Last Updated May 08, 2019

Law and Practice

Contributed By Vondst Advocaten N V

Authors



Vondst Advocaten N V is an Amsterdam-based boutique law firm that focuses exclusively on contentious intellectual property, pharmaceuticals and life sciences, IT and privacy. The data protection team advises and litigates in both national and international matters relating to data protection. In addition, they frequently lecture and publish on data protection.

The right to privacy is embedded in Article 10 of the Dutch Constitution. This Article provides for a general right of protection of private life as well as an obligation to lay down rules on data protection. This Article must be interpreted in light of Article 8 of the European Convention on Human Rights and Articles 7 and 8 of the European Charter of Fundamental Rights of the European Union.

In the Netherlands, data protection is regulated by the General Data Protection Regulation (GDPR). The GDPR came into force on 25 May 2018 and regulates the processing of personal data of individuals by imposing obligations on data controllers and data processors.

As a directly applicable regulation, the legal obligations contained in the GDPR have direct effect in the Netherlands without any national implementing measures. However, the GDPR contains a number of derogations that provide EU Member States with discretion to introduce specific derogations on how certain provisions of the GDPR will apply in Member State law.

The Netherlands has introduced such specific derogations in Dutch law through the Dutch General Data Protection Regulation Implementation Act (the ‘Implementation Act’). The Implementation Act repealed the implementation act of the EU Data Protection Directive – the Dutch Data Protection Act. Aside from the enforcement regime set out in the GDPR, the Implementation Act provides for the possibility to impose an administrative enforcement order by the Dutch Data Protection Authority (‘AP’) to enforce obligations laid down by the Implementation Act.

The e-Privacy Directive 2002 (as amended in 2009) regulates direct marketing. The e-Privacy Directive has been implemented in the Dutch Telecommunications Act, which also includes provisions on the use of cookies and similar techniques. The e-Privacy Directive will be replaced by the e-Privacy Regulation within the next few years.

The NIS Directive 2016 regulates the security of network and information systems of operators of essential services and digital service providers, which has been implemented in the Dutch Act on security of network and information systems 2018 (‘Wbni’). Operators of essential services and vital providers are appointed in the Dutch Decision on security of network and information systems (‘Bbni’).

The collection and processing of personal data is also regulated by various specific laws and regulations and certain sectorial laws.

Vondst Advocaten N V

Jacob Obrechtstraat 56
1071 KN Amsterdam

+31 20 504 20 00

+31 20 504 20 10

info@vondst.com www.vondst.com
Author Business Card

Authors



Vondst Advocaten N V is an Amsterdam-based boutique law firm that focuses exclusively on contentious intellectual property, pharmaceuticals and life sciences, IT and privacy. The data protection team advises and litigates in both national and international matters relating to data protection. In addition, they frequently lecture and publish on data protection.

{{searchBoxHeader}}

Select Topic(s)

loading ...
{{topic.title}}

Please select at least one chapter and one topic to use the compare functionality.