HighlightsMembers’ updatesPrivacy espresso seriesResourcesMay 16, 2024New Dutch Data Scraping Rules: GDPR Compliance Now Paramount


In this #privacyespresso episode, Stephan Mulders, lawyer at Van Diepen Van der Kroef Advocaten, PrivacyRules Law firm member from the Netherlands, shares with us invaluable insights on the new #guidelines on #DataScraping for private individuals and organizations recently published by the Dutch data protection authority (#AP) published comprehensive

What is Data Scraping?

Data scraping involves the automated collection and recording of information from web pages, useful for:

·   Training algorithms

·   Collecting customer questions and complaints via online channels

·   Monitoring online messages for reputation management, sales, or marketing

The guidelines clarify the distinction between data scraping and search engines, noting their application to both data scraping and #webcrawling.

When scraping personal data, organizations must comply with the #GDPR, requiring a legal basis under Article 6. Exceptions to GDPR scope include scraping for algorithm training by controllers established outside the EU, not offering goods or services within the #EU. Despite these exceptions, data scraping usually involves personal data, necessitating adherence to GDPR principles of data processing.

Stephan highlights that processing sensitive #personaldata must align with GDPR requirements, needing explicit consent or another valid exception for such processing.

Listen to this podcast episode to gain more valuable insights from Stephan Mulders on these new guidelines!