- Jan Dhont
- Partner, Lorenz Brussels
- j.dhont@lorenz-law.com
- Add contact details to your address book
- Steven De Schrijver
- Partner, Lorenz Brussels
- s.deschrijver@lorenz-law.com
- Add contact details to your address book
- Jan Dhont and Steven De Schrijver on Data Protection Compliance and Belgian Privacy Law
- Click here
Data Protection Compliance
Our data protection compliance services rest on three pillars: (i) counselling; (ii) auditing; and (iii) the development of data protection tools:
Advice on Particular Data Protection Matters
- Advising on applicable data protection laws in a given jurisdiction, including the penalties for a failure to comply;
- Advising on the approach of national data protection authorities to, for instance, international transfers of personal data;
- Answering specific questions related to data protection law issues, such as the relevant standards for sensitive personal data; issues arising from the use of cookies, web crawlers, spamming and location-based services; the outsourcing and off-shoring of data processing operations; and
- Monitoring Developments in privacy and data protection legislation.
Data Protection Audits
- Conducting single and/or multi–jurisdictional audits in order to analyse how personal data are collected, used, disclosed and transferred not only in the framework of compliance programmes but also in the framework of due diligence investigations in view of the sale and purchase of businesses and negotiating the representations and warranties on data protection compliance;
- Drafting audit questionnaires and guidelines;
- Pre-audit training of clients’ employees and/or data protection officers involved in the audit process;
- Performing the audit, or assisting clients in performing the audit; and
- Assessing existing practices and safeguards, such as contractual clauses, policies, notices, etc., under the applicable data protection laws.
Data Protection Compliance Tools
- Analysis of audit results to create tailor-made solutions to suit individual clients’ requirements. This can include, for example:
- Drafting online, off-line and universal consumer data collection privacy policies;
- Drafting fair processing notices in order to comply with the information obligations;
- Drafting data transfer agreements and binding corporate rules for international data transfers and advising on the necessary steps to be taken in connection with the adoption, implementation or approval of those tools across jurisdictions;
- Drafting clauses and/or contracts with processors, employees, suppliers and customers; and
- Preparing required notification and/or authorisation requests and dealing with the relevant the national data protection authorities across multiple jurisdictions.
- Checking existing security measures; and
- Developing compliance systems to enable clients to manage and maintain data protection compliance and assisting in the subsequent implementation.