Menu

Filter by
content
PONT Data&Privacy
  • PONT home
    • mill

    0

    AVG| Accountability
    De verantwoordingsplicht in de Algemene Verordening Gegevensbescherming is een belangrijk onderdeel dat in de bedrijfsvoering van organisaties moet worden geborgd.

    AP checks for processor agreements at 30 organizations

    The Personal Data Authority (AP) has asked thirty private organizations what agreements they have with other parties when they process personal data for them. According to European privacy rules, these agreements must be laid down in a so-called processor agreement. The AP requested information from companies in the energy, media and trade sectors, among others.

    AP January 16, 2019

    News

    Processor Agreement
    The European privacy rules state that organizations that process personal data must enter into a processor agreement if they cooperate with other parties in processing that personal data. This is necessary, for example, when they outsource IT facilities. Organizations themselves remain responsible for ensuring that personal data is properly protected. Therefore, an organization may only engage processors who provide sufficient guarantees that they also meet the legal requirements.

    The processor agreement should state how the protection and processing of personal data is regulated. The processor agreement should include at least:

    • What data will be processed and for how long,

    • What is the nature and purpose of the processing,

    • In what way data security is ensured.


    Series of exploratory investigations
    Since the introduction of the General Data Protection Regulation (AVG) on May 25, 2018, the AP regularly checks organizations' compliance with requirements under privacy laws. For example, the AP previously looked at whether government organizations, hospitals, (health) insurers and banks have a data protection officer. The AP also conducted an exploratory survey of large private organizations to investigate whether they keep a register of processing activities.

    This article can also be found in the AVG file

    Share article

    Comments

    MORE REACTIONS

    Leave a comment

    You must be logged in to post a comment.

    NEWS

    Bits of Freedom lawsuit against Meta: the legal underpinnings

    News press release

    Personal data or anonymous data?

    Blog

    Data Privacy Framework remains standing (for now)

    Articles

    Does pseudonymizing data exempt my company from its obligations under the AVG?

    Blog

    It remains a challenge: what data qualifies as personal data under the General Data Protection Regulation (AVG)? Recently, the Central Netherlands District Court examined...

    AP: aid organizations trapped by Israeli duty to provide personal data

    News press release
    Personal Data Authority

    More room for small and medium businesses in the AVG, but without undermining fundamental privacy protections

    News press release

    AP supports European push to reduce regulatory burden, but not at the expense of citizens

    News press release

    EU threatens to undermine digital civil rights with simplification of AVG

    News

    Are you allowed to keep a VOG? This is what the AVG says about processing Statements of Good Conduct

    Blog
    Mike Tiernagan

    Privacy laws in detection

    You will be informed about legislation that applies to data processing by BOAs. You will learn when your BOAs must comply with the Wpg, when with the AVG and what the main differences are. You will also learn what steps need to be taken to comply with the Wpg.

    Learn more

    Undermining and Processing of Personal Data.

    This course discusses the legal framework for data processing when dealing with undermining. It discusses how to determine which processing of personal data is and is not permitted and why. In particular, the sharing of personal data within and outside one's own organization will be discussed, as well as the requirements for processing personal data. After this course you will be fully aware of the main issues, recent experience and case law and you will be able to identify problems in this area in practice.

    Learn more

    Data Processing and Privacy at Municipalities

    Learn more

    Privacy in the workplace

    View book

    AI in IT contracts: legally watertight and flexible

    The AI Act is an important European law that will impose requirements on AI, including with respect to test data, transparency and the control of outcomes by natural persons. It is essential to take this legislation into account in contracts to avoid potential legal problems. How do you address this?

    Learn more

    Join PONT | Data & Privacy

  • Access to Knowledge Base
  • Read e-books
  • Contact with peers
  • Own news overview
    • BECOME A MEMBER

    General

    Service

    Navigate

    Berghauser Pont Media Group

    CONTACT

    𝕏

    Copyright 2025 Berghauser Pont | Website created by Buro Zero