provider is a data processor for the employer outsourcing payroll services.

Compliance as a competitive edge

The impressive sanctions and fines for non-compliance with GDPR is one reason to take action. On a more positive note, adapting early to the GDPR requirements is a genuine opportunity to improve your processes and gain a competitive edge by turning compliance into a unique selling point.

Visit our other GDPR pages:


Subscribe to newsletter

Experience

Other specialists

Related news

26.02.2020 BE law
18 March 2020: Erik Valgaeren sheds a light on the legal perspectives of industrial data during a Beltug conference

Speaking slot - In this era of digitisation, data is often called the 'new gold' or 'oil'.  In our aim to gain more insights that will lead us to higher revenue, new market opportunities or new regions, we are analysing data at full throttle. But it needs to be handled with care, using a data architecture that follows your general strategy while ensuring solid security, quality, etc.

Read more

08.11.2019 EU law
Erik Valgaeren is session chair during IBA's 6th Biennial Technology Law Conference in Berlin

Speaking slot - Stibbe's TMT partner, Erik Valgaeren, chairs a session discussing the new legal challenges, created by the most recent technological developments in the field of software, data, online services and telecom, including 5G, pricing algorithms, platforms and data monetization. This session will take place on the 8th of November 2019 in Berlin.

Read more

19.08.2019 EU law
Enable “likes” and bear joint-controllership

Articles - The Court of Justice of the European Union recently ruled, in Case C-40/14 Fashion ID GmbH & Co. KG v Verbraucherzentrale NRW eV,  that a website operator that features “Like” social-media plugin from Facebook likely qualifies as joint-controller with Facebook for its website visitors’ personal data collection and transmission to Facebook.

Read more

21.02.2020 NL law
Podcast: Data en financiële instellingen

Short Reads - In deze podcast praten Roderik Vrolijk en Frederiek Fernhout van Stibbe in Amsterdam en Joran Iedema van Stibbe StartsUP-deelnemer Dyme over Fintech, PSD2 en het gebruik van data door financiële instellingen. Aan de ene kant biedt nieuwe regelgeving zoals PSD2 nieuwe mogelijkheden, aan de andere kant neemt de regeldruk en het toezicht op bescherming van persoonsgegevens toe.

Read more

02.10.2019 EU law
Seminar: Data protection implications of (a no-deal) Brexit

Seminar - On October 25th at 9.30 am, we organize a seminar where we will discus the implications of a (no-deal) Brexit on data protection.  These issues affect all businesses interacting between UK and EEA (including EU) and which send or receive data to and from UK. We will highlight the main challenges both in the case of a hard Brexit on 31 October 2019 and in other scenarios. We will also offer guidelines to help your organisation mitigate the respective risks.

Read more

10.03.2020 NL law
De AVG staat niet in de weg aan de verwerking van persoonsgegevens door een toezichthouder tijdens een bedrijfsbezoek

Short Reads - Bedrijven die met toezicht worden geconfronteerd, zijn gehouden op verzoek van een toezichthouder in beginsel alle informatie te verstrekken. Met de komst van de Algemene verordening gegevensbescherming (AVG) is in de praktijk de vraag opgekomen of een toezichthouder bevoegd is om persoonsgegevens die onderdeel uitmaken van de gevraagde informatie te verwerken.

Read more

22.07.2019 NL law
HagaZiekenhuis beboet voor datalek

Short Reads - Enkele maanden geleden vierden we de eerste verjaardag van de Algemene Verordening Gegevensbescherming (AVG) met een uitgebreide beschouwing  over de belangrijkste  ontwikkelingen uit  het eerste jaar van de verordening. We concludeerden daarin onder meer dat de door sommigen voorspelde hoge bestuurlijke boetes voor overtredingen van de AVG tot dan toe  - zowel in Nederland als in de andere EU-lidstaten - grotendeels waren uitgebleven.

Read more

This website uses cookies. Some of these cookies are essential for the technical functioning of our website and you cannot disable these cookies if you want to read our website. We also use functional cookies to ensure the website functions properly and analytical cookies to personalise content and to analyse our traffic. You can either accept or refuse these functional and analytical cookies.

Privacy – en cookieverklaring