Website Rules in the Netherlands
Dutch websites must comply with the AVG (GDPR), Telecommunicatiewet, the European Accessibility Act, and display KVK registration details. The Autoriteit Persoonsgegevens actively enforces cookie and privacy rules.
Data protection authority:
Autoriteit Persoonsgegevens
(AP)
Requirements
6
country-specific rules
Guides
4
guides available
Specific requirements for Netherlands
KVK number display
Every Dutch business must display their KVK (Kamer van Koophandel) registration number on their website, emails and invoices. Required by the Handelsregisterwet 2007.
BTW-ID (not BTW-nummer) for ZZP'ers
Since 2020, sole proprietors (eenmanszaak/ZZP) must use their BTW-identificatienummer on their website, not the old BTW-nummer which contained their BSN.
Cookie consent (Telecommunicatiewet)
The Dutch Telecommunicatiewet requires informed consent for non-essential cookies. The AP has issued warnings and fines to websites that set tracking cookies before consent.
Privacy policy (AVG)
Every website processing personal data needs an accessible privacy policy covering data collection, legal basis, data processors, retention periods and visitor rights.
EAA / Digital Accessibility (ACM)
The European Accessibility Act is enforced in the Netherlands by the ACM (Autoriteit Consument & Markt). Websites must meet WCAG 2.1 AA standards.
E-commerce: Koop op Afstand
Online sellers must comply with "Koop op Afstand" (distance selling) rules: 14-day withdrawal right, clear pricing including BTW, delivery terms before checkout.
Enforcement in Netherlands
In 2024, the Autoriteit Persoonsgegevens fined Clearview AI €30.5 million for building an illegal facial recognition database. For smaller businesses, the AP issued a €525,000 fine to a company for fingerprinting website visitors without consent, and warned hundreds of websites about cookie banners that don't meet requirements.
Official resources
Guides for Netherlands
GDPR Fines for Small Businesses: Real Cases and Amounts
Real GDPR fines for small businesses: actual cases from 1,000 to 50,000 EUR. What triggers enforcement and how to avoid it.
GDPR Compliance Checklist for Belgian Businesses (2026)
35-point GDPR checklist for Belgian businesses. APD/GBA enforcement, Wet 30 juli 2018, KBO/BCE number, cookie consent rules, Brussels bilingual obligations.
EAA for Belgian Small Businesses: What Your Website Must Do Since 28 June 2025
Practical EAA guide for Belgian SMBs. Microenterprise exemption, KBO/BCE number, accessibility statement, Brussels bilingual obligations, WCAG 2.1 AA: all explained.
Do I Need a Cookie Banner? A Simple Decision Guide
Not sure if your website needs a cookie banner? This simple guide helps you decide based on what your website actually does.
Check your website for Netherlands requirements
Our scanner checks for Netherlands-specific requirements automatically.