GDPR

Advocate General opinion on further unlawful processing

In a recent opinion delivered by Advocate General Campos Sánchez-Bordona, the European Court of Justice is asked to interpret key provisions of the GDPR concerning the rights of individuals whose personal data has been unlawfully processed.

CJEU confirms “right of explanation” in battle between trade secrets and algorithmic transparency

The CJEU's recent ruling emphasizes the GDPR's demand for algorithmic transparency in automated decisions, challenging companies to explain their logic. The decision also shows the difficulty of balancing such transparency with trade secret protection.

Belgian data protection authority fines hospital after data breach for taking insufficient data protection measures

In 2021, a Belgian hospital fell victim to a ransomware attack that disrupted critical operations and compromised the personal data of 300,000 people. As a result, the Belgian data protection authority imposed a fine of €200,000 three years later.

Key takeaways and insights from the EDPB Pseudonymisation Guidelines

On 16 January, 2025, the EDPB released its guidelines on pseudonymisation. These guidelines are not yet finalized, as they remain open for public consultation until 28 February. In this blogpost, we highlight the key takeaways.

Netflix in own privacy cliffhanger: EUR 4.75 million fine from Dutch GDPR Watchdog

Netflix, the global streaming giant, has been fined €4.75 million by the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) for failing to provide customers with adequate information about how their personal data was being processed.

Gegevensbescherming: de bestuursrechtelijke aspecten van de AVG

Tom Barkhuysen, Janita Hofman, Minke Reijneveld en Steven Bastiaans (Boels Zanders) schreven samen de jaarlijkse NTB kroniek: de bestuursrechtelijke aspecten van de AVG.

TMT seminar series 2024

Following our successful TMT seminar series in 2023, our TMT team is happy to announce five new seminars taking place in 2024. Please find an outline of the seminars in the article below.

Stibbe advises ArmenTekort

Stibbe has advised ArmenTekort on data processing and GDPR compliance.

Stibbe advises Dierenartsen zonder grenzen / Vétérinaires sans Frontières Belgium

Stibbe has assisted Dierenartsen Zonder Grenzen / Vétérinaires Sans Frontières Belgium with pro bono legal advice regarding GDPR compliance.

EU Advocate General balances data protection rights against trade secrets in algorithmic credit scoring case

On 16 march 2023, Advocate General Pikamäe issued his opinion on the scope of data subject rights in the context of algorithmic credit scoring.

Three months after the UBO-case – Where do we stand and what’s next?

This article looks at the aftermath of the UBO case invalidating the general access to UBO data, and looks at what lies ahead for companies and member states, and specifically at Belgium's recent regulatory action.

Belgian DPA rules on employee geographic tracking by public authorities

On 21 February 2023, the litigation chamber of the Belgian data protection authority has ruled on the legitimacy of the geographic tracking of employees by a public authority.

ECJ further shapes independent position of DPOs

In a judgment of 9 February 2023 (C-453/21), the European Court of Justice has further shaped the rules surrounding the independence of a data protection officer (DPO), one of the cornerstones of the GDPR.

Promotie Minke Reijneveld

Minke Reijneveld promoveert op ‘Gegevensbescherming in faillissement’.

Data Privacy Day 2023: highlighting the most impactful ECJ judgments from the past year

In recent years, the ECJ has issued landmark judgments with far-yielding consequences for data controllers and data processors. To celebrate Data Privacy Day 2023, we highlighted the most impactful judgments of the ECJ from the past year.