Home

privacyrecht

Privacyrecht, or privacy law, is the branch of law that governs the protection of personal data and the right to privacy in both public and private sectors. In the European Union and the Netherlands it is primarily shaped by the General Data Protection Regulation (GDPR), implemented locally as the Algemene verordening gegevensbescherming (AVG).

The discipline is built on core principles: lawfulness, fairness and transparency; purpose limitation; data minimization; accuracy;

Individuals have rights under privacyrecht, including access to their data, rectification, erasure, restriction of processing, data

Organizations must ensure lawful processing, assess risks, and implement appropriate technical and organizational measures. Processing of

Enforcement is carried out by supervisory authorities, notably the Dutch Autoriteit Persoonsgegevens (AP). Violations can lead

Transfers to non‑EU countries rely on adequacy decisions or safeguards such as standard contractual clauses, with

Ongoing issues include cookies and online tracking, surveillance practices by public authorities, profiling and AI, and

storage
limitation;
integrity
and
confidentiality;
and
accountability
of
controllers
and
processors.
portability,
and
the
right
to
object
to
certain
processing
activities.
There
are
safeguards
for
automated
decision‑making
and
conditions
for
consent,
especially
for
sensitive
data
or
minors.
special
categories
of
data
requires
additional
safeguards.
Data
protection
impact
assessments
(DPIAs)
may
be
required,
and
data
breaches
must
be
reported
to
authorities
and
affected
individuals
where
necessary.
A
data
protection
officer
is
required
in
some
contexts.
to
administrative
fines,
orders,
or
corrective
measures.
The
regime
supports
cross‑border
cooperation
within
the
EU
and
relies
on
international
data
transfer
mechanisms
when
data
leaves
the
EU.
recent
guidance
addressing
enforcement
under
Schrems
II.
the
promotion
of
privacy
by
design
and
by
default
in
information
systems.