+31 (0)73 220 2000 | info@brandcompliance.com
English
  • Dutch
  • English
  • Dutch
  • English
Brand Compliance
  • Certify
    • ISO 9001
    • ISO 22301 (BCM)
    • ISO 19770-1 (IT-assets)
    • ISO 27001
    • ISO 27017 and ISO 27018
    • BIO
    • ISO 27701 (Privacy)
    • NEN 7510
  • IT Assurance
    • SOC 2
  • Vacancies
  • Knowledge base
  • BC Academy
Discuss your situation
  • Information security
    • ISO 27001
    • NEN 7510
    • CyFun
      • CyFun verification
      • Request CyFun verification
    • ISO 27799
    • ISO 27017 and ISO 27018
    • BIO
    • ISO 19770-1
  • Privacy
    • BC 5701
    • ISO 27701
    • GDPR standard BC 5701:2024 EN
  • IT assurance
    • SOC 2
    • ISAE 3402
    • ISAE 3000
  • Quality & continuity
    • ISO 9001
    • ISO 14001
    • ISO 22301
  • Knowledge & news
    • Knowledge articles
    • News
  • Academy
    • All training courses
    • NIS2 & CyFun
    • ISO 27001
  • About us
    • Accreditations
    • Careers
    • Compliment, complaint or tip
    • Locations
    • Privacy Statement
    • Contact

Preparing for certification

6
  • Certification checklist: how to prepare for certification
  • Do you have your first certification audit soon?
  • The certification process step by step
  • How long does ISO certification take?
  • How to conduct an internal audit
  • Describing the scope of certification: tips and examples

Audit process & certification cycle

7
  • Initial audit Stage 1
  • Initial audit Stage 2
  • What is a certification cycle?
  • Nonconformities within the management system
  • What should you know about certificate suspension or revocation?
  • Transfer of certification
  • The use of certification logos

Management systems & key concepts

6
  • Whitepaper management system audits
  • Quality Management: best practices for success
  • The Brand Compliance glossary
  • What is a management system?
  • Internal or external audit?
  • Accreditation versus certification

Information security

3
  • Excelling in information security: best practices
  • Operational Capabilities: The Backbone of Information Security
  • The Traffic Light Protocol (TLP): what does it mean for you?

NEN 7510 & healthcare

4
  • Transition to NEN 7510-1:2024
  • NEN 7510 without healthcare institution?
  • How to expand with NEN 7510
  • The differences between ISO 27001 and NEN 7510

NIS2 & CyberFundamentals

5
  • ISO 27001 in a NIS2 context in Belgium
  • CyberFundamentals 2025: transition from CyFun 2023 to 2025
  • Self-assessment & CyFun verification: best chance of success
  • NIS2 liability for board members
  • CyberFundamentals Framework in Belgium: what is the relationship with NIS2?

Privacy & data protection

8
  • ISO 27701:2025 transition
  • GDPR compliance best practices
  • Data breach: What is it and how do you prevent it?
  • Your Data Protection Officer and the GDPR
  • Your record of processing activities and the GDPR
  • Checklist for your BC 5701 certification
  • BC 5701 certification: where do you start?

Assurance audits

1
  • ISAE 3402 vs SOC 2: what is the difference?
View Categories

GDPR compliance best practices

A best practice is a standard or set of guidelines that is known to produce good outcomes if followed. Best practices are related to how to carry out a task or compose something. A best practice usually presents the optimal way to work, how to use a product or a set of ideals to reach toward. Read more for GDPR compliance best practices!

GDPR compliance best practices

The General Data Protection Regulation (GDPR) is legislation that came into force in 2018 and regulates the protection of personal data of EU citizens. In this article we share some GDPR compliance best practices that can help you comply with this law. 

Provide transparency  #

Make sure you communicate clearly with customers about what you do with their personal data and why you collect it. 

Only collect relevant data  #

Only collect the personal data you need for your activities and make sure to store it securely. 

Ensure data security  #

Provide appropriate security measures to protect personal data against unauthorized access, loss, theft or damage. 

Implement privacy by design  #

Consider privacy and data protection when designing and developing your products and services. 

Draw up a data protection policy  #

Create a documented policy to ensure your organization is GDPR compliant. This policy should describe, among other things, how you handle personal data, how you handle data security incidents and how you handle requests from individuals for access to their personal data. 

Designate a data protection officer  #

If necessary, designate a data protection officer (DPO) responsible for overseeing compliance with the GDPR. 

Train staff  #

Make sure your staff are aware of the GDPR and understand how to handle personal data securely. 

Create a register of processing activities  #

Keep a record of all processing activities you carry out in relation to personal data. 

Be prepared for incidents  #

Develop a plan for handling data security incidents, including procedures for reporting data breaches and informing data subjects. 

Evaluate processes regularly  #

Regularly review your processes and policies to ensure you are GDPR compliant and to identify and address any deficiencies. 

These best practices are a good starting point for GDPR compliance, but it’s important to make sure you stay abreast of new guidance and recommendations from supervisory authorities. Would you like to know what Brand Compliance can do for you in the field of GDPR certification? Contact one of our specialists, they will be happy to help you. 

Share This Article :

  • Facebook
  • X
  • LinkedIn
Updated on 2 July 2026
ISO 27701:2025 transitionData breach: What is it and how do you prevent it?
Contents
  • Provide transparency 
  • Only collect relevant data 
  • Ensure data security 
  • Implement privacy by design 
  • Draw up a data protection policy 
  • Designate a data protection officer 
  • Train staff 
  • Create a register of processing activities 
  • Be prepared for incidents 
  • Evaluate processes regularly 

Accreditation

RvA C548Brand Compliance B.V. has accreditation (C548) to certify ISO 27001, ISO 27701 NEN 7510 and ISO 9001 technical area 33 information technology and 35 other services.

View our accreditations

Contact

Have a question about certification, verification or assurance?

info@brandcompliance.com
+31 (0)73 220 2000

Prefer local contact details?
View our locations

Our locations

‘s-Hertogenbosch, The Netherlands

Antwerp, Belgium

Ottignies-Louvain-la-Neuve, Belgium

Stockholm, Sweden

Dublin, Ireland

Luxembourg, coming soon

Practical information

Privacy statement

Terms and conditions

Company details

Feedback and complaints

 

© Copyright 2026 Brand Compliance
Thank you for your rating!
Thank you for your rating and comment!
This page was translated from: Dutch
Please rate this translation:
Your rating:
Change
Please give some examples of errors and how would you improve them: