The team at DORDA Rechtsanwälte GmbH frequently represents clients before the Austrian data protection authority and the Federal Administrative Court in matters of data protection, advising on issues around cookies, data retention and GDPR disputes. Managing partner Axel Anderl jointly heads the team, advising on data aspects of IT and outsourcing projects in addition to GDPR compliance. Alongside him is the ‘very flexible, pragmatic and solution-oriented’ practice co-head Nino Tlapak, who handles IT security matters and assists clients in the event of data breaches, with further expertise in cloud agreements. Alexandra Ciarnau co-heads the firm’s digital industries group, adding experience in the fields of AI and digitalisation in addition to her focus on e-commerce and consumer protection.

Knyrim Trieb Rechtsanwälte OG leverages its ‘extensive experience and expertise’ to advise clients on GDPR compliance, including in projects undertaken by clients in the automotive and pharmaceutical sectors in addition to acting for government bodies. Founding partners Rainer Knyrim and Gerald Trieb cover the gamut of data protection matters, appearing frequently before the Austrian data protection authority and the Administrative Courts on matters ranging from misuse of personal data to issues stemming from data breaches. Lena Urban advises on data protection matters tied to EU laws and offers further expertise in consumer protection law.

Baker McKenzie Rechtsanwälte LLP & Co KG‘s advises an array of clients in the technology and digital spheres on matters of data protection and security, including defending against claims of customer data misuse under both Austrian and EU legislation. ‘Excellent lawyer’ and practice head Lukas Feiler has a strong track record before Austria’s data protection authority and courts, including the ECJ, concerning clients’ use of their customers’ data, while also providing support in relation to projects that require data processing and storage. Maximilian Raschhofer handles administrative and criminal proceedings centred on data matters, including disputes around data protection and outsourcing for clients in the tech and health sectors.

Cerha Hempel delivers ‘practical solutions’ in the field of data protection, advising clients on their responsibilities around cross-border outsourcing, data transfer and cloud computing projects, while also representing clients in actions before the Austrian data protection authority and the courts pertaining to data breaches. Team head Hans Kristoferitsch offers his clients a ‘pragmatic approach’ to data protection, assisting international clients on the rollout of new mobile apps and other matters that concern handling of customer data, while also advising on GDPR compliance and contentious EU law cases. Armin Schwabl, who is also admitted in New York, advises on regulatory data protection matters, while Boris Treml supports businesses in implementing GDPR, carrying out data risk assessments and IT outsourcing projects.

GEISTWERT‘s partner-only practice provides ‘extremely fast and efficient advice’ at the intersection of data protection and IP, handling international data transfers, IT projects and data protection aspects of corporate transactions. The team, consisting of Constantin Kletzer, Juliane Messner, Max Mosing, Alexander Schnider and Rainer Schultes, also acts for clients facing hearings before the Austrian data protection authority and the courts, assisting with issues concerning user data disclosure requests and GDPR matters. The firm’s client base is comprised of companies ranging from digital media and pharmaceuticals to leisure and public bodies, whom it also advises on digital projects and initiatives including the launch of new customer programmes and services.

At Schoenherr (Schönherr Rechtsanwälte), the data protection practice straddles both Austrian and EU data protection law, with extensive experience assisting clients on GDPR compliance and data security issues tied to international transactions. Under the leadership of the ‘fantastic’ Günther Leissler, the practice group has achieved notable successes before Austria’s data protection authority and the courts in matters concerning the processing of user data, cookies and data analysis, among other issues. Veronika Wolfbauer left the firm in February 2024.

Wolf Theiss Rechtsanwälte GmbH & Co KG‘s team handles the full spectrum of data protection issues, with expertise that includes both advisory and contentious GDPR matters, in addition to assisting clients with ongoing data security measures and acting for them in response to data breaches. Practice head Roland Marko represents a number of high profile clients in both the traditional and social media sectors before the Austrian data protection authority in claims concerning potential GDPR breaches and questions over the handling of user data, with further knowledge of IT outsourcing projects, e-commerce regulations and cloud computing. Paulina Pomorski is noted for her skill in data privacy litigation, while Phillip Wrabetz specialises in advising the digital media and life sciences sectors on data protection matters.

A key pillar of Binder Grösswang‘s data protection practice lies in new technologies, where the firm advises on digitalisation processes and e-commerce matters. On both fronts the team has experience in acting for clients ranging from startups to multinationals on contentious proceedings before Austria’s data protection authority as well as advisory matters, including compliance with regulatory regimes. The team is led by Ivo Rungg, whose practice covers the digital sector, and Angelika Pallwein-Prettner, who advises employers on data protection and privacy compliance.

CMS Reich-Rohrwig Hainz Rechtsanwälte GmbH leverages its international presence to advise major clients across a range of sectors, including retail, automotive and media, on data protection matters both within Austria and in cross-border contexts. Practice head Johannes Juranek brings ‘great knowledge’ of GDPR compliance to bear and also represents clients before the Austrian courts, while Klaus Pateter, who joined the firm as partner in January 2023, specialises in assisting technology companies with data matters.

