Data Protection & Privacy

Brass padlock on brown medal fence.

Do you have questions related to data protection & privacy? Contact us to hear more about your options.

Today's almost limitless digital possibilities enable companies to collect, store, use and share vast amounts of information about individuals. Most businesses handle personal data in a manner that requires internal policies, agreements, intra-group agreements, guidelines and website policies. Further, companies are increasingly exchanging data with foreign companies, either as suppliers or as customers, in a corporate relationship, or in connection with transactions. Such data exchange is often subject to specific data protection rules on cross-border transfer of personal data.

Our data protection and privacy team advices businesses on the legal developments within the areas of data protection and privacy. We advise clients on data protection compliance and issues related to the EU's General Data Protection Regulation (GDPR). We provide advice and follow-up assistance when companies experience data breach incidents. We assist in developing and putting in place robust control and security routines, consent mechanisms, privacy policies, agreements, etc. We consider notification duties as well as applications and requirements for data protection officers. Furthermore, we provide advice on all forms of dialogue and disputes with the authorities, hereunder the Privacy Appeals Boards. We have extensive experience with cross-border transfer of personal data, both within corporations and in connection with outsourcing and cloud services, including drafting of transfer impact assessments. We assist with data processing agreements based on EU Standard Contractual Clauses (SCC) and Binding Corporate Rules (BCR).

Our services include:

  • Cloud computing, outsourcing and use of sub-processors

  • Cross-border transfers of personal data (Schrems II, EU's SCC, and BCR etc.)

  • Data processing agreements

  • Privacy and cookie policies

  • Acting as external data protection officer

  • Licenses from and notifications to the authorities

  • Consent mechanisms

  • Customer loyalty programs

  • Customer loyalty programs

  • Guidelines for employees concerning the use of smartphones, email and social media

  • Access to email, chain of custody and eDiscovery

  • Privacy clauses in employment agreements

  • Privacy clauses in IT contracts

  • GDPR within Fintech, Biotech, Proptech, Adtech, Medtech, Retail, Insurtech, Edtech and Cleantech/Greentech