The General Data Protection Regulation for associations: the challenge of compliance.

This important focus session presented in cooperation with Association Executives, will be hosted by leading law firm Mayer Brown Europe on 6th February, 2018, from 1200 to 1400.


Why attend?

Are you ready for 25 May 2018?  Are you close to achieving compliance? Or, is it still “work in progress”? Whatever your status of readiness, this session is of direct relevance. It will not only include clear steps towards conforming to the new rules but will also present a practical case study. Mayer Brown have developed a methodology to assist associations in addressing the challenge of compliance in a cost effective way.

Why? Because in the course of your daily activities, you will collect and process personal data (from your employees and staff, your members and the individuals attending your conferences and events, etc.). Associations often conduct what is considered as “direct marketing activities”, inviting people to subscribe to newsletters, etc. Collection and processing of personal data that is vital for the functioning of an association must comply with  the GDPR requirements. Some of the new requirements include (depending on the circumstances): conducting data protection impact assessment, appointing a data protection officer, keeping records of data processing activities, notifying data breaches to the supervisory authority within 72 hours, etc.

N.B. the GDPR introduces new sanctions for non-compliance and fines can amount to 20 million Euros!


Topics addressed:

The session will cover the main changes introduced by GDPR to enable you to deal with the following topics:

  • Assessing whether (and to what extent) the GDPR applies to your association
  • Mapping the processing of data and the transfer of data
  • Reviewing (or drafting) your Privacy Statement
  • Reviewing  the legal basis for your data processing activities
  • Developing data governance systems
  • Conducting training tailored for your staff
  • Reviewing your contracts with vendors and other third parties
  • Reviewing international data transfers mechanisms

In a case study based on EU Salt, the speakers will then present the methodology developed for compliance with the GDPR.


Register by writing to


When: 6th February from 1200 to 1400

Where: 52 Avenue des Arts, 1000 Brussels

This session is free of charge.  A light lunch is kindly provided by our hosts, Mayer Brown Europe.

In order to render the session more pertinent for participants, please consider the questions below. You can send your answers if you wish with your registration email to



  1. Did you, and if yes when, start getting ready for GDPR?
  2. Do you believe your organisation will be ready by 25 May 2018? Or do you think it is too late?
  3. What do you think are the most important challenges brought by the GDPR to your organisation?
  4. Do you believe any of the visitors of your organisation’s website will read your privacy statement?
  5. After 25 May 2018, will you need consent to collect someone’s business card?

About the Speakers

Charles-Albert Helleputte is a partner in the Brussels office of Mayer Brown. His practice focuses on transactional matters, with a strong focus on data privacy.

In the data privacy field, Charles is active in a number of sectors (hospitality, financial sector, travel platforms, aviation, infrastructure, etc.) and a range of practices (counselling on regulatory developments, data privacy aspects of employees’ monitoring and investigations, data collection and exchanges in the context of export control). He is regularly in contact with DPAs around Europe and has presented clients in front of the WP29.

He focuses on the development of data privacy laws in the EU in general, with specific attention to e-Privacy, data security and IoT. He regularly publishes articles on those matters. Charles is an active member of the AmCham EU Digital Economy Committee.

Diletta De Cicco is a legal consultant in the Brussels Office of Mayer Brown. Her practice focuses on privacy, data protection and cybersecurity.

Diletta wrote her LLM thesis on the adoption of the EU General Data Protection Regulation and its twofold impact on organisations and data subjects. She has recently passed the Data Protection Officer Certification exam offered by the University of Maastricht.

Diletta advises clients regarding a wide range of global data privacy and security issues. She assists organisations in complying with EU and national privacy laws, including developing global data transfers mechanisms, privacy statements, data breach notifications, privacy policies and procedures.

Diletta regularly publishes articles on those matters. She is an active member of the AmCham EU Digital Economy Committee.

Other Upcoming Events

Employment law update

Speaker: Sophie Maes, Partner, Claeys & Engels

Date: Thursday 15th March 2018
Venue: Boulevard du Souverain, B-1160

More information to be annouced in February.

Previous Association Leadership Academy sessions

To communicate or not to communicate

The speakers sat down to face a tightly packed Press Club. Natalia Kurop as moderator set the context of the session by providing three key themes to be addressed by the speakers, and in the audience Q&A session: To communicate or not to communicate?
The role of communications and media relations in EU association advocacy. Feeling the fear and doing it anyway
Why is media relations important to advocacy? Working in the Twitter world Policy in 140 characters or less.

Do’s and Don’ts of working with self-employed contractors

This Association Leadership Academy session was hosted by Sophie Maes in the spacious Claeys & Engels theatre meeting room. Sophie presented on the potential for and means of legally complying with a self-employed status for both a Finance Director and a Secretary General as examples.

Influence and Media Messaging for associations

Sticky messages, led by Laura Shields, hosted by KPMG. Laura led an interactive workshop on developing media messages that “stick” for associations. A notoriously difficult task not least due to the need to build consensus within an association and the ensuing dilution of the key message.

Business Associations and their Corporate Members: how to harvest mutual strengths

The Association Leadership Academy held a lunch time session on ‘Business Associations and their Corporate Members: how to harness mutual strengths’, led by Brunswick.This session focused on gaining a better understanding of corporate priorities and how these could be integrated into an association’s strategic planning.

Would you like to advance your career or appoint someone?