News about GDPR and data2.eu
On this page we will inform you about news items that are related to the GDPR, and about our GDPR tool for creating a processing index that is needed to comply with the GDPR.
The number of privacy complaints submitted to the Authority for Personal Data (AP) continues to rise sharply. According to the AP, more than 15,000 people filed a complaint in the first half of 2019, compared to approximately 9,000 in the second half of 2018.
After the great hype and the tension surrounding the General Data Protection Regulation in spring 2018 and the relatively quiet summer that followed, our personal experience is that still many organizations haven't finished compliance with GDPR. The processing index, an internal documentation requirement, is usually not yet implemented.
The Dutch bank Theodoor Gilissen Bankiers has paid a fine of €48,000 to the Dutch Personal Data Authorities for non-compliance with the right to access one's own personal data.
The European Union has warned the United States that it still has three months to comply with the Privacy Shield Agreement. The agreement that came into force in July 2016 regulates the transfer and storage of consumer data between Europe and the USA.
From 1 January 2019 the Dutch tax authorities must stop using the Citizen Service Number (BSN) in the VAT number of self-employed persons with a sole proprietorship. The Dutch Data Protection Authority has reported that the Tax and Customs Administration has no legal basis to use the citizen service number in the VAT identification number.
A Dutch Consumers' Association concludes that a large majority of 150 well-known websites in the Netherlands are in breach of the new privacy act GDPR. The new European privacy act, which in the Netherlands is called the AVG (General Data Protection Regulation), contains specific requirements for websites regarding cookies.
According to the Dutch State Secretary for Finance, Menno Snel, the Tax and Customs Administration need another year to be able to comply with the new European Privacy Act GDPR. The GDPR entered into force on 25 May but the Dutch IRS is not yet ready for GDPR.
Tomorrow, on Friday 25th May, all companies and organisations that process any personal data (name, email etc) need to comply with the GDPR, the new EU law to protect the privacy of EU Citizens. One of the principles of the GDPR is to be transparent about what data you process. Hence, all the privacy statement updates at the moment.
According to a survey by consultancy firm PwC, 60% of companies are not ready for the GDPR privacy deadline. On Friday 25 May 2018 all companies and organizations must comply with the new European privacy law GDPR. Even less than 20% of the companies have set up a processing index.
Page 1 of 2