Art. 23 of the Belgian Data Protection Act implements Art. 35 (10) GDPR in such a way that a detailed data protection impact assessment must be carried out prior to the commencement of the processing activity even if a general impact assessment has already been carried out when examining the applicability of the legal bases pursuant to Art. 6 para. 1 (c) (fulfilment of a legal obligation) and e (reasons of public interest) GDPR.
Menu
