Data Protection in Belgium: Difference between revisions

From GDPRhub
 
(4 intermediate revisions by 2 users not shown)
Line 23: Line 23:
==Legislation==
==Legislation==
===History===
===History===
The Data Protection Authority (GBA) is the successor of the Commission for the protection of privacy with effect from 25/05/2018 and was established by the Belgian Federal Chamber of Representatives by the Law of 3rd of December 2017 establishing the Data Protection Authority.
The Belgian Data Protection Authority (APD/GBA - typically BDPA in English) is the successor of the Commission for the protection of privacy with effect from 25/05/2018 and was established by the Belgian Federal Chamber of Representatives by the Law of 3rd of December 2017 establishing the Data Protection Authority (BDPA Act).


===National constitutional protections===
===National constitutional protections===
Line 42: Line 42:


====Employment context====
====Employment context====
''You can help us fill this section!''
Belgian law does not provide for specific rules with respect to the processing of employee data. Nevertheless, certain specific privacy issues regulated in collective agreements negotiated between employees and employers’ associations remain applicable. Those issues are:
 
*the processing of personal data pursuant to the collective agreement N°38 on the recruitment and selection of workers;
*the processing of personal data pursuant to the collective agreement N°68 on the protection of workers’ privacy with regard to CCTV in the workplace;
*the processing of personal data pursuant to the collective agreement N°81 on the protection of workers’ privacy with regard to the control of networked electronic communication data; and
*the processing of personal data pursuant to the collective agreement N°100 on the implementation of a preventive policy regarding alcohol and drugs inside the company.
 
Ref.: https://www.whitecase.com/publications/article/gdpr-guide-national-implementation-belgium#q20


====Research====
====Research====
Line 48: Line 55:


====Other relevant national provisions and laws====
====Other relevant national provisions and laws====
''You can help us fill this section!''
Statute of limitations: Art. 105 of the BDPA Act states that facts (= alleged infringements) are time-barred after 5 years.
 
Post-GDPR guidance:
 
*'''Direct marketing:''' the BDPA published guidance on direct marketing on 10 February 2020. This extensive guidance is nearly 80 pages long (available in [https://www.e-nautadutilh.com/email_handler.aspx?sid=66d91b41-84ca-464f-a0e3-05698ebda3c3&redirect=https%3a%2f%2fwww.autoriteprotectiondonnees.be%2fsites%2fprivacycommission%2ffiles%2fdocuments%2fRecommandation_01-2020_marketing_direct.pdf French] and [https://www.e-nautadutilh.com/email_handler.aspx?sid=66d91b41-84ca-464f-a0e3-05698ebda3c3&redirect=https%3a%2f%2fwww.gegevensbeschermingsautoriteit.be%2fsites%2fprivacycommission%2ffiles%2fdocuments%2fAanbeveling_01_2020_direct_marketing.pdf Dutch]) and covers various topics, including cookies, controller vs processor and more. Certain summaries have been published in English:
**[https://www.e-nautadutilh.com/56/3954/landing-pages/news-item.asp?sid=66d91b41-84ca-464f-a0e3-05698ebda3c3 Want to reach your customers or prospects? Important new direct marketing guidance in Belgium] (11 February 2020)
**[https://www.cms-lawnow.com/ealerts/2020/02/belgian-dpa-publishes-new-detailed-guidelines-on-direct-marketing?_ga=2.210031383.367673928.1582125966-1446537407.1579603777 Belgian DPA publishes new detailed guidelines on direct marketing] (14 February 2020)


===National ePrivacy Law===
===National ePrivacy Law===
Line 66: Line 79:


===Constitutional Court===
===Constitutional Court===
''You can help us fill this section!''
Belgium has a Constitutional Court ([https://www.const-court.be/fr/common/home.html website in French]) ([https://www.const-court.be/nl/common/home.html website in Dutch]).
<references />
<references />

Latest revision as of 10:13, 18 October 2020

Data Protection in Belgium
Be.png
Data Protection Authority: APD/GBA (Belgium)
National Implementation Law (Original): Data Protection Act (2019)
English Translation of National Implementation Law: English Translation
Official Language(s): French, Dutch and German
National Legislation Database(s): Link
English Legislation Database(s): n/a
National Decision Database(s): Link


Legislation

History

The Belgian Data Protection Authority (APD/GBA - typically BDPA in English) is the successor of the Commission for the protection of privacy with effect from 25/05/2018 and was established by the Belgian Federal Chamber of Representatives by the Law of 3rd of December 2017 establishing the Data Protection Authority (BDPA Act).

National constitutional protections

You can help us fill this section!

National GDPR implementation law

In Belgium the GDPR is implemented by the Data Protection Act (2019).

You can help us fill this section!

Age of consent

The age of consent in Belgium is 13 years old.

The APD/GBA justified its decision to lower the age of consent indicating that this represent the average age children browser the Internet. The APD/GBA considers that selecting a higher age of consent could have limited the opportunities for children to grow digitally; however, it notes that this choice must be accompanied with additional efforts from the APD/GBA and other institution to teach children, as early as possible, to adopt a thoughtful attitude towards this media[1].

Freedom of Speech

You can help us fill this section!

Employment context

Belgian law does not provide for specific rules with respect to the processing of employee data. Nevertheless, certain specific privacy issues regulated in collective agreements negotiated between employees and employers’ associations remain applicable. Those issues are:

  • the processing of personal data pursuant to the collective agreement N°38 on the recruitment and selection of workers;
  • the processing of personal data pursuant to the collective agreement N°68 on the protection of workers’ privacy with regard to CCTV in the workplace;
  • the processing of personal data pursuant to the collective agreement N°81 on the protection of workers’ privacy with regard to the control of networked electronic communication data; and
  • the processing of personal data pursuant to the collective agreement N°100 on the implementation of a preventive policy regarding alcohol and drugs inside the company.

Ref.: https://www.whitecase.com/publications/article/gdpr-guide-national-implementation-belgium#q20

Research

You can help us fill this section!

Other relevant national provisions and laws

Statute of limitations: Art. 105 of the BDPA Act states that facts (= alleged infringements) are time-barred after 5 years.

Post-GDPR guidance:

National ePrivacy Law

You can help us fill this section!

Data Protection Authority

The Belgian Data Protection Authority (Autorité de protection des données in French or Gegevensbeschermingsautoriteit in Dutch) is the national data protection authority for Belgium.

→ Details see APD/GBA (Belgium)

Judicial protection

Civil Courts

You can help us fill this section!

Administrative Courts

You can help us fill this section!

Constitutional Court

Belgium has a Constitutional Court (website in French) (website in Dutch).