Workplace Investigations
Contributing Editors
Workplace investigations are growing in number, size and complexity. Employers are under greater scrutiny as of the importance of ESG rises. Regulated industries such as finance, healthcare and legal face additional hurdles, but public scrutiny of businesses and how they treat their people across the board has never been higher. Conducting a fair and thorough workplace investigation is therefore critical to the optimal operation, governance and legal exposure of every business.
IEL’s Guide to Workplace Investigations examines key issues that organisations need to consider as they initiate, conduct and conclude investigations in 29 major jurisdictions around the world.
Learn more about the response taken in specific countries or build your own report to compare approaches taken around the world.
Choose countries
Select specific jurisdictions to filter on
Choose questions
Choose the questions you would like answering, or choose all for the full picture.
07. What data protection or other regulations apply when gathering physical evidence?
07. What data protection or other regulations apply when gathering physical evidence?
Flag / Icon
Netherlands
Netherlands
- at De Brauw Blackstone Westbroek
- at De Brauw Blackstone Westbroek
- at De Brauw Blackstone Westbroek
Dutch data protection rules are based on the EU Data Protection Directive. The employer has to notify the Dutch Data Protection Authority when processing personal data as part of an internal investigation. Given that the notification can be accessed publicly, it is recommended that the employer give a sufficiently high-level description of the case. In addition, the description should be sufficiently broad to include the entire investigation, and any future expansions of the scope of the investigation. Often companies make filings for all future internal investigations, without referring to specific matters.
The employer has to notify employees whose personal data is being processed about – among other things – the purposes of the investigation and any other relevant information. According to the Dutch Data Protection Act, this information obligation may only be suspended on restricted grounds, i.e. if the purpose of the investigation is the prevention, detection and prosecution of crimes and postponement is necessary for the interests of the investigation (e.g., because there is a risk of losing evidence, or collusion by individuals coordinating responses before being interviewed)). These exceptions on the duty to inform involved persons must be interpreted very restrictively. As soon as the reason for postponement is no longer applicable (e.g., because the evidence has been secured), the individuals need to be informed.
Dutch data protection law does not require the consent of employees. Consent given by employees, however, also cannot compensate for a lack of legitimate purpose or unnecessary or disproportionate data processing, as the consent given by an employee to its employer is not considered to be voluntary given the inequality of power between them.
Furthermore, internal company policies may contain specific data protection rules.
Download your results as a PDF
Download as pdf link
Contributors
Australia
People + Culture Strategies
Austria
GERLACH
Belgium
Van Olmen & Wynant
Brazil
CGM
China
Jingtian & Gongcheng
Finland
Roschier
France
Bredin Prat
Germany
Hengeler Mueller
Greece
Karatzas & Partners
Hong Kong
Slaughter and May
India
Trilegal
Ireland
Ogier
Italy
BonelliErede
Japan
Mori Hamada & Matsumoto
Netherlands
De Brauw Blackstone Westbroek
Nigeria
Bloomfield LP
Philippines
Villaraza & Angangco
Poland
WKB Lawyers
Portugal
Uría Menéndez - Proença de Carvalho
Singapore
Rajah & Tann Singapore
South Korea
Kim & Chang
Spain
Uría Menéndez
Sweden
Mannheimer Swartling
Switzerland
Bär & Karrer
Thailand
Chandler MHM
Turkey
Paksoy
United Kingdom
Slaughter and May
United States
Cravath, Swaine & Moore
Vietnam
Le & Tran Law Corporation
Contributors
Netherlands
De Brauw Blackstone Westbroek