The Belgian Data Protection Authority (DPA) has signed an agreement with a domain registrar DNS Belgium to suspend or delete GDPR-infring websites.
DNS Belgium, which manages the .vlaanderen , .brussels and .be domains, signed a collaboration agreement, enabling DNS Belgium to suspend or delete websites infringing the GDPR, upon the Belgian DPA’s request. It also ensures that DNS Belgium provide any useful information to the Belgian DPA in the context of investigations .
The agreement came into force on December 1st, 2020.
Enforcement
A ” Notice & Action ” procedure will begin when a controller or processor does not comply with a DPA order to freeze, limit, or, stop processing. Following which:
The DPA notifies the registrar, DNS Belgium, of an infringement.
Next, DNS Belgium in turn notifies the domain name holder, who then has 14 days to comply.
At the same time the notification is issued, DNS Belgium will redirect the domain name to a warning page from the Belgian DPA.
During the 14 days, the Belgian DPA will assess whether compliance has been reached. If the DPA informs the domain registrar that compliance was reached, or if the DPA simply does not communicate further with the registrar regarding the domain, the domain name will once more function as before.
Alternatively, if the DPA decides that compliance is still not reached, the domain name will continue to redirect to the warning page for six months.
At the end of the six-month period, the domain name will be quarantined for a further 40 days and then released for registration.
💡 You can read the full Agreement text here (PROTOCOLE DE COOPÉRATION ENTRE DNS BELGIUM ASBL ET L’AUTORITÉ DE PROTECTION DES DONNÉES).
About us
Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.
