All conceivable operations relating to personal data are defined as ‘processing’. For example, collecting, editing, viewing, retrieving, disseminating and erasing data about natural persons.
Based on the GDPR, you must implement a variety of measures to protect personal data. One important condition is that you must be able to demonstrate that you have implemented the right measures. Have you set up a processing register? Do you need to appoint a data protection officer within your organisation? Have you performed a privacy impact assessment in relation to processing operations associated with a high privacy risk (e.g. permanent camera surveillance)? Have you identified how personal data is shared, both internally and externally?
Our attorneys at law specialising in privacy law advise organisations, government agencies and institutions on privacy and data protection. We answer the questions above and advise you on suitable measures for your organisation. And we do so from a variety of perspectives. This ensures that your organisation complies with all obligations in the area of privacy and data protection.