What is GDPR?

GDPR

The new General Data Protection Regulation (GDPR) which came into force on 25 May 2018 refers to The European Parliament and council Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Now that the new privacy legislation is in place, there is only one privacy law in the European Union, instead of 28 different national laws.

The new privacy legislation is based on the existing legislation, but in some areas it brings with it an improvement or expansion. In general, you should handle the processing of personal data in a reasonable way. How you do that is the responsibility of your company/organisation. You have an accountability to do so. This means that you as an organization must be able to demonstrate the technical and organisational actions you have taken to comply with the new privacy legislation.

Trends Business Information and GDPR

Trends Business Information is active in the B2B trading information market. With this trade information, we offer solutions that are an essential part of the B2B business processes.

When collecting, processing, systematising, analysing and interpreting company data, we use a strict deontology, in which the pursuit of the provision of high-quality, accurate, up-to-date and complete data is central. In addition, each action is reviewed against the regulations regarding the collection and processing of data.

In this way, it is always ensured that the practice is in accordance with the general standard of care within the meaning of art. 1382- 1383 of the Civil Code. The same applies with regard to the current privacy legislation (privacy directive 95/46/EC, which has been in force since 1995) and the new General Data Protection Regulation (GDPR) which came into force on 25 May 2018 (Regulation (EU) 2016/679 of 27 April 2016).

Our point of view

The data published on the websites www.trendstop.be, www.trendspro.be and www.trends-business-information.be are accessible via various (paying) login formulas. They are collected on the basis of official sources for which we have the necessary license and agreements with the publishers for the commercial re-use of that data, as well as our own enrichments through contacts (by telephone, email and post) with the companies themselves.

It only concerns data linked to the exercise of some professional activity (so-called B2B data). As mentioned earlier, the processing of that data, including personal data of business managers and companies/sole proprietorships, is crucial to give a complete and up-to-date picture of a company and of the entire population of Belgian companies.

As a commercial information office, the ‘legitimate interest’ is the basis of processing. With regard to the processing, recording and use of ‘unofficial’ functions and personal email addresses of official officers (directors, managers, partners, natural persons) and/or operational management functions, we confirm that the persons concerned are informed.

In function of the privacy legislation, the ‘data subject’ is informed about the purpose of its inclusion and rights. The use of these personal email addresses for communication purposes is governed by the Electronic Communications Act of 13 June 2005 (and not by the new GDPR). These are therefore the channels that use electronic communications (email, cookies, telemarketing, etc.). Since January 2017, the European Commission (EC) has also been working on the bill for a new ePrivacy Regulation which will replace the current Directive 2002/58/EC (on privacy and electronic communications).

If the personal email addresses are used for email marketing, there is an opt-in rule, i.e. that prior consent has been given by the recipient to the sender. The new ePrivacy Regulation will not change this and GDPR does not cover that matter. However, it is indeed allowed to conduct an email campaign to your own customer base (here the ‘legitimate interest’ is the legal basis). This also applies to a campaign to legal entities (generic or general email addresses) provided that it has an opt-out option.

Roularta and GDPR

As part of the General Data Protection Regulation, Roularta Media Group has appointed a Data Protection Officer to identify all business procedures and, where necessary, adjust them to comply with the regulations.