Here you can find blogposts about various privacy-related topics. Enjoy!


In close partnership with the world's largest association of privacy experts, the International Association of Privacy Professionals (IAPP), Privacy Company will offer data protection training and certifications in German and…

According to the Dutch Data Protection Authority (DPA), the tracking of people in (semi) public areas via their mobile device - or wifi tracking - is in very few cases…

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) published its first newsletter for Data Protection Officers (DPOs) on the 31st of January. The newsletter briefly discusses a misunderstanding regarding the Data…

On the 23rd of January, the European Committee determined the adequacy decision with Japan. This means that Japan has an equivalent level of personal data protection as under the General…

Many of you might still remember the days where the only way of accessing the data of your organisation was through devices supplied by the organisation itself or through fixed…

As the volume and complexity of data processings is becoming ever more challenging in today’s data-driven world, privacy management software offers the ideal solution. Because by automating privacy management…

In December 2018, the Dutch Data Protection Authority clarified that counting the number of visitors in (semi) public areas using tracking technologies is only permitted under very strict conditions (in…

While the general impression among organisations is that the GDPR has had a slow start since it coming into effect on May 25, 2018, it seems like several European Data…

What is the greatest risk of privacy incidents in the workplace? The human! Lost USB sticks, unauthorized viewing of files, or sending an e-mail incorrectly are part of the daily…

Privacy Company recently celebrated its fourth anniversary. From a rough idea to a company with international presence and more than forty fantastic people. In this blog I will share four…

Many Dutch websites have not set up Google Analytics in a privacy-friendly way and therefore violate the law by tracking users without consent. This is evident from a quick inspection…

As part of our Ticketstrip consulting package, we support you quickly, flexibly and practically in making your organisation GDPR-compliant. You will have a privacy expert who is always there for…

On behalf of the Dutch Ministry of Security and Justice, Privacy Company carried out a (DPIA) on Microsoft Office ProPlus (Office 2016 MSI and Office 365 CTR). With the permission…

Every German organisation offering its services online must display an imprint on their website. This applies if the website pursues a commercial interest, e.g. operates an online shop, but…

The GDPR is at the heart of our team's work. This means that we work with it on a daily basis, analyse the texts, understand the obligations and, in particular,…

The GDPR is at the heart of our team's work. This means that we work with it on a daily basis, analyse the texts, understand the obligations and, in particular,…

Organisations store practically all their data digitally. The question is no longer whether there will be a data breach, but when. You have a data breach when your files are…

The GDPR is at the heart of our team's work. This means that we work with it on a daily basis, analyse the texts, understand the obligations and, in particular,…

The GDPR is at the heart of our team's work. This means that we work with it on a daily basis, analyse the texts, understand the obligations and, in particular,…

Privacy Company is already serving customers in the EU from its offices in The Hague and Berlin. We are proud to announce that Zagreb, Croatia will be added to the…

The GDPR is at the heart of our team's work. This means that we work with it on a daily basis, analyse the texts, understand the obligations and, in particular,…

On the 18th of June, Transvision B.V. in Capelle aan den IJssel, Netherlands, received the first Privacy Maturity Certificate by Privacy Company. Independent testing by auditors of Accoris Audit…

The General Data Protection Regulation (GDPR) contains a number of new obligations compared to the previous legislation. Since May 25, 2018, organizations have to ensure they comply with these requirements.…

The General Data Protection Regulation describes a number of roles in the data processing process, including the role of Data Protection Officer. The Data Protection Officer is also referred to…

Good news! Since the end of May, Facebook offers a data processing agreement for its advertising service Custom Audiences! But is the use of this service now privacy proof, and…

Yes, I do. Anyone who wants to have sex with someone in Sweden needs explicit permission since July 2017. Proceeding without an explicit "yes, I do" can quickly…

In the blog series The 7 biggest misunderstandings about the GDPR, we settle the 7 most common misunderstandings. This week we are dealing with covenants. A covenant is a document…

When it comes to making sure your company is privacy compliant and ready for the GDPR, most organisations can use all the help they can get, which is not surprising…

With the General Data Protection Regulation coming up, the new compliance landscape is taking shape. From the 25th of May onwards, organisations are required to keep a complete list of…

For the privacy vocabulary, the term PIA seems to have become indispensable. It is a new term introduced by the GDPR. PIA stands for privacy impact assessment. Officially, the GDPR…

The Data Protection Officer (DPO) is often mentioned in the same breath when talking about the General Data Protection Regulation (GDPR). The GDPR stipulates that the appointment of a DPO…

In the blog series The 7 biggest misunderstandings about the GDPR, we settle the 7 most common misunderstandings. This week we are dealing with the register of processing operations. An…

In the blog series "The 7 biggest misunderstandings about the GDPR" we settle the 7 most frequently heard misunderstandings. The last blog post explained that the General Data…

In the blog series "The 7 biggest misunderstandings about the GDPR" we settle the 7 most frequently heard misunderstandings. One of the key concepts in the General Data…

The General Data Protection Regulation (GDPR) is into effect from May 25th, 2018 onwards. This EU regulation supersedes the Data Protection Directive (Directive 95/46/EC); further harmonising the EU…

Carolin wrote a guest article on the EU Money Laundering Directive for the German publication Netzpolitik.org. Click here to get to the article. The article discusses a number of…

If you process personal data as an organisation, it is often mandatory under the General Data Protection Regulation (GDPR) to keep a record of processing activities. A misunderstanding that exists…