A recent decision of the Council of State highlights the importance for applicants to a public procurement to comply with the General Data Protection Regulation (GDPR). Should they fail to do so, they risk having the resulting contract challenged by unsuccessful applicants to said public procurement.In July 2021, the Flemish Region awarded a contract to a Belgian company which relied on the skills of other American companies to carry out the awarded public procurement.

Another applicant to the public procurement complained about this decision and filed a claim before the Council of State, seeking a suspension of the execution of the award decision. The plaintiff’s main argument concerned infringements of the GDPR with regards to the transfer of data by the successful procurer to the United States. However, the Council of State disagreed with this analysis.

Although the decision rejected the plaintiff’s claim, it highlighted the possibility for companies to claim an alleged non-compliance with the GDPR regulatory framework in order to challenge other public procurement applicants.

For more information on the subject, please refer to Mr. Guillaume RUE’s article (guillaume.rue@cairnlegal.be ) in L’Echo or feel free to email him any question.

Best regards.
The Cairn Legal team