The rules and obligations on privacy in relation to the processing of personal data are growing ever stricter. With the impending entry into force (on 25 May 2018) of the General Data Protection Regulation (GDPR), every company is being confronted with significant additional obligations and responsibilities, which moreover can be accompanied by very severe sanctions. The simple reality is that, in one way or another, all companies process personal data of customers, suppliers, personnel, intermediaries, etc.
Along with the necessary technical (IT) and organisational measures, the GDPR also introduces a wide range of legal obligations. Our Privacy and Data Protection practice group assists companies in the important exercise of fulfilling these obligations. On the basis of an analysis of the existing situation, it helps clients to complete the processing register and draft the necessary documents, such as a data processing policy, a policy for employees and a procedure in the event of data breaches. Some companies will also have to appoint a Data Protection Officer (DPO) or conduct a Data Protection Impact Assessment (DPIA).
This practice group also gives advice and assistance in privacy-related disputes, for example within the framework of the employment relationship.
Sara Cockx, who is also a certified Data Protection Officer, leads this practice group together with Dave Mertens.