After further investigation it seems you are right though that exclusions can be introduced for:
* national security;
* defence;
* public security;
* the prevention, investigation, detection or prosecution of criminal offences;
* other important public interests, in particular economic or financial interests, including budgetary and taxation matters, public health and security;
* the protection of judicial independence and proceedings;
breaches of ethics in regulated professions;
* monitoring, inspection or regulatory functions connected to the exercise of official authority regarding security, defence, other important public interests or crime/ethics prevention;
* the protection of the individual, or the rights and freedoms of others; or
the enforcement of civil law matters.
At least in the Netherlands, I believe a system like this has been in operation for nearly a decade already. This is of course the only way to do "trajectcontrole" ("average speed checking").
(note: there are more exceptions, like the royal family and the prime minister, but I couldn't find a good article pointing this out)
And of course, the same system is used to catch people with unpaid government bills (started with just tax bills, but has since been expanded).
Interesting aside: the government itself, of course, refuses to pay it's bills on time, instead having legislated that 2 months payment delay (and in some municipalities more) is all that can be expected of government. And of course, in any payment dispute with the government, private individuals and companies have no such options for redress. If you are 1 day late with your taxes however, you can be arrested and imprisoned, anything belonging to you can be impounded and sold with no recourse and of course extra charges for you.
Police have access to the database of all car plates seen anywhere on the system, and have of course been caught abusing this data, as well as using it in many cases where there was no justification, as determined by a judge afterwards. Needless to say, there is zero news on consequences for any police officer for these for some reason.
The system of ANPR (Automated Number Plate Recognition) is also used in Belgium. But the maximum retention period for ANPR data is 30 days. Storing this data for an unlimited period is illegal by Belgian law.
"Bewaartermijn
Indien de opgenomen beelden geen bijdrage kunnen leveren tot het bewijzen van een misdrijf,
schade, overlast of tot het identificeren van een dader, een verstoorder van de openbare orde,
een getuige of een slachtoffer, dan mogen deze maximaal 30 dagen bewaard worden (De
Schepper, 2014). Wanneer de beelden wel bijdrage leveren in voornoemde gevallen, dan
mogen deze langer bewaard worden en dienen ze neergelegd te worden ter griffie. In dit geval
gelden de termijnen van het verval van de strafvordering. De beelden hebben dezelfde
bewijswaarde als een getuigenverklaring (De Paepe et al., 2012)."
It seems to me utterly unrealistic that the police actually upholds this law. It never, ever happens that a complaint is correctly fired within 30 days and these images are occasionally reported to be used. The "griffie" is not involved until there is an actual complaint, so those images or data from them is no way deposited there. Furthermore, any action at the griffie will inform the accused, which the police doesn't want to happen in almost any case until they're ready.
This may be law, but it's ignored by law enforcement. I guarantee it. This is totally unrealistic.
Article 23 enables Member States to introduce derogations to the GDPR in certain situations.
Member States can introduce exemptions from the GDPR’s transparency obligations and individual rights, but only where the restriction respects the essence of the individual’s fundamental rights and freedoms and is a necessary and proportionate measure in a democratic society to safeguard.
After further investigation it seems you are right though that exclusions can be introduced for: * national security; * defence; * public security; * the prevention, investigation, detection or prosecution of criminal offences; * other important public interests, in particular economic or financial interests, including budgetary and taxation matters, public health and security; * the protection of judicial independence and proceedings; breaches of ethics in regulated professions; * monitoring, inspection or regulatory functions connected to the exercise of official authority regarding security, defence, other important public interests or crime/ethics prevention; * the protection of the individual, or the rights and freedoms of others; or the enforcement of civil law matters.