Personal Data Protection Act
Also known as: Wbp
The Personal Data Protection Act (Wbp) was a Dutch law establishing the protection of citizens' privacy. The Wbp replaced the old Personal Data Protection Act in 2001 and was based on the European Data Protection Directive. In 2018, the Wbp was replaced by the General Data Protection Regulation (AVG).
In a world where our personal data is stored and processed in many files, the Personal Data Protection Act regulated the duties of personal data processors and the rights of those whose data is stored and processed.
For example, organizations that store and process personal data may only do so if they explain why this is done, how the data is processed and whether this requires user consent.
Within the Wbp, individuals have the right to know what happens to their personal data. Data must be able to be viewed and changed at any time. It must also be possible to object to the processing of data, for example for direct marketing.
Personal Data Authority
The Personal Data Authority (formerly College Bescherming Persoonsgegevens) oversaw compliance with the Personal Data Protection Act. Organizations that process personal data must report this to the Personal Data Authority. It also handles the mandatory reporting of data breaches.
AVG
On May 25, 2018, the General Data Protection Regulation went into effect. From that date, the Personal Data Protection Act no longer applies and all member states of the European Union have the same privacy legislation. As with the Wbp, under the AVG, the Personal Data Authority is the privacy regulator within the Netherlands.
