Privacy law essentially includes all laws, rules and regulations with regard to the right to respect for private life. This fundamental right is laid down in a number of international conventions and further detailed in European and national legislation. This includes the Dutch Data Protection Act (‘Wet bescherming persoonsgegevens’) – an implementation of the European Data Protection Directive (‘Privacyrichtlijn’). The Data Protection Act and Data Protection Directive will be replaced by the European General Data Protection Regulation (GDPR) as of May 25, 2018. This new regulation will have important consequences for organization that process personal data.

Virtually all companies and organizations process personal data to a greater or lesser extent. Think of, for example, creating a database of customer data, keeping staff records, or installing security cameras. Also, linking different databases to obtain new information about individuals occurs regularly.

It is important to be well aware of your rights and duties in that respect. Based on the GDPR, violations of privacy rules can result in substantial fines.

You can contact us for advice on issues regarding privacy law. We can perform a one-time quickscan of your organization. This includes making all data streams visible and, if necessary, indicate what you can do in concrete terms to align your organization with the applicable privacy rules. We can also help you in implementing the new privacy rules in your organization and business processes. In addition, we answer specific questions – e.g. to what extent a certain data processing is permitted under the applicable laws and regulations.

You can stay informed of all relevant developments in privacy through our weblog or by following us on LinkedIn. We regularly organize masterclasses and lecture at universities and other educational institutions. This way you are always up to date.


– Protection of personal data

– Retention periods

– Processor agreements

– Special personal data

– Transfer of personal data abroad

– Data Protection Officer (DPO)

– Privacy within HR (absence, inspection, usage rules)

– Privacy Impact Assessment (PIA)

– Privacy statements

– Litigation

– Lawfulness of processing of personal data

– Screening

– Training

– Supervision and enforcement Data Protection Authority

– Exchange of personal data

– Personal data breach notification