Whether you want to start a sole proprietorship or a company, Partena Professional helps you start your business 100% digitally with personal assistance by our experts.
Have you been appointed co-owner, active partner or self-employed helper and you want to register as a self-employed person?
want to know more about our services or want to chat with our experts? Visit one of our offices near you.
Increase your chances of success with our experts' help.
Our experts will give you the answers you seek.
Alter your business details via our one-stop shop for entrepreneurs.
Discover our practical tool for your social insurance dossier.
Want to know more about our services or want to chat with our experts? Visit one of our offices near you.
and reap the benefits of our social secretariat's support.
Take advantage of Partena Professional's expertise and knowledge
Discover the benefits we can give you as an accountant.
On 27 April 2016, Europe has issued the new GDPR Regulation (GDPR = General Data Protection Regulation). This Regulation is directly applicable in all Member States and companies from 25 May 2018. The new Privacy Regulation offers all individuals greater protection in the processing of personal data by companies, organisations, etc.
‘Personal Data’ is any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to the name, location details, physical physiology, economic, cultural or social identity etc. of that natural person.
On the basis of the Personal Data Protection Act of 8 December 1992 for the protection of privacy with respect to the processing of personal data, you presently already have to comply with obligations if you store or process personal data of your staff. The new GDPR Regulation has even extended and strengthened these obligations.
Moreover, the Privacy Commission is granted greater monitoring powers as to impose severe financial penalties in the event of non-compliance with these obligations.
Do you as an employer process the personal data of for example your staff members (evaluation and monitoring of your staff, electronic storage of applicants, camera surveillance in the workplace, track and trace in the cars of your staff members , etc.)? In that case, we recommend you take all the appropriate steps to comply with this European Regulation by 25 May 2018.
This is a brief overview of the main obligations you will have as an employer under the GDPR Regulation:
Extended information requirement
Information regarding the personal data retention period, the dissemination of the data outside the European Union, the complaints procedure, the worker’s right to consult, correct, delete, etc.
Strengthened consent of the worker
The consent must be free, specific, informed and unambiguous + entry legal basis
Keeping a register of processing operations
- For an employer employing at least 250 workers.
- Also for an employer with less than 250 workers, if the employer processes "sensitive data" or if he uses these personal data on a "non-limited basis".
- However, the Privacy Commission recommends that all employers who process personal information should keep such a register.
- Content: the register provides information about who and what data is processed, to whom this data is distributed, the purposes for which the data is processed, etc. . . .
Data Protection Officer
Certain employers should designate a Data Protection Officer. He is the dedicated contact within your company for all matters relating to the application of the GDPR regulation, collaborates with the Privacy Commission, etc.
The Belgian legislator has the ability to further refine and strengthen these measures.
The Privacy Commission will check whether the employer complies with the GDPR regulation. It can request all the information needed to use its investigative powers. It can give warnings, make rectification requests to be carried out within a certain period of time, etc. . . .
The Privacy Commission can also sanction by imposing administrative fines. In the event of non-compliance with your obligations as a controller, the administrative fine can mount up to as much as 20,000.000 EUR or, for the company, up to 4 % of the total worldwide annual turnover in the preceding financial year if this figure is higher. The specific situation and any extenuating circumstances will however be taken into consideration.
How the Privacy Commission will apply these new powers, remains unclear at this stage.
It is important that you take action now. This may include:
The Privacy Commission has provided a roadmap containing 13 steps helping you to be well prepared. This can be found on the website: www.privacycommission.be in the thematic file GDPR.
We are elaborating a simple and easy-to-use package tailored to SMEs to help you as an employer to comply with your obligations under the GDPR Regulation in a convenient and easy way. We will keep you posted.
Author: Katia De Wilde
06/07/2017
The Partena Professional website is a channel for making information available in an understandable form to affiliated members and non-members. Partena Professional strives to provide up-to-date information and this information is compiled with the greatest care (including in the form of Infoflashes). However, as social and fiscal legislation is constantly changing, Partena Professional cannot accept any liability for the correctness, the up-to-date or the completeness of the information consulted or exchanged via this website. Further provisions can be read in our general disclaimer that applies to every consultation of this website. By consulting this website, you expressly accept the provisions of this disclaimer. Partena Professional can unilaterally change the content of this disclaimer.