Legal and ethical use of GPS tracking on mobile workers in Belgium

The use of geolocation (GPS) systems in companies with mobile workers is becoming more common. Yet geolocating employees raises important questions about workplace privacy and regulatory compliance.

In Belgium, there is no specific legislation on these systems yet, but the GDPR (General Data Protection Regulation) does apply, as do other European rules and principles resulting from recommendations by bodies such as the Gegevensbeschermingsautoriteit (GBA/APD), the Dutch Authoriteit Persoonsgegevens and the French CNIL.

In this article, we look at:

• the applicable legal framework,
• the principles of consent, proportionality, transparency and temporal limitation,
• usual applications (construction, cleaning, technical services, transportation...),
• guidelines for a GPS policy in line with the law,
• examples of good practices,
• risks and penalties for unlawful use,
• and regional differences (Flanders vs. Wallonia) in interpretation of these rules,

1. Legal framework: Belgium and Europe

Applicable regulations

Although there is no specific law in Belgium regulating the use of GPS in the workplace, companies must comply with:

• the GDPR (AVG),
• the Belgian Law of July 30, 2018 on the protection of personal data,
• Article 8 of the European Convention on Human Rights,
• and article 22 of the Belgian Constitution.

GPS tracking is considered a processing of personal data. Therefore, companies must comply with the following principles:

• Rightness and fairness
.
• Purpose limitation
• Data minimization
• Transparency
• Data security

Authorities and guidelines

The Belgian Data Protection Authority (GBA, formerly the Privacy Commission) issued a specific opinion back in 2005 (Opinion No. 12/2005), in which it stressed that any GPS system must comply with the following principles:

• Lawfulness
• Legitimate purpose
• Proportionality
• Transparency

The CNIL (France) and the Personal Data Authority (the Netherlands) have published similar guidelines, urging, among other things:

• No monitoring outside working hours
• Avoid permanent tracking
• Ensure legitimate and proportionate interest

No specific law, but guidelines and collective bargaining agreements

Although there is no specific Belgian legislation around track & trace in the workplace, there are other sources of regulation:

• Bills in the Senate (not yet approved)
• Collective labor agreements in sectors such as control bodies (Joint Committee 219)
• Working groups within the construction and trade sector
• Relevant case law on data processing

In practice, the legal framework is based on a combination of the GDPR, opinions of the GBA and sectoral agreements.

Legal obligations

In addition to the GDPR, the use of GPS in the workplace also has implications within employment law:

• For companies with more than 50 employees, the worker's council must be consulted.
• The use of GPS must be included in the labor regulations and communicated to all employees.
• In SMEs without formal consultation bodies, the info should be shared with the prevention committee or directly with staff.
• A data protection impact assessment (DPIA) is mandatory if the system affects many employees or is used structurally.

2. Core principles: legitimacy, proportionality, transparency and (sometimes) consent

Legitimate purpose

A company may use GPS only if there is a clear and legitimate purpose. Examples of legitimate purposes include:

• Safety of the employee
.
• Preventing theft
• Optimization of routes and travel times
• Confirmation of services performed

General use "for security" or to catch employees in the act without prior cause is not permitted.

Proportionality

The system should have as little invasion of privacy as possible:

• No 24/7 tracking
• No tracking outside working hours
• Possibility for employee to turn off GPS in personal time
• Keep only necessary data, and for a limited period of time (e.g., a maximum of 2 months according to the CNIL)

Transparency

The employee should be clearly informed about:

• What data is collected
• For what purpose they are used
• Who has access to the data
• How long they are kept
• What rights he or she has

All of this should be in writing, in clear language, within an accessible policy statement.

Is employee consent necessary?

It depends:

• Not necessary if GPS is essential to the activity (e.g., couriers, ambulances, urgent installations).
• Needed if the use is not essential and there are alternative ways to organize the activity. In this case, the consent must be free, informed, specific and revocable.

3. Permitted vs. prohibited uses

4. Case studies in common industries

Construction

• GPS to coordinate deliveries and protect vehicles or machinery.
• Mandatory shutdown outside working hours.
• If Checkin-at-work is already being used, GPS may not duplicate this attendance check.

Cleaning and facility services

• Suitable for route planning by supervisors or coordination of multiple clients.
• Avoid constant tracking of each employee without justifiable reason.
• Recommended: use apps with check-in and check-out only, without continuous tracking during moves.

Technical services, maintenance and logistics

This includes:

• Electricians
• Plumbers
• Gardeners
• Installers of heating or air conditioning
• Network, telecom and alarm installers
• Couriers and logistics personnel

For these profiles, GPS can help:

• Faster response times
• Route optimization
• Accident safety

Important: No automatic penalties (e.g., for speeding) based on GPS. It is good practice to provide a "private mode" or allow the employee to turn off tracking during non-work related time (breaks, commuting).

5. Good practices in Belgian companies

• Automatic shutdown of GPS outside working hours.
• Clear and accessible policies, available in the employee's language.
• Prior consultation with representatives (including in SMEs).
• Data minimization: collect only strictly necessary data.
• Audit of accesses and use of GPS data.
• Implementation of a DPIA before implementation.
• Ongoing training for managers and staff on their obligations and rights.

6. Risks and penalties for improper use

• Fines under the AVG: up to €20 million or 4% of annual turnover.
• Invalid evidence in employment courts: dismissals based on unannounced tracking can be overturned.
• claims by employees or unions.
• Inspections by FPS WASO in case of non-compliance with labor regulations.
• Deterioration of the working environment and damage to the company's reputation.

7. Differences between Flanders and Wallonia?

There are no legal differences: the AVG and the 2018 Belgian law apply across the country. However, there are cultural nuances:

• In Flanders, the emphasis is on work regulations and prior consultation.
• In Wallonia, reference is often made to the doctrine of the French CNIL and the right of disengagement.

Both regions share the same core principles: transparency, proportionality and consultation with the employee.

GPS legal, yes, but use wisely

Geolocating workers in Belgium is a useful and legally feasible tool, provided it is applied in a proportionate and transparent manner.

To avoid conflicts, a company should:

• Clearly define the purposes of GPS use
.
• Respect working hours and personal privacy
• Consult with staff and their representatives
• Draft clear rules and communicate them correctly

Geolocation technology can increase productivity, safety and efficiency. But when used incorrectly, it can lead to penalties, conflict and loss of trust.

And what about Done-it?

Systems such as Done-it.app offer solutions that balance legality and functionality. Instead of constantly tracking, Done-it activates the GPS only during clocking in and out or when the employee is on the road for work, thus complying with proportionality and respecting privacy outside working hours.

This allows companies to improve their operations without overdoing it, and employees know that their personal time is protected.