The Organisation (defendant) designated their Head of Compliance, Risk and Audit as their Data Protection Officer (DPO). The DPA ruled that in doing so, the Organisation violated art. 38(6) GDPR which requires that any tasks of the data protection officer do not result in a conflict of interest. According to the defendant, no conflict of […]
Belgian DPA

Belgian DPA requires small companies using CCTV to maintain a record of processing activity
The APD/GBA (Belgian DPA) in April 2020 decided upon a complaint made in September 2018 with the authority.[1] The affected person claimed that he was filmed by CCTV of a store while walking outside on the sidewalk. The DPA investigated the complaint and requested from the store owner what can be expected: Storage period of […]