Our website uses  cookies for statistical purposes.

Our Articles

GDPR Regulations in Luxembourg

GDPR Regulations in Luxembourg

The General Data Protection Regulation, or the GDPR, has brought major changes related to the privacy of personal information collected and processed by companies in Luxembourg. As it was expected, companies were impacted the most by these regulations, as they had to take new measures in order to ensure they comply with them.

Below our Luxembourg lawyers explain how the GDRP works and how it affects local companies.

Who in Luxembourg must comply with the GDPR?

The GDPR will apply to companies registered in Luxembourg, but also to companies outside Luxembourg and the EU which processes personal information of Luxembourg citizens. Processors are known as controllers under the General Data Protection Regulations.

The GDPR explained briefly by our lawyers in Luxembourg

In order to help Luxembourg companies, our lawyers have tried to explain the main points of the GDPR. These points consist of:

  • 1.       Companies should take technical measures which will help them reduce to the maximum the amount of personal data collected;
  • 2.       Companies should also inform clients about the data collected in the simplest form and ask for their permission to collect that information;
  • 3.       Companies must allow customers to ask for their personal information to be deleted at any time;
  • 4.       Companies must name a GDPR officer who must ensure the new regulations are respected.

Our law firm in Luxembourg can advise on the implementation of the GDPR for your company.

Luxembourg companies complying with the GDPR

Apart from the measures mentioned above, Luxembourg companies can take the following steps in order to ensure they comply with the GDPR:

  • –          they can draft new consent forms which explain the type of data they collect and how this will affect clients;
  • –          they can update their confidentiality policies and display them visibly on websites, in the case of e-commerce companies;
  • –          they can have their personal data protection policies audited in order to see how compliant they are with the GDPR;
  • –          data breach risk assessments are also recommended to be carried periodically.

For full information on the new General Data Protection Regulation, please contact our law firm in Luxembourg. We can also help you open a company in Luxembourg.