Amsterdam clock tower is one of attractions near the flower market in Amsterdam, Netherlands.

During the first six months of this year (H1/2019), more than 15.000 people filed a complaint with the Dutch Data Protection Authority (Dutch DPA). One reason for this high number is that the possibility to submit privacy complaints has been newly introduced in the Netherlands under the GDPR, and it is becoming increasingly known that this possibility exists. The Netherlands is a strongly digitized country: people are concerned about their privacy and complain about violations of their privacy rights.

More than 10.000 complaints have been responded to in the first half of 2019, by means of:

  • mediation and/or having conversations about the norms and procedures under the GDPR (16%), or
  • by helping data subjects submitting their privacy complaints directly with the organization they have an issue with (29%)

The majority of the complaints relate to the violation of data subject privacy rights (32%), such as the right to access and the right to erasure. Another often-seen complaint relates to personal data sharing with third parties (13%) without organizations being transparent about it or and without consent of the individual.

The Dutch DPA received the most complaints related to the sector business services (46%), the public/governmental services (14%) and the IT sector (13%).