Social elections 2020 & personal data challenges

You have been preparing the list of voters or candidates for the social elections, and then the annoying question props up: "Are we even allowed to create this list? What about the GDPR?" (the General Data Protection Regulation).

The short answer is fortunately "Yes, the GDPR allows this", but you have to ensure that you take certain measures to avoid creating a privacy risk for the voters and candidates.

Let us look at some of the key ways in which the GDPR influences what you can do with lists in the context of social elections.

To read the newsletter, click here.

Update

08.03.2024
Gender equality in the employment relationship: legal rules overview
Update

09.02.2024
Privacy & data in the Benelux: five things you need to know in 2024
Deal or Case news

31.01.2024
NautaDutilh assists ENGIE and Electrabel in securing Belgium’s energy supply
Update

15.12.2023
New legal obligations require employers with 50 employees or more to appoint a person of trust
Deal or Case news

12.10.2023
NautaDutilh assists Colruyt Group on its acquisition of 57 Match and Smatch stores
Update

08.08.2023
Third parties can intervene in BDPA proceedings and appeal its decisions
Deal or Case news

18.07.2023
NautaDutilh assists founding shareholders of Route Mobile in selling majority stake to Proximus
Update

14.07.2023
Green light for EU-US Data Privacy Framework: a new era for transatlantic data flows
Corporate news

06.06.2023
Anke Holtland appointed to counsel Public Law
Update

15.05.2023
New legislation for successive temporary employment contracts
Publication

14.04.2023
Best practices for drafting and updating data protection notices
Update

01.03.2023
Dutch DPA letter to the government on PNR: enforcement threatens again with focus on proportionality
Update

27.02.2023
Data Protection in Belgium: the 2023 focus of the BDPA
Update

13.02.2023
The end-user and its avatar - data integrity risks and ethical challenges in the metaverse - Part one
Publication

03.02.2023
NautaDutilh contributes to IAPP's Global Legislative Predictions 2023
Update

02.02.2023
New obligations for employers towards their employees in Belgium
Update

20.01.2023
Benelux Technology Law in 2023: five things you need to know
Update

16.01.2023
Summary of important recent developments in Belgian employment law
Publication

15.12.2022
GDPR & AML: no longer public access to UBO data without legitimate interest
Update

28.11.2022
No longer public access to UBO data without legitimate interest
Update

28.11.2022
Incapacity for work: three new rules enter into force in Belgium
Publication

27.10.2022
Vincent Wellens on FATCA in the Paperjam
Publication

22.08.2022
Privacy and security concerns in the metaverse
Update

28.07.2022
VoetbalTV: Administrative fine permanently annulled without judgement on the 'pure commercial interest'
Publication

13.07.2022
Luxembourg first member state to launch a certification mechanism under the GDPR
Publication

28.06.2022
European Data Protection Board harmonises EU fining guidelines
Update

14.06.2022
New GDPR guidelines on fines on the way
Update

07.06.2022
Data protection impact assessments new EDPS recommendations
Update

03.06.2022
Heavy fines for Belgian airports for using thermal imaging cameras – what are the lessons for the other controllers?
Corporate news

28.01.2022
Our privacy experts Vincent Wellens and Yoann Le Bihan contribute to the IAPP’s Global Legislative Predictions 2022
Update

27.01.2022
Benelux Data Law: five things you need to know in 2023
Update

11.01.2022
Luxembourg IP & Technology Law: five things you need to know
Publication

15.12.2021
Data Protection notices after the Whatsapp case: what's the message?
Blog

10.12.2021
The record fine for the Dutch Tax Administration from a legal perspective
Update

25.11.2021
Prohibition of online advertising in a list of e-mails or messages: a misstep by the CJEU?
Update

26.10.2021
Why all companies should care about the UN's cybersecurity & software update regulations: Lessons for all sectors
Deal or Case news

16.09.2021
NautaDutilh assists SoftBank Vision Fund 2 with its Series C investment in Dutch scale-up SendCloud
Corporate news

