The General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. The Belgian Privacycommission (CBPL) published a brochure in Dutch (download) and French (download) that aims to inform and assist SMEs in implementing this new legislation. The purpose of this brochure is to provide a brief overview of the main rights and obligations arising from the GDPR and relevant to SMEs. The examples cited and the explanations given to the GDPR are very useful to help to understand the GDPR, but have no legal precedent value.
The first chapter describes the basic concepts of the GDPR. The second chapter outlines the obligations that the GDPR entails. The third chapter contains the rights of the data subjects. The last chapter “What if it goes wrong?” explains what has to be done in case of a personal data breach and what the consequences will be if the GDPR is not respected.
However, it is not possible to produce one brochure that meets all the specific needs of each individual SME. Indeed, the impact of the AVG on the day-to-day functioning of an SME depends primarily on the processing activities of that SME and not on the SME statute as such. The diversity of processing activities carried out by SMEs is too broad to be captured in one single document.
Although a good starting point, this brochure alone is insufficient for SMEs to get really started with the GDPR. Do not hesitate to contact CRANIUM, based on years of experience in many assignments we can help you become complaint.