Website Rules in Belgium
Belgian websites must display their ondernemingsnummer (enterprise number) and comply with GDPR as enforced by the GBA. Bilingual requirements add extra complexity.
Data protection authority:
Gegevensbeschermingsautoriteit
(GBA)
Requirements
3
country-specific rules
Guides
11
guides available
Specific requirements for Belgium
Ondernemingsnummer
Belgian businesses must display their ondernemingsnummer (enterprise number) on their website. Format: BE 0XXX.XXX.XXX.
GBA enforcement
The GBA (Gegevensbeschermingsautoriteit) enforces GDPR in Belgium. They have been active in cookie consent enforcement, including a landmark case against IAB Europe.
Bilingual requirements
Businesses in Brussels or serving both Dutch and French-speaking communities may need to provide information in both languages.
Enforcement in Belgium
The Belgian GBA's 2022 ruling against IAB Europe — fining them €250,000 for the Transparency and Consent Framework — sent shockwaves through the entire EU ad-tech industry. The GBA has also fined a Belgian company €50,000 for sending marketing emails without valid consent, and regularly publishes enforcement decisions to increase awareness.
Official resources
Guides for Belgium
GDPR compliance checklist for Irish businesses (2026)
GDPR compliance checklist for Irish businesses. DPC enforcement, DPA 2018, ePrivacy Regs 2011, CRO disclosure, cookie consent and processor agreements.
Cookie Banner Requirements Under EU Law (2026 Guide)
Cookie banner requirements in the EU 2026: reject equal to accept, no dark patterns, prior consent. EDPB Guidelines 05/2020 explained.
EAA for Irish small businesses: SI 636/2023 compliance
EAA small business guide for Ireland: S.I. 636/2023, micro-enterprise exemption, CRO disclosure, WCAG 2.1 AA and CCPC expectations.
Contact Form GDPR Requirements: Article 13 Compliance
What a GDPR-compliant contact form needs: Article 13 information, the right legal basis (legitimate interest vs precontractual), unchecked boxes, retention.
Google Analytics and GDPR: Is GA4 Legal in the EU? (2026)
Can you use Google Analytics 4 in the EU? The consent requirement, the EU-US DPF transfer mechanism, Consent Mode v2 limits and cookieless alternatives.
Data Breach Reporting Under GDPR: 72-Hour Notification
Report a personal data breach under GDPR Article 33: the 72-hour clock, when notification is required, what to file and when to tell affected individuals.
Data Processing Agreement (DPA): Article 28 GDPR Guide
When a third-party service needs a Data Processing Agreement under GDPR Article 28: required clauses, common processors and how to handle DPA refusal.
GDPR Data Retention Periods: Article 5(1)(e) Guide
How long can you keep personal data under GDPR? The Article 5(1)(e) storage limitation principle and retention periods by data category for EU businesses.
GDPR Records of Processing: Article 30 Template
Build the Article 30 GDPR record of processing activities. Who is exempt, what to include, controller vs processor versions and a ready-to-fill template.
GDPR Fines for Small Businesses: Real Cases and Amounts
Real GDPR fines for small businesses run from about 1,000 to 50,000 EUR. See published regulator decisions, what triggers enforcement and how to avoid it.
How to Scan Your Website for Copyrighted Images
Learn how to find copyrighted images on your website before enforcement agencies do. Manual and automated methods to check every image.
Check your website for Belgium requirements
Our scanner checks for Belgium-specific requirements automatically.
I understand this is a technical scan, not legal advice, and I accept the Terms.