Guidelines on data protection rules within the context of social elections

07 Dec 2018


Dorothée David

Luxembourg’s National Data Protection Commission (“Commission Nationale pour la Protection des Données”, hereinafter reffered to “CNPD”) has just published its guidelines on data protection rules within the context of social elections, following on from the General Data Protection Regulation (GDPR), which came into force on 25 May 2018, and the entry into force, on 20 August 2018, of the law of 1 August 2018 organising the CNPD and the general data protection system.

These guidelines are designed to guide employers, social partners and employees within the context of organising social elections, and with this in mind, relate in particular to the social elections of 12 March 2019.

According to the CNPD, recent changes in legislation have meant that the system of advance authorisations and notifications no longer exists. Within the context of the organisation and running of elections for staff delegations and for staff representatives on boards of directors of “sociétés anonymes”, employers can no longer submit a formal declaration of compliance relating to the single notification decision of 14 September 2007 (deliberation no. 108/2007 – social elections), as it is no longer allowed by the legislation currently in force.

Despite the removal of the advance formalities to be completed with the CNPD, the principles and obligations resulting from the GDPR and the law of 1 August 2018 must be respected by data controllers.

To this end, the CNPD covers the measures to be taken by employers, as well as data processing for social elections, in its guidelines, which can be downloaded here.