APD/GBA (Belgium)
Autorité de protection des données
Gegevensbeschermingsautoriteit | |
---|---|
Name: | Autorité de protection des données
Gegevensbeschermingsautoriteit |
Abbreviation : | APD/GBA |
Jurisdiction: | Belgium |
Head: | Cédrine Morlière |
Deputy: | / |
Adress: | Rue de la Presse 35 / Drukpersstraat 35
1000 Bruxelles / Brussel BELGIUM |
Webpage: | dataprotectionauthority.be |
Email: | contact@apd-gba.be |
Phone: | [2 274 48 00|+32 2 274 48 00] |
Twitter: | n/a |
Procedural Law: | n/a |
Decision Database: | n/a |
Translated Decisions: | Category:APD/GBA (Belgium) |
Head Count: | n/a |
Budget: | n/a |
The Belgian Data Protection Authority (APD, Autorité de protection des données in French or GBA, Gegevensbeschermingsautoriteit in Dutch) is the national Data Protection Authority for Belgium. It resides in Brussels and is in charge of enforcing GDPR in Belgium.
Structure
The DPA consists of five bodies and an Executive Committee.
The Executive Committee is composed of Director of the General Secretariat, the Director of the Knowledge Center, the Director of the Front Line Service, the Inspector General and the President of the Litigation Chamber.
The five bodies of the DPA are the General Affairs Secretariat, the Front Office, the Knowledge Centre, the Inspection Service and the Litigation Chamber.
The Executive Committee
Headed by Cédrine Morlière, its responsibilities are:
- To approve the annual accounts and decide on the annual budget, the annual report, the strategic plan and the management plan, including the annual priorities of the Data Protection Authority;
- To determine the evaluation indicators concerning the implementation of the annual report, the strategic plan and the management plan;
- To decide on the organisation and composition of the Data Protection Authority, including the internal mobility of the staff between the bodies;
- To decide on the identity document model (inspections)
The General Affairs Secretariat
Headed by David Stevens, its responsibilities are:
- To manage questions relating to human resources, the budget and the IT of the DPA;
- To manage any legal matter relating to the management and operation of the DPA;
- To manage internal and external communication.
- To monitor the social, economic and technological developments that have an impact on the protection of personal data;
- To give advice as part of the consultation by the controller responsible for the processing conducted by the DPA;
- To approve codes of conduct;
- To promote the introduction of certification mechanisms and approve certification criteria;
- To draw up and publish the criteria for the accreditation of a body for the supervision of codes of conduct on the basis of Article 41 of Regulation 2016/679 and of a certification body on the basis of Article 43 of Regulation 2016/679;
- To ensure the accreditation of a body for the supervision of codes of conduct on the basis of Article 41 of Regulation 2016/679;
- To approve the standard contractual clauses and the binding corporate rules.
The Front Office
Headed by Charlotte Dereppe, its responsibilities are:
- To receive the complaints and submissions sent to the DPA;
- To initiate mediation procedures;
- To promote data protection among the public, with a specific focus on minors;
- To promote awareness among controllers and processors with regard to their obligations;
- To provide the data subject with information regarding the exercising of their rights.
The Knowledge Centre
Headed by Cédrine Morlière, the Knowledge Centre shall issue, either on its own initiative or upon request:
- Opinions concerning any matter relating to the processing of personal data;
- Recommendations relating to social, economical and technological developments that can impact on the processing of personal data.
The Inspection Service
Headed by Peter Van den Eynde, the Inspection Service is the investigating body of the Data Protection Authority.
The inspection service is assisted by a secretariat in the performance of its duties.
The Litigation Chamber
Headed by Hielke Hijmans, the Litigation Chamber is the administrative disputes body of the Data Protection Authority.
In performing its duties, the Dispute Chamber is assisted by a secretariat, which will also ensure the Registry’s duties.
Procedural Information
Applicable Procedural Law
Law of 3 December 2017 creating the Data Protection Authority (published in the Belgian Official Gazette of 10 January 2018) (Version in French) (Version in Dutch)
The internal regulations as approved by the Belgian Chamber of Representatives on 20 December 2018 and published in the Belgian Official Gazette on 15 January 2019 (Version in French) (Version in Dutch)
Complaints Procedure under Art 77 GDPR
You can help us filling this section!
Ex Officio Procedures under Art 57 GDPR
You can help us filling this section!
Appeals
You can help us filling this section!
Practical Information
The Belgian Authority sometimes publishes reports or documentation that can be useful for the companies in their compliance work.
On 1 October 2020, it publishes a small report helping the SME's to implement correctly GDPR: Report in French and Report in Dutch.
On 17 January 2020, the Belgian Authority publishes a Report regarding the personal data processing activities in the context of the direct marketing: Report in French and Report in Dutch.
Filing with the DPA
The DPA provides an online form to submit a complaint:
- In French: https://www.autoriteprotectiondonnees.be/introduire-une-requete-une-plainte
- In Dutch: https://www.gegevensbeschermingsautoriteit.be/verzoek-klacht-indienen
The complaint can be sent by email to contact@apd-gba.be
Known Problems
You can help us filling this section!
Filing an Appeal
The Court of Appeal of Brussels is competent for the appeals against the decision of the litigation chamber.
All other decisions can be appealed before the Council of State.
Decision Database
If you want to have a complete overview of the decisions given by the Belgian Data Protection Authority, you will have to do a research for/under the decisions given in French and also a research for/under the decisions given in Dutch. Indeed, unfortunately, the search tool of the Belgian Authority doesn't give full and complete results if you do your research only in one language. File:20200910-Axel Beelen-Overview of the decisions given by the BDPA.pdf Please find an overview of all the decisions given by the Belgian Data Protection Authority as to September 2020.
Statistics
Funding
You can help us filling this section!
Personal
You can help us filling this section!
Caseload
You can help us filling this section!
Fines
No power to impose fines on the public sector
Annual Reports
The annual report of the DPA for 2019 can be consulted at: https://www.autoriteprotectiondonnees.be/publications/rapport-annuel-2019.pdf (FR) and at https://www.gegevensbeschermingsautoriteit.be/publications/jaarverslag-2019.pdf (NL).
The annual report of the DPA for 2018 can be consulted at: https://www.autoriteprotectiondonnees.be/jaarverslag-rapport-annuel/fr/index.html
These reports include an overview of the activities of the DPA and statistics relating to opinions and recommendation published, to reported personal data breaches, to DPO registration and complaints handled.
EU/EEA/UK Data Protection Authorities | |
---|---|
Austria · Belgium · Bulgaria · Croatia · Cyprus · Czech Republic · Denmark · Estonia · Finland (Åland) · France · Germany (Baden-Württemberg · Bavaria, private sector · Bavaria, public sector · Berlin · Brandenburg · Bremen · Hamburg · Hesse · Lower Saxony · Mecklenburg-Vorpommern · North Rhine-Westphalia · Rhineland-Palatinate · Saarland · Saxony · Saxony-Anhalt · Schleswig-Holstein · Thuringia ) · Greece · Hungary · Ireland · Italy · Latvia · Lithuania · Luxembourg · Malta · Netherlands · Poland · Portugal · Romania · Slovakia · Slovenia · Spain (Basque Country · Catalonia · Andalusia)· Sweden | |
Iceland · Liechtenstein · Norway · United Kingdom | EDPS · EDPB |