02.07.2021
NautaDutilh's IP & Tech Law team recognised by Leaders League
Update

17.06.2021
Belgian DPA: fines prohibited in the absence of a prior order to comply?
Update

15.06.2021
The CNPD Publishes Several Decisions Following Investigations
Update

29.04.2021
Insufficient cybersecurity measures under GDPR: 100k EUR fine in Belgium & key fines elsewhere
Update

29.03.2021
Discrimination between and within a group of disabled employees
Corporate news

26.03.2021
NautaDutilh participates to Brexit and Covid legal update webinar
Update

03.02.2021
Posted workers in the international road transport sector
Update

02.02.2021
New CBA on mandatory or recommended teleworking in the context of Covid-19
Update

07.12.2020
Determination of the Reference Period for a Collective Redundancy
Update

02.12.2020
(Alleged) data protection infringement? Say bye-bye to your .be domain name
Update

18.11.2020
Personal data transfers to the UK: Last weeks to prepare for an increasing likely «no-deal» Brexit
Update

17.11.2020
New Belgian DPA decision: employee consent sometimes works
Update

12.11.2020
Finally some practical EDPB guidance on how to make international data transfers lawful
Update

22.10.2020
Data protection litigation: preparing to defend yourself – or attack
Update

07.10.2020
What to do with ex-employee mailboxes? Belgian DPA fines post-dismissal use of e-mails
Update

14.09.2020
New controller-processor guidelines: beware of impact on data processing agreements
Update

03.08.2020
New Belgian DPA decision: broader "controller" concept & extensive access rights?
Update

16.07.2020
Schrems II: What is (or should be) on your to-do list for international data transfers?
Update

14.07.2020
What does the new Google decision by the Belgian DPA mean for other organisations?
Corporate news

09.07.2020
Peter Craddock in Le Vif/L'Express on contact tracing
Update

23.06.2020
Surveys, transparency and DPIAs: tips from the Belgian DPA
Update

10.06.2020
Belgium: new data protection decisions on complaints by opponents – next, competitors?
Update

25.05.2020
Belgium: what has GDPR year 2 taught us, and what will come next?
Update

20.05.2020
Belgium: two new fines for tell-a-friend and health-related GDPR violations
Publication

19.05.2020
GDPR: some organisations may need a new DPO according to the Belgian Data Protection Authority
Update

07.05.2020
You may need a new DPO, according to the Belgian Data Protection Authority
Corporate news

04.05.2020
NautaDutilh Avocats Luxembourg hosts webinar "Manage a company remotely in compliance with Luxembourg law"
Update

16.04.2020
When the Belgian DPA comes knocking, who knows what it might find (or fine)
Update

09.04.2020
Freshly baked cookie guidance from Belgian Data Protection Authority
Update

27.03.2020
Ex-employers sharing dirt on an employee: no fine under data protection law if done orally?
Update

17.03.2020
COVID-19 & homeworking: how will we sign documents now?
Publication

17.03.2020
What legal framework for your APIs in the financial sector?
Update

05.03.2020
Your ID for a loyalty card: no data protection fine in the end?
Publication

17.02.2020
The Belgian data protection authority issues guidance on the processing of personal data for direct marketing purposes
Update

11.02.2020
Want to reach your customers or prospects? Important new direct marketing guidance in Belgium
Publication

23.01.2020
Cookies are to be consumed with moderation certainly in the Christmas period
Update

07.01.2020
Clarity on territoriality?

Related articles

Gender equality in the employment relationship: legal rules overview

Privacy & data in the Benelux: five things you need to know in 2024

NautaDutilh assists ENGIE and Electrabel in securing Belgium’s energy supply

New legal obligations require employers with 50 employees or more to appoint a person of trust

NautaDutilh assists Colruyt Group on its acquisition of 57 Match and Smatch stores

Third parties can intervene in BDPA proceedings and appeal its decisions

NautaDutilh assists founding shareholders of Route Mobile in selling majority stake to Proximus

Green light for EU-US Data Privacy Framework: a new era for transatlantic data flows

Anke Holtland appointed to counsel Public Law

New legislation for successive temporary employment contracts

Best practices for drafting and updating data protection notices

Dutch DPA letter to the government on PNR: enforcement threatens again with focus on proportionality

