New privacy law

We have seen all the messages, emails, text messages, WhatsApp messages, calls and carrier pigeons from every company lately. Yes, we are talking about the new privacy law that came into effect in 2018. But like many others, we are also guilty of not reading every email from every company about this in detail. That is why we have listed for you why this law came into effect and what it actually entails. 

The new privacy law aims to harmonize data privacy laws across Europe. So to protect all EU citizens, strengthen data privacy and reshape the way organizations in the region approach data. This law came into effect in May 2018 and gives citizens more control over their data. But companies also benefit from equal opportunities. 

What does this mean for companies?

First, let's start with which companies this new law applies to. A company or entity that processes personal data. This makes this part of the activities of one of its branches located in the EU. Regardless of where the data is processed. Or a company based outside the EU that offers goods/services or monitors the behavior of individuals in the EU. If your company falls under one of these two, you can process personal data. But there are also different rules attached to this. 

Legality, Justice and Transparency

Personal data must be processed in a lawful and transparent manner. And ensure fairness towards the persons whose personal data you process. 

Purpose limitation

In addition you must have specific purposes for processing the data. You must also disclose these purposes to individuals when collecting their personal information. Data minimization: You should only collect and process the personal data necessary to achieve that purpose.


You must also ensure that the personal data is correct and up to date. Taking into account the purposes for which they are processed. 

Storage limitation

Also you must ensure that personal data is not kept for longer than is necessary for the purposes for which it was collected.

Integrity and confidentiality

In addition, you must take appropriate technical and organizational security measures. These must ensure the security of personal data. Including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technology.
That's a lot of rules that you have to comply with when just processing data. If you would like to know more about this new law and what it means for companies, you can read that here. 

What rights do you have?

And now what everyone has been waiting for. What does it mean for ordinary citizens and what are you entitled to?


  • Information about the processing of your personal data.
  • You must also be given access to the personal data held about you.
  • In addition, you can request incorrect, incorrect or incomplete personal data that needs to be corrected.
  • Request the deletion of personal data when it is no longer necessary or when its processing is unlawful.
  • You may also object to the processing of your personal data for marketing purposes or for reasons related to your specific situation.
  • You can also request the restriction of the processing of your personal data in specific cases.
  • In addition, you can receive personal data in a machine-readable format and transmit it to another controller.
Do you have more questions about what this means for you or do you have a specific question? Then here you will find everything you need to know about this new law and what it means for you!