GDPR / AVG

Services

GDPR / AVG

What is GDPR / AVG

On May 25, 2018, the European Union’s GDPR (General Data Protection Regulation) came into force across all member states.

In the Netherlands, this means the GDPR takes precedence over the previous national data protection AVG law. Regulation – 2016/679 – EN – gdpr – EUR-Lex

The GDPR establishes strict rules to safeguard personal data, that is, any information relating to an identified or identifiable natural person, and defines how organizations must handle, store, and process such data.

As a result, this regulation affects not only businesses, but any entity, public authorities, private companies, service providers or third-party processors that handles the personal data of EU residents.

Why the AVG still Matters

The national law, AVG, complements the European GDPR and adapts its provisions to the Dutch legal context. Privacy legislation | Autoriteit Persoonsgegevens

Among its aims are: Ensuring transparent data-processing practices, protecting digital rights, and establishing clearer obligations for organizations operating in the Netherlands.

The law strengthens citizens’ rights, including rights of access, correction, erasure, portability, and more, while introducing the requirement for a Data Protection Officer (DPO) / Functionaris Gegevensbescherming (FG) for certain organizations.

What This Means for Your Business / Organization

Compliance by default:

Any business processing personal data must ensure lawful, fair, and transparent processing, limit the data collected to what is strictly necessary, keep data accurate and up-to-date, and retain it only as long as needed.

Rights of data subjects:

Individuals enjoy enhanced rights such as right to access, correction, erasure (“right to be forgotten”), data portability, restriction or objection to processing, and protection against automated decision-making without consent.

Obligations for businesses:

Organizations may need to appoint a DPO / FG, maintain records of processing activities, implement security measures, and ensure transparency and consent mechanisms.

Applicability throughout Europe:

GDPR / AVG applies to any company that processes data of EU residents, even if the company is located outside the EU, if it offers goods or services to EU citizens or monitors their behaviour.

Our Data Protection & Compliance Services

We offer tailored services to help you comply with GDPR and AVG requirements: from compliance audits and DPO / FG outsourcing to data-handling strategies, internal policies, and ongoing support.
Would you like more information or a quote? Please feel free to contact us
Contact

FAQ

Who must comply with GDPR / AVG

Any company, organization, or public authority, national or international, that processes personal data of individuals residing in the EU, regardless of where the company is based.


What rights do individuals have under GDPR / AVG

Individuals have rights including access, correction, erasure (“right to be forgotten”), data portability, restriction or objection to processing, and protection from purely automated decisions.


Do I need a Data Protection Officer (DPO / FG)?

If your organization handles certain types of data (e.g. sensitive data) or engages in large-scale processing, GDPR / AVG may require you to appoint a DPO / FG (in-house or external).


How long can personal data be stored?

Only as long as strictly necessary for the purpose it was collected. Unnecessary storage may violate data minimization and storage limitations under GDPR / AVG.


What happens if you don’t comply?

Non-compliance can lead to administrative sanctions under AVG and GDPR, including significant fines and reputational damage.


Stay Informed — Visit Our Blog

For regular updates on privacy, compliance, security and data-protection best practices, check our blog

Our Blog

Our GDPR and Data Protection Services

For the complete, official legal text of GDPR, and to review all obligations defined under the EU regulation, consult the official EU legal repository
AVG | Algemene Verordening Gegevensbescherming - Your Europe
De AVG in het kort | Autoriteit persoonsgegevens
EPRODAT — Experts in gegevensbescherming en privacy-compliance
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.