Menu

Filter by
content
PONT Data&Privacy
  • PONT home
    • mill

    0

    Artificial Intelligence (AI)
    In onze huidige informatiemaatschappij speelt kunstmatige intelligentie (AI) een steeds belangrijkere rol. AI is een verzamelnaam voor machines, software en apparaten die zelfstandig complexe taken kunnen uitvoeren, zonder direct menselijk denkvermogen. Deze zelflerende systemen worden in tal van sectoren gebruikt, van het bedrijfsleven en overheden tot gezondheidszorg en de rechterlijke macht.

    What do you need to comply with when using an algorithm to process personal data?

    Autoriteit Persoonsgegevens September 25, 2025

    Question & Answer

    ANSWER

    Processing personal data using an algorithm is no different from "ordinary" processing. You must therefore comply with the general principles for processing personal data. Those principles are found in Article 5 of the General Data Protection Regulation (AVG). Important principles include:

    Legality
    You must have a basis for processing personal data (Art. 6 AVG).

    Transparency

    • When processing personal data, you must be transparent towards the data subject (Art. 12, 13 and 14 AVG). The data subject is the person whose data you are processing.

    • You also need a register of processing activities (Art. 30).

    • And do you use an algorithmic system for your decision-making, for example? Then you should provide useful information about the underlying logic and the expected impact of that processing on the data subject.

    Purpose limitation
    You may only process personal data for a predetermined purpose. You are bound by this purpose. This means that you may not simply process personal data for another purpose.

    Data minimization
    If you process personal data for a particular purpose, you must do so with as little personal data as possible. Any data that is not demonstrably needed, you are processing unlawfully. You may also store the data only to a limited extent. To this end, you must establish retention periods in advance.

    Correctness
    The personal data you process must be accurate (correct). This prevents unforeseeable outcomes and unwanted effects for the data subject.

    Security
    All personal data you process must be properly secured. You must take technical and organizational measures to do so (Art. 32 AVG). In doing so, you must take into account:

    • the state of the art;

    • The nature, scope, context and purposes of processing;

    • the varying risks to the rights and freedoms of data subjects.

    Privacy by design & default
    When developing (algorithmic) systems, you must consider the principles of privacy by design and privacy by default.

    This means that you need to develop, set up and deploy systems that are privacy-friendly. User settings should be privacy-protective by default.

    KENNISPARTNER

    Martin Hemmer

    Contact

    Data Processing and Privacy at Municipalities

    Learn more

    Expert membership

    Expert membership

    Benefit now

    Join PONT | Data & Privacy

  • Access to Knowledge Base
  • Read e-books
  • Contact with peers
  • Own news overview
    • BECOME A MEMBER

    General

    Service

    Navigate

    Berghauser Pont Media Group

    CONTACT

    𝕏

    Copyright 2025 Berghauser Pont | Website created by Buro Zero