If you run a small business, you already know how quickly one “small” issue becomes a cash-flow issue: a sick call turns into a staffing scramble, a tense conversation becomes an HR file, a rushed decision becomes a lawyer’s letter. A recent ruling from the District Court of North Holland shows the same pattern in one clean line: an employer used private WhatsApp messages to justify a hard call, and ended up paying for the way those messages were obtained and used. 

Here’s what it was about. Two employees had fixed-term contracts. One used his private WhatsApp account via WhatsApp Web on a work laptop. A manager scrolled through private chat messages and took photos of them, then those photos were shared internally and used in a confrontation. The next day, the employer informed both employees by email that their contracts would not be extended. 

The judge’s ruling was not “people may gossip about colleagues.” The judge focused on something more operational: private WhatsApp content is, in principle, private, and the employer’s way of getting it and using it crossed the line. The court held that the employer acted seriously blameworthy, because the messages were accessed and deployed without a justified basis, and the non-extension decision flowed directly from that privacy breach. The result: a €2,000 gross “billijke vergoeding” (an additional fairness-based compensation in Dutch dismissal law) for each employee, plus a €1,278.41 transitievergoeding (statutory transition payment) for one of them. 

The practical warning for micro-entrepreneurs is uncomfortable precisely because it feels so ordinary. “It was on our laptop” is not a free pass. Even if a private chat is visible on a work device, photographing it, circulating it, and building an employment decision on it can turn a workplace conflict into a legal liability. And once you are in that lane, you are not just managing people, you are processing personal data, under rules that punish improvisation. 

So what do the numbers mean in daily management terms? €2,000 is not “big-company money,” but it is real money, especially when it’s multiplied, comes on top of legal time, and lands in the middle of an already stressed operation. The fix is not a 30-page policy. It’s a few disciplined habits: keep private communication off work accounts where possible; if you allow incidental private use, be clear that you still won’t go hunting through it; when something sensitive pops up, stop the reflex to screenshot and share; and if trust is broken, address the conduct you can prove cleanly without dragging private data into the room. In this case, even the employer’s counterclaim for a fixed damages payment was rejected, which underlines how quickly “we’ll claim it back” collapses when the foundation is shaky. 

There’s a calm takeaway here, not a paranoid one: privacy is not a luxury add-on. In small businesses, it is part of trust, and trust is part of continuity. You don’t need to become a compliance expert. You just need to treat private messages like you would treat someone’s wallet left on a chair: seeing it is one thing; opening it is another. Tighten that boundary, and you reduce risk, admin load, and the chance that a moment of irritation turns into a line item on your costs. 

Ruling Rechtbank Noord-Holland, 9 December 2025, ECLI:NL:RBNHO:2025:14641