Last 27th February, the Official Spanish Chamber of Commerce in Belgium and Luxembourg organized a conference, in collaboration with DBB Defenso about data protection as a new challenge for companies.
The next 25th May, the new regulation about data protection in the EU, also known as GDPR will come into effect. From that day on, all the organizations, companies, NGO’s or public companies will have to comply with this new regulation about data protection for EU citizens and residents.
This law is quite complex and introduces numerous changes that the companies must start to understand and implement. This is why Claude Englebert and Joris Roesems, respectively associate and partner at DBB Defenso, have explained, each, the latest developments that this law entails for companies and how to implement it correctly.
First, Nathalie Charpentier, partner at DBB Defenso and member of the Board of Directors at the Chamber, said a welcome word, introduced briefly the firm and thanked the attendees for their participation in the conference.
Afterwards, Claude Englebert presented the new regulation that will be put into effect on the 25th May. This law will affect all the companies that are established in the EU and those which work with data from the EU citizens. In order to explain this regulation, he highlighted the main principles of personal data processing: transparency, a specified, explicit and legitimate purpose, data minimization, storage limitation, integrity and confidentiality and accountability.
Then, Englebert mentioned that, in order to comply with all the data when processing, companies have to meet at least one of the following requirements: consent of the personal data subject; the existence of a contract among both parts and a legal obligation; the protection of vital interests; the task must be one of a public authority or the existence of legitimate interests.
The speaker also mentioned the rights of the data subject, as well as the new obligations for undertaking companies, organizations and public bodies. He also detailed the consequences in case a company doesn’t comply with the law.
On the other hand, Joris Roesems, explained the Data Protection Officer’s role: its conception inside the companies, its position and the different tasks associated to the role. These points are explained in detail in the articles 37-39 of this new law.
Lastly, Englebert explained the methodology to follow for the practical implementation of this new regulation, including the auditing, implementation and maintenance. (You can check the full presentation here).
Finally, during the question time the attendees representing numerous European companies were very active and participative, and expressed their doubts and questions in order to be able to implement correctly this new regulation about data protection in their enterprises.
In collaboration with: