Menu
Call us
+31 (0) 85 0711080
Mail us
info@dpoconsultancy.nl
MenuClose
Data Privacy Consultants

GDPR and Data Privacy Consultants

We make GDPR Compliance part of your company’s DNA

DPO Consultancy partners with AXECO Participaties

DPO Consultancy proudly announces its new partnership with AXECO Participaties. Together, we aim to accelerate DPO Consultancy’s growth ambitions in order to better support our clients with integrated data privacy solutions across Europe.

 

Would you like to know more about the partnership? Please read the following press release: DPO Consultancy partners with AXECO Participaties.

DPO Consultancy office vibes

DPO Consultancy: your GDPR and Data Privacy Consultants

It is no secret that we are becoming more aware of privacy, with laws and regulations becoming increasingly complex. The trick is not to see privacy and data protection as an obligation, but as something that makes you stand out for the right reasons. This is exactly where DPO Consultancy and its experienced data privacy consultants from all around the world step in. We assist companies from all around the world in their Privacy Journey towards GDPR and Data Protection Compliance. We provide them and their people with the right knowledge, we make sure that privacy policies and procedures are properly structured, and organize everything down to the last detail.

DPO Consultancy is trusted by more than a 100 clients worldwide!

Vitens logo, DPO Consultancy client
Jaguar Land Rover, Client of DPO Consultancy
Yamaha logo, DPO Consultancy client
Belastingdienst logo, DPO Consultancy client
ibn logo, DPO Consultancy client
chdr logo, DPO Consultancy client
bibliotek eindhoven logo, DPO Consultancy client
go sharing logo, DPO Consultancy client
wilson hcg logo, DPO Consultancy client
marinus pharmaceuticals logo, DPO Consultancy client
immuno brain logo, DPO Consultancy client

How can we assist you?

GDPR Assessment
GDPR Assessment

Determine if your business is GDPR-proof and assess your privacy level

Learn more
Privacy management
Privacy Management

The implementation of privacy management solutions

Learn more
GDPR education
GDPR Education

Demonstrable education on privacy and data protection

Learn more
DPO as a service
DPO-as-a-Service

Easily outsource the role of DPO to an independent and experienced expert

Learn more

Do you have a specific question about the GDPR or Data Privacy?

Jelmer Pieters – Founder at DPO Consultancy | Privacy & Data Protection Consultant

DPO-as-a-Service at WilsonHCG

MBA | CIPP/E | CIPM | FIP

Contact Jelmer
Jelmer Pieters, founder and managing partner of DPO Consultancy

Our latest News and Publications on the GDPR and Data Privacy

DPO Consultancy partners with AXECO Participaties

Partnerschip
Liveblog
26 May 2025
DPO Consultancy, a leading advisory firm in the field of data privacy, proudly announces its new partnership with AXECO Participaties. Together, we aim to accelerate DPO Consultancy’s growth ambitions in order to better support our clients with integrated data privacy solutions across Europe. This collaboration marks a new phase of growth for DPO Consultancy. The … Continued
Learn more

Understanding the New EDPB Guidelines on Pseudonymisation

Liveblog
17 January 2025
The European Data Protection Board (EDPB) has recently published its Guidelines on Pseudonymisation under the General Data Protection Regulation (GDPR). These guidelines provide critical insights into how pseudonymisation can be used effectively as a safeguard for data protection. Below, we unpack the key takeaways and their implications for organizations handling personal data.
Learn more

Data (Use and Access) Bill: new Data Privacy Law in the UK?

Data (Use and Access) Bill - DUA Bill
Liveblog
4 December 2024
The DUA Bill has shifted in tone from its predecessor and now seeks to promote enabling greater use of data to grow the economy, improve public services and make people’s lives easier. According to the UK government, the DUA Bill is largely focused on making better use of data across many sectors of the UK’s economy and improving public sector services.
Learn more

LinkedIn Fined €310M: 3 Key GDPR Takeaways for Companies

LinkedIn Fine 310 M
Liveblog
13 November 2024
On October 24th, 2024, the Irish DPA, the Data Protection Commission (DPC) published its decision to fine LinkedIn 310 million Euros for multiple violations of the GDPR, related to the processing of personal data for behavioural analysis and targeted advertising. What are the key takeaways from this decision for those not working for large social media companies?
Learn more

Understanding the interaction between the EU AI Act and the GDPR

EU AI Act and the GDPR
Whitepaper
8 November 2024
Two key pieces of legislation govern AI solutions in the EU: the Artificial Intelligence Act (AI Act) and the General Data Protection Regulation (GDPR). Concepts such as automated individual decision-making, explainability, and transparency from GDPR are vital in the context of AI. Additionally, data controllers and processors may face new responsibilities based on their roles under the AI Act and the associated risk level of the AI systems they develop or use.
Learn more

ePrivacy Regulation: What you need to know

ePrivacy Regulation
Liveblog
7 November 2024
The implementation of the ePrivacy Regulation (ePR) will transform how electronic communications are managed and protected in the European Union (EU). Both the digital landscape and legal frameworks are evolving, and this brings our online interactions to a newer level each day. Therefore, the European Union (EU) takes the steps to ensure individuals data are protected. One of the key legislative tools in this effort is the ePrivacy Regulation (ePR), which is set to replace the outdated ePrivacy Directive (ePD).
Learn more

Transfer Impact Assessment: conducting a GDPR-Compliant TIA

Transfer Impact Assessment
Liveblog
23 October 2024
Failing to conduct a TIA when required can result in significant fines and damage to a company’s reputation. By being proactive about international data transfers, organizations can avoid risks. This helps them keep the trust of their customers and partners.
Learn more

New EDPB Guidelines on Legitimate Interest: 3 Key Takeaways

New EDPB Guidelines on Legitimate Interest 2024
Liveblog
10 October 2024
The European Data Protection Board (EDPB) has just released its much-anticipated guidelines on the processing of personal data based on legitimate interest. This legal basis, outlined in Article 6(1)(f) of the GDPR, allows data controllers to process personal data when they have a legitimate interest, provided they meet specific criteria.
Learn more

Record of Processing Activities (RoPA) Checklist

Record of Processing Activities (RoPA) Checklist
Tools
18 September 2024
With this checklist we explain to you which data you must include in a record of processing activities according to the General Data Protection Regulation (GDPR). We give you an explanation of each point and tell you what you need to keep in mind to comply with the legal obligations.
Learn more

AI Chatbots bring a big Data Privacy risk: Data Breaches

ai chatbots data privacy
Liveblog
9 August 2024
It’s becoming increasingly common for employees to use digital assistants at work, whether to answer customer queries or summarize large documents. While these tools can save time and reduce mundane tasks, they also come with significant risks.
Learn more

Google Delays Third-Party Cookies ban

google delays its ban on third part cookies ban
Liveblog
5 August 2024
Numerous websites utilize cookies, which are generally divided into ‘essential’ (functioning website) and ‘non-essential’ (for example, store important information and user preferences) categories. The regulation of cookies falls under the ePrivacy Directive, translated into national laws of EU Member States. The ePrivacy Directive mandates that websites offer transparent information about cookie usage and seek consent for placing non-essential cookies.
Learn more

The EU AI Act Timeline: The Countdown Begins

EU AI Act Timeline
Liveblog
23 July 2024
The much-anticipated EU AI Act was published in the EU’s Official Journal on 12th July 2024 and promises to reshape the landscape of artificial intelligence across Europe. As we stand at the cusp of this groundbreaking legislation, it’s crucial to understand the roadmap ahead. Here, we detail the key dates and milestones leading up to the full implementation of the EU AI Act, ensuring you’re well-prepared for the changes to come.
Learn more

e-Privacy Regulation Unveiled: Decoding the Regulatory Realm of ePR

EU ePrivacy Regulation pdf
Whitepaper
4 July 2024
Curious about the latest developments in digital privacy and regulation? Our whitepaper, “E-Privacy Unveiled: Decoding the Regulatory Realm of ePR”, provides an in-depth look into the upcoming e-Privacy Regulation (ePR) from the European Union. This comprehensive guide is a must-read for anyone looking to understand how the e-Privacy Regulation will transform the protection of electronic communications and what it means for your organization.
Learn more

Algorithms and discrimination are a core component of this year’s privacy monitoring

Alghorithms discrimination and privacy monitoring
Liveblog
3 July 2024
In 2023, the benefits scandal (Toeslagen affaire) advanced with hearings led by the parliamentary committee on Fraud Policy and Services. Despite these sessions, it became evident that little had changed. This lack of progress was unexpected, especially given the frequent summoning of the Dutch Data Protection Authority (AP) by the committee to address previous shortcomings. However, the AP continued to confront challenges related to algorithms and discrimination, as outlined in their 2023 annual report.
Learn more

Critical Role of Judges Needed in Algorithm Use

The critical role of judges in algorithm use
Liveblog
26 June 2024
Judges and appeals committees must be vigilant regarding government decisions where algorithms have played a role. Additionally, the government should proactively be transparent about its use of algorithms. This was advocated by Aleid Wolfsen, chairman of the Dutch Data Protection Authority (AP), during a meeting in the Week of the Rule of Law on artificial intelligence (AI) in the judiciary.
Learn more

AP: More Clarity Needed on Approaching People Entitled to Benefits or Allowances

Autoriteit Persoongegevens Privacy allowances and benefits
Liveblog
19 June 2024
The draft law allowing government agencies to proactively approach individuals eligible for benefits or allowances requires further modifications, according to the Dutch Data Protection Authority (AP). Specifically, individuals should receive clear information in advance about which personal data will be exchanged between agencies. The AP’s findings come after reviewing the proposed Law on Proactive Service Provision by the Ministry of Social Affairs and Employment (SZW), which amends the Implementation Structure Act on Work and Income (SUWI).
Learn more

More AI Guidance and Recommendations published by Data Protection Authorities

AI Guidance and Recommendations on AI Systems
Liveblog
13 June 2024
Since the introduction of the European Artificial Intelligence Act (“AI Act”) in March this year, guidance and recommendations by various Data Protection Authorities (“DPAs”) has been published. The most recent recommendations of the French Data Protection Authority (“CNIL”) are no different.
Learn more

European Health Data Space (EHDS) Regulation: 5 Key Points

approved european health data space ehds regulation
Liveblog
30 May 2024
In April 2024, the European Parliament approved the European Health Data Space (EHDS) regulation, which is expected to be ratified by EU member states soon. The aim of these data spaces is to unlock extensive repositories of existing data and facilitate their accessibility for research, innovation, and development, while ensuring compliance with pertinent data protection regulations.
Learn more

Governments and Facebook in the EU

Governments and Facebook in the EU
Liveblog
22 May 2024
New problems arise for Facebook (and its owner Meta) in the EU. After receiving a fine of €390 million from the Irish Data Protection Commission (DPC) over the legal basis for targeted advertising, the Dutch Data Protection Authority questioned the use of Facebook by governmental bodies.
Learn more

Dutch Data Protection Authority releases Facial Recognition Guidance

Dutch Data Protection Authority Facial Recognition Guidance
Liveblog
10 May 2024
Due to the number of frequently asked questions the Dutch Data Protection Authority has received about the use of facial recognition, the AP has released a guidance about the use of facial recognition.
Learn more

Privacy Concerns Surrounding Tracking Traffic Lights: An Urgent Call for Action

Privacy concerns regarding traffic lights
Liveblog
17 April 2024
In recent years, the deployment of “tracking traffic lights” in the Netherlands has raised significant privacy concerns among both policymakers and citizens. These innovative traffic lights, designed to communicate with mobile phones of road users, have the capability to gather vast amounts of personal data, prompting intervention from the Dutch Data Protection Authority (AP). With the AP sounding the alarm once again, it is imperative for the Ministry of Infrastructure and Water Management (IenW) to take decisive action to address these privacy risks. 
Learn more

The US unveils new draft Federal Privacy Bill

American flag
Liveblog
8 April 2024
The American Privacy Rights Act (“APRA”) has been unveiled. This comprehensive draft legislation sets clear, national data privacy rights and protections for Americans, eliminates the existing patchwork of state data privacy laws and establishes robust enforcement mechanisms to hold violators accountable, including the private right of action for individuals.
Learn more

Employee Monitoring through facial recognition in attendance control

facial recognition in attendance control of employees - gdpr and privacy issues
Liveblog
3 April 2024
In April 2024, the European Parliament approved the European Health Data Space (EHDS) regulation, which is expected to be ratified by EU member states soon. The aim of these data spaces is to unlock extensive repositories of existing data and facilitate their accessibility for research, innovation, and development, while ensuring compliance with pertinent data protection regulations.
Learn more

The AI Act and the GDPR: what does it mean for companies?