Data Protection in Belgium: the 2023 focus of the BDPA

The end-user and its avatar - data integrity risks and ethical challenges in the metaverse - Part one

NautaDutilh contributes to IAPP's Global Legislative Predictions 2023

New obligations for employers towards their employees in Belgium

Benelux Technology Law in 2023: five things you need to know

Summary of important recent developments in Belgian employment law

GDPR & AML: no longer public access to UBO data without legitimate interest

No longer public access to UBO data without legitimate interest

Incapacity for work: three new rules enter into force in Belgium

Vincent Wellens on FATCA in the Paperjam

Privacy and security concerns in the metaverse

VoetbalTV: Administrative fine permanently annulled without judgement on the 'pure commercial interest'

Luxembourg first member state to launch a certification mechanism under the GDPR

European Data Protection Board harmonises EU fining guidelines

New GDPR guidelines on fines on the way

Data protection impact assessments new EDPS recommendations

Heavy fines for Belgian airports for using thermal imaging cameras – what are the lessons for the other controllers?

Our privacy experts Vincent Wellens and Yoann Le Bihan contribute to the IAPP’s Global Legislative Predictions 2022

Benelux Data Law: five things you need to know in 2023

Luxembourg IP & Technology Law: five things you need to know

Data Protection notices after the Whatsapp case: what's the message?

The record fine for the Dutch Tax Administration from a legal perspective

Prohibition of online advertising in a list of e-mails or messages: a misstep by the CJEU?

Why all companies should care about the UN's cybersecurity & software update regulations: Lessons for all sectors

NautaDutilh assists SoftBank Vision Fund 2 with its Series C investment in Dutch scale-up SendCloud

NautaDutilh's IP & Tech Law team recognised by Leaders League

Belgian DPA: fines prohibited in the absence of a prior order to comply?

The CNPD Publishes Several Decisions Following Investigations

Insufficient cybersecurity measures under GDPR: 100k EUR fine in Belgium & key fines elsewhere

Discrimination between and within a group of disabled employees

NautaDutilh participates to Brexit and Covid legal update webinar

Posted workers in the international road transport sector

New CBA on mandatory or recommended teleworking in the context of Covid-19

Determination of the Reference Period for a Collective Redundancy

(Alleged) data protection infringement? Say bye-bye to your .be domain name

Personal data transfers to the UK: Last weeks to prepare for an increasing likely «no-deal» Brexit

New Belgian DPA decision: employee consent sometimes works

Finally some practical EDPB guidance on how to make international data transfers lawful

Data protection litigation: preparing to defend yourself – or attack

What to do with ex-employee mailboxes? Belgian DPA fines post-dismissal use of e-mails

New controller-processor guidelines: beware of impact on data processing agreements

New Belgian DPA decision: broader "controller" concept & extensive access rights?

Schrems II: What is (or should be) on your to-do list for international data transfers?

What does the new Google decision by the Belgian DPA mean for other organisations?

Peter Craddock in Le Vif/L'Express on contact tracing

Surveys, transparency and DPIAs: tips from the Belgian DPA

Belgium: new data protection decisions on complaints by opponents – next, competitors?

Belgium: what has GDPR year 2 taught us, and what will come next?

Belgium: two new fines for tell-a-friend and health-related GDPR violations

GDPR: some organisations may need a new DPO according to the Belgian Data Protection Authority

You may need a new DPO, according to the Belgian Data Protection Authority

NautaDutilh Avocats Luxembourg hosts webinar "Manage a company remotely in compliance with Luxembourg law"

When the Belgian DPA comes knocking, who knows what it might find (or fine)

Freshly baked cookie guidance from Belgian Data Protection Authority

Ex-employers sharing dirt on an employee: no fine under data protection law if done orally?

COVID-19 & homeworking: how will we sign documents now?

What legal framework for your APIs in the financial sector?

Your ID for a loyalty card: no data protection fine in the end?

The Belgian data protection authority issues guidance on the processing of personal data for direct marketing purposes

Want to reach your customers or prospects? Important new direct marketing guidance in Belgium

Cookies are to be consumed with moderation certainly in the Christmas period

Clarity on territoriality?

Cookie notification