Skip to main content

How can we help you?

  • 10-12-2015

As of 1 January 2016 companies, public bodies and other organisations that process personal data have an obligation to immediately report personal data breaches to the Dutch Data Protection Authority (College Bescherming Persoonsgegevens ("CBP")). Yesterday, the CBP published its Policy Rules on the duty to notify personal data breaches ("Policy Rules"). The Policy Rules are intended to support businesses in complying with the notification duty and also serve as the CBP's point of departure when applying enforcement measures. This Update provides an overview of what you need know about the breach notification duty. As of one January 2016 the CBP will change its name to Autoriteit Persoonsgegevens. This Update therefore makes reference to Autoriteit Persoonsgegevens, rather than the CBP.

Please read more on this topic in our newsletter.

Cookie notice

We care about your privacy. We only use cookies strictly necessary to ensure the proper functioning of our website. You can find more information on cookies and on how we handle your personal data in our Privacy and Cookie Policy.