The AI Act and the GDPR
Liveblog
15 March 2024
On the 13th of March 2024, the AI Act passed the scrutiny of the European Parliament and is ready to become a law of the Union. This comprehensive regulatory framework aims to govern the development and use of artificial intelligence (AI) across the European Union (EU). The AI Act’s primary aim is to ensure that AI technologies are developed and used in a manner that is ethical, transparent, and respects fundamental rights, and covers a wide range of AI systems used in various sectors, including healthcare, transport, and finance.
Learn more

EDPS finds European Commission’s use of Microsoft 365 infringes EU data protection law

EDPS finds European Commission’s use of Microsoft 365 non gdpr compliant
Liveblog
13 March 2024
After its inquiry, the European Data Protection Supervisor (EDPS) found that the European Commission breached numerous essential data protection rules while using Microsoft 365. As a consequence, the EDPS has mandated that the Commission implement specific corrective actions.
Learn more

HIPAA: Safeguarding Health Data in the Data Protection Landscape

Article about Health Insurance Portability and Accountability Act (HIPAA)
Liveblog
29 February 2024
In the era where data breaches are not just a possibility but also an unavoidable threat, the Health Insurance Portability and Accountability Act (HIPAA) positions as a ray of hope and security for the healthcare industry. HIPAA is more than just a regulatory requirement.
Learn more

Navigating HIPAA – Protecting Health Data in the Data Protection Landscape

HIPAA whitepaper
Whitepaper
26 February 2024
In the complex world of healthcare and data protection, the Health Insurance Portability and Accountability Act (HIPAA) provides crucial guidelines for safely handling patient data. Our latest whitepaper, authored by experts Johan Martens, Emine Bilsin, and Deniz Naz Kaya, offers in-depth analyses and practical advice for navigating the challenges and opportunities HIPAA presents.
Learn more

Embracing the Google Consent Mode V2

Google Consent Mode v2
Liveblog
21 February 2024
Consent Mode v2, developed by Google, enables the transmission of consent signals from websites cookie banners directly to Google. This ensures that user consent preferences of the user are, in fact, honored. In practice, this tool provides a direct line of communication between the websites, where the user has given their preference to agree to share personal data, directly with Google for advertising purposes and personalization. It is an effective and efficient tool that streamlines procedures while at the same time providing users with more control regarding their personal data. When the user does opt to provide consent, Google can utilize these tools for detailed analytics. Conversely, if the user chooses not to consent, Google restricts the use of cookies and identifiers respectively.
Learn more

Not answering to DSAR causes serious fines

Not answering to data subjects access request causes serious fines
Liveblog
13 February 2024
In a recent development, the Italian DPA has taken decisive actions against Autostrade per l’Italia and Amazon Italia, fining them €100,000 and €40,000 respectively for having mishandled Data Subjects Access Requests (DSARs) from (former)employees. Article 15 GDPR outlines the Data Subject’s right to access, and its pivotal role has also been acknowledged by the European Data Protection Board (EDPB) guidelines 01/2022 on the right of access as updated on the 28th of March 2023. In particular, this right allows individuals to confirm the processing of their data, access personal information, and obtain details about the processing, including:
Learn more

The Dutch Data Protection Authority focus on Cookie Banners

dutch dpa investigation tracking cookies
Liveblog
7 February 2024
On 2024, the Dutch Data Protection Authority (AP) plans to increase its scrutiny of cookie consent practices to ensure compliance with regulations. Practice has shown that organizations quite often make use of misleading cookie banners, such as hidden rejection buttons or requiring the consumer to go through various clicks before rejecting cookies.
Learn more
Bekijk al onze blogartikelen

Get in touch!

We respond to your question within 24 hours

Ask your question

Check our privacy statement.

This field is for validation purposes and should be left unchanged.

Prefer a direct contact?

We look forward to help you!
Call us
Mail us