Meeting Recording Laws in Europe: A Country-by-Country Guide for 2026

Recording meetings has become a standard productivity practice. AI-powered transcription tools make it easier than ever to capture discussions, extract action items, and maintain an accurate record of what was agreed. But in Europe, where privacy rights are deeply embedded in law and culture, pressing "record" is never as simple as it sounds.

Every European country has its own rules about when and how you can record conversations, and getting it wrong can lead to criminal charges, not just civil penalties. This guide breaks down the legal landscape across seven key European countries, so you can record meetings with confidence and stay on the right side of the law.

Disclaimer: This article is for informational purposes only and does not constitute legal advice. Laws and their interpretation can change. For decisions affecting your business, consult a qualified legal professional in the relevant jurisdiction.

The GDPR Foundation

Before diving into country-specific laws, it's important to understand that the General Data Protection Regulation (GDPR) applies across the entire European Economic Area. Meeting recordings contain personal data (voices, names, opinions) and are therefore subject to GDPR regardless of which country you're in.

Under GDPR, you need:

• A legal basis for processing (typically consent or legitimate interest)
• Transparency: participants must know they're being recorded and why
• Purpose limitation: recordings should only be used for the stated purpose
• Data minimization: don't record more than necessary
• Storage limitation: delete recordings when no longer needed
• Security: protect recordings from unauthorized access

GDPR sets the floor. But individual countries layer additional requirements on top, especially regarding consent. That's where things get complicated.

Country-by-Country Breakdown

Belgium

Consent type: Two-party consent for private conversations

Belgium's approach to recording is rooted in Article 314bis of the Belgian Criminal Code, which prohibits recording private communications without the consent of all participants. Violations can result in imprisonment of six months to one year and fines.

However, the practical reality for business meetings is more nuanced. The Belgian Data Protection Authority (formerly the Belgian Privacy Commission) recognizes that in a professional context, legitimate interest under GDPR Article 6(1)(f) can sometimes serve as a legal basis for recording, provided certain conditions are met:

• The meeting is professional in nature, not a private conversation
• Participants are informed before recording begins
• The recording serves a documented legitimate purpose (minutes, compliance, training)
• A balancing test confirms the employer's interests don't override participants' rights

That said, the safest approach in Belgium is always to obtain explicit consent. Simply announce that the meeting will be recorded and its purpose, and give participants the opportunity to object. For virtual meetings, this can be done at the start with a verbal statement on record.

Practical tip: Belgian companies operating in both the Flemish and Francophone regions should provide recording notices in both Dutch and French to ensure genuine informed consent.

Netherlands

Consent type: One-party consent generally sufficient

The Netherlands takes a comparatively permissive stance. Under Dutch law, a participant in a conversation may generally record it without notifying the other parties. This is because Dutch criminal law (Article 139a of the Wetboek van Strafrecht) only prohibits the recording of conversations by people who are not participants.

However, GDPR still applies. The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) has issued guidance clarifying that even if one-party consent makes recording legal, you still need a valid GDPR basis for processing the data. In practice, this means:

• If you're a participant, you can legally record without informing others
• But to use that recording for a business purpose (storing transcripts, sharing with colleagues), you need either consent or legitimate interest under GDPR
• The AP recommends transparency as best practice, even when not strictly required by criminal law

For workplace meetings specifically, the AP has noted that employers should have clear policies. Covertly recording meetings and using the recordings against colleagues can create employment law issues, even if the recording itself was technically legal.

Practical tip: While Dutch law permits one-party consent, informing participants builds trust and strengthens your GDPR position. It's a small effort with significant legal and relational upside.

France

Consent type: Strict two-party consent

France has some of the most protective privacy rules in Europe when it comes to recording. Article 226-1 of the Code pénal makes it a criminal offense to record private conversations without the consent of all parties. Penalties are severe: up to one year of imprisonment and a €45,000 fine.

