The General Data Protection Regulation (GDPR) is a European law taking effect as of 25 May 2018. The GDPR applies to all companies and governments, and concerns the protection and management of personal data of website visitors, prospects, customers, employees, citizens, etc... If you do not comply with the GDPR, you risk a major fine.
To be in compliance with the new GDPR law you have:
days hours minutes seconds
Most companies and governments must meet the obligations of the General Data Protection Regulation. Answer three brief questions and find out within the space of one minute whether the GDPR applies to you.To the GDPR-checker
One of the main obligations arising from the GDPR is that you may have to appoint a Data Protection Officer (DPO). Check whether you have to appoint a DPO.To the DPO-checker
Answer these three questions in order to find out whether you must comply with the General Data Protection Regulation (GDPR).
1. Do you collect personal data digitally or on paper?
2. Do you process these personal data?
3. Do you process these personal data for a European company?
Just like most European companies and governments, you must meet the obligations of the General Data Protection Regulation.
One of the main obligations arising from the law involves appointing a Data Protection Officer (DPO).Now check whether you have to appoint a DPO!
You have not answered all questions with ‘Yes’. This means that the GDPR does not apply to your organisation.
Een van de belangrijkste verplichtingen die uit de wet voortvloeit, is het aanstellen van een Data Protection Officer (DPO): een functionaris gegevensbescherming. (vertaling nodig)
If you are still in any doubt, please contact us.Contact us
Even though you do not have to comply with the GDPR, we still advise that you make information security and data protection a priority. They can make a real difference here.Take a look here to find out how we can help you
Please feel free to get in touch, and we can quickly provide clarity on how the GDPR applies and/or what it means for your company or organisation.Get in touch
Make information security and data protection your priorities. This can even be an asset for those who do not have to comply with the GDPR. If you do not comply with the law, it could cost you dearly in terms of administrative major fines: up to € 20,000,000 or 4% of the global annual turnover.
Check whether you have to appoint a Data Protection Officer (DPO).
1. Are you a government agency or body?
2. Does your core activity involve the regular or systematic observation of people on a major scale?
3. Does your core activity involve processing special personal data on a major scale?
A DPO helps your organisation to fulfil the obligations set out by the European law on General Data Protection Regulation. It is possible to appoint a single DPO for a conglomerate (group of companies).
The appointment of the DPO must be published and communicated to the monitoring authority (‘DPA’, or Privacy Commission in Belgium). If you do not appoint a DPO, you risk an administrative fine of € 10,000,000, or 2% of the total global annual turnover.
What does the DPO do? Find out more about the role of the DPO here.
It is also possible to outsource the tasks of a DPO: discover why this can be helpful and what benefits this offers here.
In accordance with the obligations set by the General Data Protection Regulation (GDPR), you do not have to appoint a DPO. It is advisable to document the internal analysis process that led to the conclusion not to appoint a DPO.
However, it is clear that even though a DPO may not be legally required for your organisation, appointing a DPO for data protection can still be beneficial. It is irrevocably the case that information security, privacy and data protection should be at the forefront of every company, not least through the effective enforcement of the rules through their sanctions.
Appointing a DPO can be viewed as a mitigating factor in the event that an infringement occurs despite the efforts made, meaning that the fines may still be levied.
The law explicitly provides that the DPO can be an external consultant. Because the GDPR sets a number of requirements as regards the tasks of a DPO, it can be helpful to outsource the tasks of a DPO.Contact us
De wet voorziet expliciet dat de DPO of functionaris gegevensbescherming een externe consultant kan zijn. Omdat de GDPR een aantal vereisten stelt aan de uitvoering van de taken van een DPO kan het verstandig zijn de DPO-taken uit te besteden.Find out more on our blog
What IFORI can do for you in terms of General Data Protection Regulation (GDPR) and Data Protection Officer (DPO).
We blend in
You are welcome in our office but we prefer coming to you.
IFORI is een juridisch niche kantoor gespecialiseerd in ICT-recht en intellectueel eigendomsrecht. Wij zijn specialisten op vlak van privacy en informatieveiligheid. Daarnaast helpen wij u graag bij het beschermen van uw IP (merken, patenten, modellen, auteursrechten etc.) en bij het opstellen en onderhandelen van ICT-overeenkomsten, R&D en handelscontracten.
Entrepreneurs met een "can do" mentaliteit. One stop shop van R&D tot launch. We stoppen pas als we u écht begrijpen. Een loyale partner die u blind kan vertrouwen. We staan dicht bij onze klant.
Victor Braeckmanlaan 107
9040 Gent, België
T +32 9 230 36 62
F +32 9 231 63 71
RPR: 0472.073.759 (Gent)
BTW: BE 0472.073.759
IBAN: BE14 0689 0654 8283
Photography: Lynn Delbeecke
© 2000-2017 IFORI BVBA – All rights reserved