Online privacy administration - Start simple, finish fast Privacy Accounting Control Tracking

Human Resources Manager & Privacy legislation

An HR manager has a lot to do with various laws and regulations. One of them is the General Data Protection Regulation, better known as GDPR. The legislation applies throughout Europe, including the Netherlands. What do you as an HR manager need to know about this? Fortunately, with Pact-privacy® you can easily and conveniently keep track of your administration, but why should you?

GDPR? Then you are no longer allowed to do anything with personal data.

A frequently heard comment during my training sessions. However, as an HR manager you are responsible for processing personal data of your staff during their entire working period at your company. From the 1st day of hiring to the last day of employment in terms of the HIAR personnel life cycle (Hire, Inspire, Admire and Fire).

From the P&O professional and behavioral code of the Dutch Association for Personnel Management & Organizational Development (NVP) you are dealing with a coherent set of practical and ethical principles, rules and views that the P&O professional must apply.

Among other things, in the handling of personal data received from employees and how this should take place

Files you are dealing with are:

If the HR department does not comply with the GDPR, the company runs a material risk, fines of up to 20% of their annual turnover. Bad for the company’s reputation and perhaps fatal.

It sounds like something unreal and difficult to check, but the Dutch Data Protection Authority does check it. You don’t want to run that risk, do you?

Last year, the Dutch Data Protection Authority imposed more than 2.5 million euros in GDPR fines, with an average fine of 600,000 euros. It concerns a total of four fines. The number of investigations into violations of privacy rules increased fivefold from 22 to 110.

Ethical behavior for HR manager

However, avoiding fines is not the main reason for getting things in order. HR managers set an example, they are confidential advisers. Existing personnel policy should include additional rules and tasks to embed the privacy management process in the existing organization.

The profession is characterized by core values ​​such as professionalism, integrity, objectivity, professional competence and confidentiality.

Relationships and / or customers expect strict confidentiality and care when dealing with their privacy and that of their organization.

HR managers therefore not only have a legal, but also a moral obligation to handle customer data with care.

Watch out for sick employees.

Processing information regarding sick employees also deserves your attention. Information about health is regarded as special personal data. These data may only be processed to a very limited extent, namely only if this is necessary for the performance of a legal obligation or collective labor agreement. For example, the employer may not ask a sick employee about the nature and / or cause of the employee’s illness. In addition, the employer may not ask about the limitations and possibilities of the employee.

The personal data authority has published a list with information that the employer may request from the employee when he reports sick and afterwards (to the company doctor) during sickness absence counseling and reintegration.

The image damage that occurs in a data leak can be many times more serious than any fine!

Human resources managers: Use privacy as a trademark!

The number of organizations that are fully prepared for the GDPR is limited.

However, some organizations use data protection as a Unique Selling Point and organize their entire business operations accordingly. Customers and relations like the idea that they can fully rely on an organization for professional protection of their personal data.

Therefore, use privacy as a trademark, especially as an HR professional, but in fact customers should always be able to rely on maximum data protection and secure information management when they entrust their personal data to third parties. Regardless of whether this is a Unique SellingPoint or not.

Entrepreneurs must demonstrably comply with the GDPR

The GDPR requires entrepreneurs, including HR managers, to demonstrably comply with privacy legislation.

This means that they must register what they do with personal data.

It must be possible to submit a privacy administration to the Dutch Data Protection Authority.P&O advisor HR HRM Advisers Office Business advisers Administrations salary wage administration

The content of a complete privacy administration includes a processing register, a register with processors, processing agreements, a register of requests, a data leak register, overview with measures.

Chain responsibility: Who is responsible?

Various parties are responsible for processing in the chain: the controller, the processor and any sub-processor. The controller is a legal person who determines the purpose and means of the processing of personal data. This can be the SME consultant who, as an employer, collects the legally required data from his employees. The processor is the legal entity that processes personal data on behalf of the controller. For example, processing salaries and keeping records. The sub-processor is the legal entity that processes personal data on behalf of the processor … read more .

Administration essential

The next step is to periodically conduct a risk analysis of the privacy situation at the own organization and the (sub) processors.

With a comprehensive privacy administration you can enter into a risk discussion with your staff, relations and the authorities.

Human Resources Manager

Easy and simple your privacy administration in order

Our online privacy administration, with templates and wizards. makes it easy to get the privacy administration of your organization in order.

Thanks to clear instructions, Pact-privacy® can be completed and updated quickly and easily by a (privacy) employee.

Tailored to your needs

Pact-privacy® is a complete product with handy wizards and pre-filled templates.

During the demo, we would like to focus as much as possible on solutions that you are looking for.

Discover in our product tour which features you want to hear more about.


Want to look around yourself?

Can’t wait to click around in our product yourself? No problem! Try Pact-Privacy® free for 30 days. No strings attached.


Frequently Asked Questions

Are you an HR advisor and would you like to offer this cloud software to your customers? That is possible, the software can be resold at interesting conditions.

Do you want your own portal, recognizable to your customers? Of course, your own privacy administration with all your customers in 1 overview.


Ask your own question





Human Resources Manager Office Business advisers Administrations salary wage administration


P&O advisor HR HRM manager Advisors Office Business advisers Administrations salary wage administration personnel personnel file law gatekeeper professional

TOP