Sanctions and penalties under Belgian data protection law

Article 222 of the Belgian Data Protection Act provides for a fine of EUR 250 to EUR 15,000 in the following cases:

  • processing of personal data without legal basis
  • infringement of principles under Art. 5 or 28 GDPR
  • processing which has been objected to in accordance with Art. 21 GDPR is continued without mandatory legal reasons
  • third country transfer with grossly negligent or intentional infringement of Art. 44-49 or 66-70 GDPR
  • disregard of instructions from the supervisory authority
  • obstruction of the control work of the supervisory authority (or appointed third party)
  • rebellion within the meaning of Art. 269 of the Belgian Criminal Code against employees of the supervisory authority
  • receipt and/or use of expired certificates of non-accredited bodies within the meaning of Art. 42 GDPR
  • obtaining certification in accordance with Art. 42 GDPR on the basis of false/incorrect documents
  • appearing as an accredited certification body without the accreditation of the competent supervisory authority
  • infringements of Art. 41-42 GDPR

Contact us!

Secure the knowledge of our experts!

Subscribe to our free newsletter: