act legal covers most of the largest European business centres
AmsterdamBratislavaBucharestBudapestFrankfurtMilanParisPragueSofiaViennaWarsaw

Regulatory / Advisory: Data Protection

GDPR has taken the digital audience by storm in 2018 and it continues to make headlines with spectacular data breaches, skyrocketing fines, and deadlocks like the Save Harbour-Privacy Shield-Schrems II maze of ECJ decisions. We are not new to data protection and our labour and digital lawyers have long prepared for the privacy a-ha moment. To this end, the last years have been very busy for our data protection lawyers.

We routinely complete GAP analyses within M&A or compliance exercises and implement the identified necessary measures with our partner IT experts. We are often engaged to conduct audits of certain processing activities or structure the data protection addenda to contracts dealing with data automation or transfer.
Our cross-border data transfer experts map the appropriate safeguards depending on the specifics of each case to mitigate the clients' potential legal and regulatory risks.
In case of large-scale processing or the introducing of new and privacy intrusive technologies, we take the client through the Data Impact Assessment flow-chart.
Our certified experts act as data protection officers for clients with intensive data processing activities.
We extend emergency advice, undertake the escalation and communication with authorities or data subjects/counterparties and recommend damage limitation and correction measures in the case of data breaches.
We draft consent pathways and propose legal design of data subjects' information rights in digital environments.
We advise our clients on the interplay of:

  • GDPR & AML
  • GDPR & MiFIDII
  • GDPR & PSD2
  • GDPR & eIDAS
  • GDPR & Clinical Trials Regulation
    We draft privacy policies and communication scripts for privacy purposes for clients from the e-commerce, logistics, consumer finance and health and telemedicine services sectors.
Knowledge
Key contact