Compliance advice, data transfers linked to transactions and data privacy litigation all fall under the remit of E+H Rechtsanwälte GmbH‘s data protection team, which acts for household names in the automotive and IT sectors, among others. Leading the team is Andreas Zellhofer, who specialises in matters covering aspects of data protection, IT and IP law, with further expertise in unfair competition issues. Helmut Liebel ‘brings a unique technical understanding’ of data protection to the practice, and also advises on IP and IT matters.

KWR Karasek Wietrzyk Rechtsanwälte GmbH strengthened its data protection practice with the December 2022 arrival of Beatrice Blümel from the Austrian data protection authority, who heads the firm’s new technology and digitalisation group and assists clients in the event of data breaches. The team advises on trade secrets and e-privacy matters, handling ongoing IT projects and GDPR compliance. The team is jointly led by Anna Mertinz, who has extensive experience at the intersection of data protection and employment law, and Barbara Kuchar, who represents clients in the wake of data breaches and is also noted for her work on trade secrets.

SAXINGER Rechtsanwalts GmbH‘s team of ‘highly skilled’ data protection lawyers acts for clients seeking to undertake data transfers and ensure compliance with GDPR, while continuing to occupy a strong niche in advising public bodies on data protection matters. 2023 saw changes to the practice group’s leadership, with former co-head Philipp Reinisch moving to Fieldfisher Rechtsanwälte GmbH & Co KG‘s new Vienna office in July 2023, and with data and IT security specialist Philipp Leitner stepping into the breach. Co-head Michael Pachinger utilises his ‘deep legal knowledge’ to support clients in data privacy matters and is also well versed in matters pertaining to IT, telecoms and e-commerce law.

Taylor Wessing enwc Rechtsanwälte GmbH‘s clients receive ‘top-notch advice’ across the spectrum of data protection and privacy matters with the firm advising on GDPR compliance and assisting with ongoing monitoring and development of clients’ data handling structures. ‘Seasoned practitioner’ and team head Andreas Schütz advises his roster of clients from the IT, telecoms and food sectors on complying with data protection regulations and handling data breaches, while Christopher Bakier focuses on data protection provisions tied to IT projects, cloud computing and the healthcare sector, among others.

In addition to supporting clients with the implementation of GDPR measures, DLA Piper Weiss-Tessbach Rechtsanwälte GmbH also assists them in the wake of cyberattacks, actions before the Austrian data protection authority and in matters concerning sensitive data, including medical records. Practice head Sabine Fehringer is an experienced IT specialist and also handles data aspects of M&A transactions, while Stefan Panic provides assistance with telecoms law alongside data protection matters.

Eversheds Sutherland Rechtsanwälte GmbH has notable ‘depth of competence’ in the data protection arena, assisting clients with matters arising under Austrian and EU law, including providing support on GDPR compliance. Georg Röhsner leads the team, providing ‘invaluable’ advice on cybersecurity and all aspects of broadcasting law. Manuel Boka acts for clients at the intersection of new technology and data protection issues, with a particular knowledge of the IT and healthcare sectors. ‘Always quick to provide a direct and practical solution,’ Michael Röhsner advises clients on GDPR matters in addition to assisting with issues concerning the use of cookies and e-commerce.

Described as ‘fantastic in every aspect,’ GRAF ISOLA frequently handles data protection matters in conjunction with broader instructions including M&A transactions and competition disputes, advising on data transfers and GDPR implementation. Practice co-head Marija Križanac ‘provides excellent data protection advice’ with deep expertise in GDPR matters and significant experience in data-related litigation. Alongside her, co-founding partner Ferdinand Graf is admitted to the New York State Bar.

Bringing together ‘in-depth know-how with broad experience,’ Herbst Kinsky Rechtsanwalte GmbH assists clients in ensuring they are GDPR-compliant, while also representing them before the Austrian data protection authority and national courts. The team additionally handles the data protection aspects of M&A deals and due diligence processes. The ‘outstanding’ Sonja Hebenstreit spearheads the firm’s data protection work with particular expertise in the life sciences sector, handling the spectrum of data protection matters in addition to licensing and unfair competition work.

Jank Weiler Operenyi leverages its position as part of Deloitte’s international network to service cross-border data protection matters, advising a broad range of sectors, including IT, healthcare/life sciences and banking, on GDPR implementation and other data handling procedures. The ‘very reliable’ Sascha Jung leads the team, covering data privacy, IP/IT and licensing matters.

KPMG Law - Buchberger Ettmayer Rechtsanwälte GmbH acts for clients seeking to ensure their data protection processes are in line with the latest regulations, providing GDPR compliance advice and also assisting with IT matters with potential data exposures, including cloud computing and licensing deals. Karin Bruchbacher continues to lead the group, having been promoted to partner in January 2023, acting for both state-owned and private bodies in relation to the gamut of data protection matters. Hannah Kercz focuses on data protection litigation.