Skip to main content

How can we help you?

  • 11-12-2018

The Dutch Data Protection Authority (DPA) recently published five recommendations for records of processing activities (only available in Dutch). In accordance with European privacy legislation, organisations must (usually) keep records of their processing activities. The DPA issued its recommendations following an exploratory study of thirty large organisations, in which they assessed the quality of the processing records.

Indefinite storage of personal data without justification is not compliant with European privacy legislation. For this reason, the DPA recommends, amongst other things, that organisations state in their processing records how long they intend to store personal data.

The DPA calls its recommendations "concrete". However, it could also be argued that they "state the obvious" and "raise more questions than they answer".

Please read more on this topic in our newsletter.

Cookie notice

Our website only uses cookies when you play video content. Video content is streamed from Vimeo. Our website does not use tracking cookies and/or third party cookies when you do not play video content. Please read the privacy/cookie policy for more information.