Global Data and Cyber Handbook

Belgium

Select a Topic
Start Comparison
Data localization and regulation of non-personal data
Jump to
Data localization and regulation of non-personal data Start Comparison
Are there data localization/data residency or other types of laws that may require the retention and storage of data in the local jurisdiction, or prohibit the transfer of data out of the jurisdiction?

Last reviewed: January 2025

Yes

a) data localization / data residency laws that mandate retention of personal data or a copy thereof in the local jurisdiction (include whether copies or the original data may be also be stored outside of the jurisdiction):

Certain data localization requirements still exist as per specific laws, such as, but not limited to:

  • Tax laws: except where otherwise provided for by law or where otherwise authorized by the tax administration, the books and other documents establishing the taxpayer's income have to remain at the disposal of the tax administration in the office, agency, branch or at any other professional or private location of the taxpayer where these books and documents are held, prepared or sent (Art. 315 of the Belgian Income Tax Code).
  • Employment laws: social documents (working regulations, individual accounts, DIMONA notification to the social security administration, etc.) must be kept in Belgium, and must be maintained on the company's site so that they can be immediately available in original form to any requesting authorities (Art. 22 of the Royal Decree of 8 August 1980 on the retention of social documents).

b) Other laws that may require the retention and storage of personal data (including, for example, where such data is part of another type of record or dataset) in the local jurisdiction or otherwise prohibit the transfer or disclosure of the personal data outside of the local jurisdiction:

         national security laws 

         tax or financial record laws

         employment laws

         export control laws

☒         other 

Please refer to the EU Chapter of this Handbook for additional information on EU instruments in that regard such as Regulation (EU) 2018/1807 on the framework for the free flow of non-personal data in the European Union.

Does law or regulation impose mandatory requirements to share or make accessible non-personal data?

Last review date: January 2025

☒   Obligation for public sector organizations to share or make accessible non-personal data
☒   Obligation for private organizations to share or make accessible data generated by connected or "IoT"

If so, please provide brief details of the relevant law or regulation.

Please note that this Chapter focuses solely on specific local laws and regulations. Please refer to the EU Chapter of the Global Data & Cyber Handbook for detailed information regarding applicable EU laws imposing requirements to share or make accessible non-personal data, such as the Data Act and the Data Governance Act.

The Belgian Act of 15 May 2024 and the executing Royal Decree of 1 October 2024 implement the Data Governance Act in Belgian law, including with respect to the redress procedure concerning requests for re-use of data foreseen in Article 9, paragraph 2 of the Data Governance Act.

What specific obligations do these data-sharing rules impose on private organizations?

Last review date: January 2025

For detailed information on specific obligations regarding data-sharing of non-personal data by private organizations in Belgium, please refer to the EU Chapter of the Global Data & Cyber Handbook.

         Obligation to share data on request

         Obligation to (re)design products or services to facilitate data accessibility

{{ $store.state.loadingScreen.message }} ...