Belgian Data Protection Authority – again – imposes GDPR fines on public officers (Loyens & Loeff)

Author: Stéphanie De Smedt (Loyens & Loeff) Publication date: 03/12/2019 The Belgian Data Protection Authority (BDPA) is slowly but steadily becoming more active in enforcing the EU General Data Protection Regulation (GDPR). Just like the very first GDPR fine that was imposed in Belgium (see below), the most recent fines are

2019-12-11T11:10:06+00:00 11 décembre, 2019|Categories: Droit au respect de la vie privée|Tags: , , |

German real estate company fined 14.5 million EUR for storing all personal data of tenants indefinitely in an archive system (Timelex)

Author: Frederic Debusseré (Timelex) Publication date: 11/11/2019 On 30 October 2019, the Berlin Data Protection Authority (DPA) issued a big fine of 14.5 million EUR against Deutsche Wohnen SE, a German publicly listed real estate company with more than 160,000 apartments in its portfolio, for storing all personal data of its tenants

2019-12-02T10:40:04+00:00 23 novembre, 2019|Categories: Droit au respect de la vie privée|Tags: , , |

’I want my data!’- Recent Developments in the Right to Access One’s Personal Data (Stibbe)

Author: Cyril Fischer (Stibbe) Publication date: 22/08/2019 The Belgian Data Protection Authority has recently adopted a broad view of the right to access one's personal data. The Belgian Data Protection Authority ('Belgian DPA') has recently rendered a decision on an individual’s request to access his personal data. After a brief discussion of this

2019-08-28T15:22:36+00:00 28 août, 2019|Categories: Droit au respect de la vie privée Privacy, IT & IP|Tags: , , , |

RGPD amende British Airways : société piratée doublement victime ? (Timelex)

Auteur: Bernd Fiten (Timelex) Date de publication: 10/07/2019 L’Autorité de contrôle britannique Information Commissioner's Office (ICO), a annoncé son intention d'infliger à British Airways une amende de 183 millions de livres sterling (équivalant à 243,47 millions d'euros). Ceci représente 1,5 % du chiffre d'affaires total de l'entreprise pour l'exercice 2017. Il s’agit d’une

GDPR’s first birthday in six lessons (Altius)

Author: Gerrit Vandendriessche (Altius) Publication date: 04/07/2019 The general data protection regulation (GDPR) just celebrated its first anniversary.  Although it seems that EU businesses and individuals are well aware of its existence, some controllers and processors are still not entirely GDPR compliant.  Others that already underwent GDPR audit, must realize

2019-07-12T09:49:51+00:00 12 juillet, 2019|Categories: Droit au respect de la vie privée Privacy, IT & IP|Tags: , , |

Free flow of non-personal data and GDPR (Loyens & Loeff)

Authors: Stéphanie De Smedt and Garance Dekeyser (Loyens & Loeff) Publication date: 19/06/2019 The new Regulation 2018/1807 on the free flow of non-personal data in the EU is applicable since 28 May 2019. The main goal pursued by Regulation 2018/1807 is to boost the data economy by facilitating the cross-border exchange of

Clinical trials and the GDPR: do I really need the participant’s consent? (Altius)

Author: Alexander Schillebeeckx (Altius) Publication date: 02/05/2019 On 23 January 2019, the European Data Protection Board (EDPB) issued its Opinion 3/2019 on the interplay between the General Data Protection Regulation (GDPR; applying since 25 May 2018) and the Clinical Trials Regulation (CTR; probably applying from 2020). In its Opinion, the EDPB

Consentement relatif au marketing direct (Claeys & Engels)

Auteur: Claeys & Engels Date de publication: 26/03/2019 Beaucoup d’entreprises ont recours au marketing direct. Ce concept peut être défini comme l’envoi de messages publicitaires, écrits ou oraux, à une ou plusieurs personnes, identifiées ou identifiables. Lorsqu’il est fait usage du marketing direct par des moyens de communication électroniques (par

Members Belgian Data Protection Authority (finally) appointed (Loyens & Loeff)

Authors: Stéphanie De Smedt, Valérie Verstraeten and Yves Van Couter (Loyens & Loeff) Publication date: 29/03/2019 On 28 March 2019, the members of the Executive Committee of the Belgian Data Protection Authority have been appointed by the Belgian Parliament in plenary meeting. As a result, the Belgian DPA can now really start its

Can a YouTuber qualify as “a journalist” under the GDPR? (Timelex)

Auteur: Jos Dumortier (Timelex) Publicatiedatum: 20/02/2019 Journalists are, to a certain extent, exempted from the application of the GDPR. The details are regulated by Member State law. Art. 85, 1. of the GDPR states that Member States shall by law reconcile the right to the protection of personal data pursuant to

2019-02-23T01:50:09+00:00 23 février, 2019|Categories: Droit au respect de la vie privée Privacy, IT & IP|Tags: , , |