The French data protection authority (CNIL, Commission nationale de l'informatique et des libertés) has issued extensive guidance on workplace recording. Key points include:

• Recording workplace meetings requires informing all participants and obtaining their consent
• Employees cannot be compelled to consent; consent must be freely given
• Employers must demonstrate a proportionate purpose (note-taking alone may not be sufficient justification for audio recording if written minutes would serve the same purpose)
• Works councils (CSE, Comité Social et Économique) must be consulted before implementing systematic recording practices

CNIL has been particularly active in enforcement. In recent years, several companies have been fined for recording employees without proper consent or transparency.

Practical tip: In France, documentation is everything. Before recording any business meeting, prepare a written notice explaining the purpose, legal basis, retention period, and participants' rights. Distribute it before the meeting and keep records of consent.

Germany

Consent type: Very strict two-party consent

Germany has arguably the most privacy-conscious legal culture in Europe, shaped by historical experiences with surveillance under both Nazi and East German regimes. This cultural DNA is reflected in stringent recording laws.

§201 of the Strafgesetzbuch (StGB), the German Criminal Code, makes it illegal to record the "non-publicly spoken word" of another person without their consent. Penalties include up to three years of imprisonment. Even possessing or distributing an unlawfully made recording is a criminal offense under §201.

Beyond criminal law, Germany's workplace recording landscape involves additional stakeholders:

• Works councils (Betriebsrat) have strong co-determination rights under the Works Constitution Act (Betriebsverfassungsgesetz). Introducing meeting recording technology typically requires works council approval. This can be a lengthy negotiation process.
• Data protection officers (DPOs) are mandatory for most German companies, and they must be consulted on recording practices.
• State-level data protection authorities (Landesdatenschutzbehörden) can vary in their interpretation, adding another layer of complexity.

Germany's Federal Commissioner for Data Protection (BfDI) has repeatedly emphasized that meeting recording must be proportionate. If the purpose can be achieved with less intrusive means (such as manual note-taking) recording may not be justified.

Practical tip: If your organization operates in Germany, involve your works council and DPO early. Create a formal recording policy (Betriebsvereinbarung) that covers all scenarios. Do not assume that what's permissible in other EU countries will be accepted in Germany.

United Kingdom

Consent type: One-party consent

Despite leaving the EU, the United Kingdom maintains a robust data protection framework through the UK GDPR and the Data Protection Act 2018. For recording, the key legislation is the Regulation of Investigatory Powers Act 2000 (RIPA), which permits a person to record a conversation they are party to without informing the other participants.

The Information Commissioner's Office (ICO), the UK's data protection authority, provides guidance that aligns with GDPR principles:

• Recording is lawful if you are a participant in the conversation
• For business recordings, you should still inform participants as a matter of good practice and to comply with data protection principles
• Recordings made for personal use fall under the "domestic purposes" exemption and are largely unregulated
• Systematic workplace recording requires a privacy impact assessment and appropriate policies

The UK's approach is pragmatic. While one-party consent is the baseline, the ICO expects businesses to be transparent about recording practices and to have proper data handling procedures in place.

Practical tip: Post-Brexit, data transfers between the UK and the EU require adequacy decisions or standard contractual clauses. If you're recording meetings with UK participants from an EU country (or vice versa), consider where the recording data is stored and processed.

Spain

Consent type: One-party consent for participants

Spanish law permits a participant in a conversation to record it without informing the other parties. This principle has been affirmed by the Spanish Constitutional Court (Tribunal Constitucional) in multiple rulings, which have held that recording your own conversations does not violate the right to privacy (Article 18.3 of the Spanish Constitution).

The Spanish Data Protection Authority (AEPD, Agencia Española de Protección de Datos) applies GDPR requirements on top of this baseline:

• One-party consent allows the recording, but using that recording for business purposes still requires a GDPR-compliant legal basis
• Employers implementing systematic meeting recording need to inform employees through their privacy policy
• Recordings cannot be used for purposes beyond what was stated. Repurposing recordings for performance evaluation when they were collected for note-taking, for example, would violate purpose limitation

Practical tip: Spanish labor law also comes into play. While recording is broadly permitted, using recordings in employment disputes requires that the recording was made by a participant and that it's relevant to the matter at hand. Courts have occasionally excluded recordings made in bad faith.

