Luxembourg complements GDPR with its Law of 1 August 2018
06 September 2018
On 1 August 2018, the Luxembourg Government passed its national legislation to complement the General Data Protection Regulation (EU) 2016/679 ("GDPR"), and repealing the nearly 16 year old data protection regime established by the 2 August 2002 law in its entirety. As GDPR is directly applicable in all EU member states, the 1 August 2018 law primarily focuses on the mechanisms of its application, rather than replicating or expanding restrictions on data processing. Nevertheless, the law of 1 August 2018 will have some impact on FundRock and its clients as subjects to Luxembourg law. The following outlines the main changes and their impact.
Workplace surveillance and monitoring
The new law relaxes the requirements for surveillance and monitoring in the workplace and amends the labor code to reflect the GDPR requirements for such processing.
TheCommission nationale pour la protection des données (CNPD)
The majority of the law is dedicated to empowering the CNPD to carry out its mandate under GDPR as a “data protection authority”. The CNPD has the authority to investigate and adjudicate any potential breach of data protection law; under the 1 August 2018 law or GDPR. The CNPD may also take any of the punitive measures authorized by GDPR, including sanctions. Appeals of CNPD decisions are taken through the Administrative Courts.
Sanctions
The new law gives the CNPD the authority to levy penalties for non-compliance with the CNPD’s corrective measures or requests for information. These “periodic penalty payments” may be up to 5% the average daily turnover generated by the targeted entity, levied for each day of non-compliance.
For questions or further information please do not hesitate to contact our GDPR team at FRMC_GDPR@fundrock.com.
The FundRock website uses essential and non-essential cookies to improve your experience of our website.
You can find out more about this in our Cookie Notice.
Strictly necessary cookies
Strictly necessary cookies ensure that our website is able to function properly. We don't have to ask for your consent to store these cookies on your browser.
Cookies that support marketing
FundRock and our third party companies use these cookies to understand what you're interested in on our website and on social media. These cookies may also identify which other websites may have directed you to our website.