What do the new privacy regulations mean to you?

8 juni 2018

There are some dates you never forget. Sometimes because they're personally special or because they possess high news content. Your wedding anniversary, for example, your children’s or grandchildren’s birthdays, but also dates like nine-eleven. Perhaps the following date will also become carved into your memory: 25 May 2018; the day the GDPR comes into effect, replacing the Dutch Personal Data Protection Act. How will these revamped privacy regulations affect you?

GDPR

The General Data Protection Regulation (GDPR) replaces the current Dutch Data Protection Act. These regulations strengthen and expand the privacy rights of natural persons. The GDPR applies to all companies and organisations that record data of clients, staff, suppliers or anyone else. The GDPR in a nutshell.

What is personal data?

Personal data consists of details that can identify a person directly or indirectly, such as name and address, citizen service number, specific email address (firstname.familyname@organisation.nl), as well as (recognisable) images. If you record this type of data, you will be legally obliged to take measures, both at an organisational and technical level, to guarantee an 'appropriate level of protection'.

The GDPR in 10 steps

The Dutch Data Protection Authority has developed a 10 step GDPR plan to prepare for the implementation of the GDPR. The points of action are:

Alfa as processor

As an entrepreneur you are responsible for processing the personal data you collect. If you outsource the processing to a third party, you are obliged to conclude a processing contract with this party. With Alfa, this will apply when we process your payroll administration for example. More information on this issue is available in our news item "What does Alfa do with your personal data?".

If you outsource any other activities involving personal data to other third parties, you will also need to conclude processing contracts with these parties.

Keep moving

The notion that personal data needs to be recorded in a safe and secure environment is nothing new. However, the new regulations will demand a number of additional measures. Make certain you keep on track, become GDPR-proof and ensure that data is handled appropriately and with care.

More information?

For further information regarding the GDPR, please refer to the Dutch Data Protection Authority website.

If you wish to know more about privacy sensitive information and the choices you need to make, then please contact our partner in security awareness: Awareways, without obligation. Among other things, this organisation offers tailored GDPR training (e-learning). Click here for an application demonstration.