Italy

Consent type: One-party consent if a participant in the conversation

Italy's approach is similar to Spain's. Under Italian law, a person who is party to a conversation may record it without the consent of other participants. This principle has been upheld by the Italian Supreme Court (Corte di Cassazione) in multiple decisions, distinguishing between lawful participant recording and unlawful eavesdropping by third parties.

The Italian Data Protection Authority (Garante per la protezione dei dati personali) applies GDPR requirements and has issued guidance specific to workplace recordings:

• Participant recording is permitted under criminal law, but GDPR transparency requirements still apply when recordings are used for business purposes
• Employers must include recording practices in their privacy notices under Articles 13 and 14 of GDPR
• Systematic recording of workplace conversations triggers the requirement for a Data Protection Impact Assessment (DPIA)
• Italy's implementation of the ePrivacy Directive adds additional rules for electronic communications

Practical tip: In Italy, be particularly mindful of the distinction between internal meetings and calls with external parties. Recording a call with a client or partner carries additional obligations under telecommunications law.

Summary Comparison Table

Practical Compliance Checklist

Regardless of which country you operate in, following these steps will keep you on solid ground:

1. Inform before you record. Even in one-party consent countries, transparency strengthens your legal position and builds trust. Announce recording at the start of every meeting.

2. State your purpose. Explain why you're recording: meeting minutes, action item tracking, compliance documentation. Be specific.

3. Document consent. Keep a record of how and when participants were informed. Calendar invites with recording notices, verbal announcements captured in the recording, or written acknowledgments all work.

4. Create a recording policy. Establish a company-wide policy that covers when recording is permitted, how recordings are stored, who has access, and when they are deleted.

5. Set retention limits. Don't keep recordings indefinitely. Define retention periods (e.g., 30 or 90 days) and automate deletion.

6. Restrict access. Limit who can access recordings and transcripts. Apply the principle of least privilege.

7. Handle data subject requests. Be prepared to fulfill access, correction, and deletion requests under GDPR. Know where your recordings are stored and how to locate specific data.

8. Conduct a DPIA. If you record meetings systematically across your organization, a Data Protection Impact Assessment is likely required under GDPR Article 35.

9. Review cross-border implications. If your meetings involve participants from multiple countries, apply the most restrictive rules. A meeting between a German and a Dutch participant should follow German consent requirements.

10. Choose tools that minimize risk. The tool you use to record and process meetings matters enormously. Cloud-based recorders introduce third-party processing, cross-border data transfers, and data security risks, each adding compliance complexity. Tools that process audio locally on your device eliminate these issues entirely, because the data never leaves your control.

Why Local Processing Simplifies Compliance

One thread runs through every country's rules: the more control you have over the data, the simpler compliance becomes. When you use a cloud-based meeting recorder, your audio travels to third-party servers, often outside Europe. This triggers cross-border transfer rules, requires Data Processing Agreements, and introduces risks you can't fully control.

Local processing changes the equation. When transcription happens entirely on your device, there's no third-party processor, no cross-border transfer, and no risk of your data being used for AI model training. You remain both the controller and the processor of the data, which is the simplest possible GDPR architecture.

MeetMemo was designed around this principle. Built in Belgium with European privacy values at its core, MeetMemo uses Apple's WhisperKit to transcribe meetings entirely on your Mac. Your audio never leaves your device, regardless of which European country you're in. This means one less compliance headache in a landscape that already has plenty.

Whether your meetings are subject to Germany's strict two-party consent or the Netherlands' more permissive one-party rules, the data handling side of the equation stays clean when everything stays local.

Final Thoughts

European meeting recording laws are not uniform, but they share a common thread: respect for privacy and informed consent. Understanding the rules in your jurisdiction, and the jurisdictions of the people you meet with, is not optional. It's a professional obligation.

The good news is that compliance doesn't have to be burdensome. Inform your participants, document your practices, choose privacy-respecting tools, and apply the most protective standard when in doubt. That approach will serve you well across borders.

Bookmark this guide, share it with your team, and revisit it as regulations evolve. The landscape will continue to develop, but the fundamentals (transparency, consent, and data minimization) are here to stay.