You are here:

Data Protection & Privacy

With the adoption of the EU General Data Protection Regulation (“GDPR”), applicable as from 25 May 2018, data protection has become a boardroom topic, mainly because of the severe sanctions on non-compliance (up to 20 million euro or 4% of the annual worldwide turnover).

First Belgian GDPR fine
News - 04 June 2019

First Belgian GDPR fine

On 28 May 2019, the Belgian Data Protection Authority imposed its first GDPR fine for misusing personal data for electoral campaign purposes.
read more
Data Protection Authority publishes Annual Activity Report for 2018
News - 07 May 2019

Data Protection Authority publishes Annual Activity Report for 2018

On 25 April 2019, the Data Protection Authority (DPA) published its Annual Activity Report for 2018, highlighting the main developments and accomplishments of...
read more
Members Belgian Data Protection Authority (finally) appointed
News - 29 March 2019

Members Belgian Data Protection Authority (finally) appointed

On 28 March 2019, the members of the Executive Committee of the Belgian Data Protection Authority have been appointed by the Belgian Parliament in plenary meeting....
read more
Update of the list of processing operations for which a DPIA is required
News - 22 February 2019

List of processing operations requiring a DPIA updated

Belgian Data Protection Authority published updated list of data processing activities that require data protection impact assessment under the GDPR.
read more
  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. next page
You have not accepted cookies yet

Because you chose not to accept cookies, we unfortunately have to block this piece of content. Please go to cookie settings page to accept cookies and view the full website.


Compliance is key

The territorial scope of data protection legislation is very broad. In addition to EU-based companies, anyone actively offering goods or services to citizens in the EU is caught by the GDPR, as well as non-EU companies who are monitoring of the behavior of individuals in the EU.

The practical implementation of the various GDPR requirements (appointment of a Data Protection Officer, internal record-keeping, drafting of privacy policies and data transfer or data processing agreements, mapping of data flows, etc.) is challenging. Achieving compliance often requires business processes and company practices to be re-examined and redesigned. The link and collaboration between legal, HR, IT, sales, etc. is often also crucial.

Data protection compliance can on the other hand be seen as a business opportunity, presenting a competitive advantage for companies doing business in the European Union. Where personal data have become a global currency, the secure and responsible handling of such data has become key.

In addition, as compliance goes hand in hand with enforcement, companies should also be ready to handle complaints from individuals, disgruntled employees or even competitors. Being able to adequately communicate with the authorities, and to defend your case in the context of an investigation or enforcement scenario, should be an indispensable part of any compliance project.

 

How we can assist you

The Loyens & Loeff Data Protection & Privacy Team provides integrated legal advice on a wide variety of complex privacy and data protection related matters in various industry sectors, and such through a one-stop shop approach.

The Team consists of members from various Practice Groups and jurisdictions,combining their regulatory data protection expertise with advice from a tax, IT, corporate, competition, finance and employment law perspective. Moreover, the Team has the unique ability to offer integrated assistance in Loyens & Loeff’s four home markets (Belgium, The Netherlands, Luxembourg and Switzerland).

The combination of these different characteristics makes that we are uniquely positioned to assist companies (whether located inside or outside the EU), from a compliance angle as well as in an enforcement / litigation context.

Our services

Setting-up compliance frameworks

  • (GDPR) compliance projects
  • data protection due diligence audits
  • in-house trainings (sector- and business oriented)

 

Tailored advice on a wide range of data protection topics

  • privacy policies, disclaimers, clauses, etc.
  • ‘big data’ and profiling
  • data processing agreements
  • international data transfers / flows of personal data
  • employee privacy and monitoring
  • camera surveillance (CCTV)
  • data security
  • direct marketing strategies
  • cookies and e-commerce compliance

 

Assistance with specific GDPR obligations

  • “GDPR Toolkit” (starter package to get started on your road to GDPR compliance)
  • appointment of Data Protection Officer
  • data Protection Impact Assessments
  • internal record-keeping obligation
  • privacy by design / by default
  • data breach requirements

 

Litigation and dispute resolution

  • (legal) data breach response services
  • assistance during investigations by data protection authorities
  • representation before courts and tribunals
  • complaint-handling