Personal Data Protection Act (Unofficial translation)
Unofficial translation
UPPER HOUSE OF THE DUTCH PARLIAMENT
Session 1999-2000 Nr. 92
25 892 - Rules for the protection of personal data (Personal Data Protection Act) (Wet
bescherming persoonsgegevens)
REVISED BILL (as approved by the Lower House on 23 November 1999)
We, Beatrix, by the grace of God, Queen of the Netherlands, Princess of Orange-Nassau, etc. etc.
etc.
To all those who read or hear this, We greet you and hereby proclaim as follows:
Whereas it is necessary to implement Directive 95/46/EC of the European Parliament and of the
Council of the European Union of 23 November 1995 on the protection of individuals with
regard to the processing of personal data and on the free movement of that data (OJ L 28 1);
Having regard to Article 10(2) and (3) of the Constitution;
We, having consulted the State Council, and in joint consultation with Parliament, have
approved and understood, as We approve and understand, the following:
CHAPTER 1. GENERAL PROVISIONS
Article 1
For the purposes of this Act and the provisions based upon it:
a. "personal data" shall mean: any information relating to an identified or identifiable natural
person;
b. "processing of personal data" shall mean: any operation or any set of operations concerning
personal data, including in any case the collection, recording, organization, storage, updating or
modification, retrieval, consultation, use, dissemination by means of transmission, distribution
or making available in any other form, merging, linking, as well as blocking, erasure or
destruction of data;
c. "file" shall mean: any structured set of personal data, regardless of whether or not this data set
is centralised or dispersed along functional or geographical lines, that is accessible according to
specific criteria and relates to different persons;
d. "responsible party" shall mean: the natural person, legal person, administrative body or any
other entity which, alone or in conjunction with others, determines the purpose of and means for
processing personal data;
e. "processor" shall mean: the person or body which processes personal data for the responsible
party, without coming under the direct authority of that party;
f. "data subject" shall mean: the person to whom personal data relate;