+31 20 530 0160

Privacy & Data protection

Since 25 May 2018, privacy and data protection rules have been laid down in the General Data Protection Regulation (GDPR). This means that the same privacy legislation applies throughout the European Union. In the Netherlands, additional rules have been laid down in the GDPR Implementation Act.

Every organisation has to deal with privacy law. You already process personal data when you create a member or customer database or maintain a personnel file. Even anonymizing personal data is considered an act processing to which the GDPR applies. Conducting business without processing personal data is near unthinkable.

Many of our clients process data that is much more sensitive, such as health data or data about children. Or they process data on a very large scale, as a result of which an incident can have a huge impact. Finally, all kinds of innovative technological applications offer opportunities for intrusive profiling and monitoring of those involved. Usually with good intentions, but sound legal advice is absolutely necessary.

The GDPR requires you to process data properly, carefully and transparently and in accordance with the law. All kinds of obligations result from this. For example, you may be required to carry out a data protection impact assessment (DPIA). This is an instrument to identify privacy risks in advance.

In order to be able to demonstrate compliance with the GDPR, you must keep a register of processing activities. You may also be required under to appoint a Data Processing Officer (DPO). If you outsource data processing to a third party, you must conclude a processor agreement.

You also need to comply with relevant other regulations that contain special rules for data processing. Issues of privacy law often affect other domains and areas of law, such as rights and obligations in healthcare, telecommunications, education, media, mobility and IT.

SOLV has been closely involved with privacy law since 2000 and has been at the forefront of this field for all those years. Our lawyers are recognised top specialists.

Our services

  • Advising on and executing DPIAs and other privacy compliance processes
  • Advising on complex privacy issues
  • Advising on international transfers of personal data to countries outside the EU and compliant design of these data flows
  • Drafting privacy statements, cookie statements and consent forms
  • Advising on data leaks and drawing up incident response protocols
  • Drafting of processor agreements and other data exchange agreements
  • Advising on requests to access personal data by data subjects
  • Legal proceedings, including in enforcement proceedings by the Data Protection Authority
  • Creating awareness among employees, for example by giving internal courses and workshops
  • Advising on privacy aspects in the development of new products and services, and the application of privacy by design and privacy by default

experts

Kim van Haastrecht

Managing Partner
haastrecht@solv.nl
+31 6 4697 0576

Wanda van Kerkvoorden

Partner
kerkvoorden@solv.nl
+31 20 530 0160

Remco Klöters

Partner
remco@solv.nl
+31 6 1962 2657

Douwe Linders

Partner
linders@solv.nl
+31 6 1091 8864

Micha Schimmel

Attorney-at-law
schimmel@solv.nl
+31 6 2973 6792

Stan Elsendoorn

Attorney-at-law
elsendoorn@solv.nl
+31 6 3065 8062

Anouck Bakhuis

Attorney-at-law
bakhuis@solv.nl
+31 20 530 0160

Michelle de Graef

Attorney-at-law
graef@solv.nl
+31 20 530 0160

Marieke Jacobs

Attorney-at-law
jacobs@solv.nl
+31 20 530 0160

Margot Wiertz-Ermers

Of Counsel
wiertz-ermers@solv.nl
+31 20 530 0160

We work for

publications

Related to Privacy & Data protection
blog Marieke Jacobs

Admissibility ruling in WAMCA proceedings against the Dutch State regarding the GGD data breach

blog Sara van Lieshout

Transavia fined by the AP for poor security of passengers’ personal data

wgs
blog Douwe Linders

The Dutch Data Protection Authority (AP) advises the Upper House not to adopt WGS