Data privacy and data protection in Netherlands

Bird & Bird

Bird & Bird excels in handling complex regulatory and advisory data protection matters, including cross-border compliance and emerging technologies. The team regularly advises on international data transfers, data compliance, and blockchain issues for large tech companies. Regulatory enforcement also falls within the scope of the practice. Berend Van Der Eijk and Wilfred Steenbruggen both lead the practice, with van der Eijk handling clients that rely on technology and data for their businesses as well as fintech companies. Steenbruggen was promoted to partner in 2023 and advises both international clients and start-ups on regulatory issues. Chloë Baartmans and Shima Abbady are also noted for assisting with all data-related issues.

Praxisleiter:

Berend van der Eijk; Wilfred Steenbruggen


Weitere Kernanwälte:

Chloë Verschoor; Shima Abbady


Referenzen

‘Very knowledgeable about relevant developments in different industries.’

‘It is a pleasure to work with Wilfred, he understands our business and our challenges and really tries to come up with pragmatic and compliant solutions ’

‘Business-minded advice and creative solutions. ’

Kernmandanten

Bridgestone


Teva Pharmaceuticals


Adyen


Substack


Discord


Nuts Groep


Viaplay


DocuSign


WeTransfer


European Commission


Domino’s Pizzas


Epson


adidas


Coloplast


Sdu


Delta Energie


Elastic


Highlight-Mandate


  • Advising Teva Pharmaceuticals as DPO on daily data protection law compliance.
  • Appointed by the European Commission to advise on international data transfer mechanisms as well as on its ground-breaking European Blockchain Services Infrastructure (EBSI) project.
  • Advising a leading global payment provider on data protection law compliance and wider data regulation, including artificial intelligence.

Brinkhof

Brinkhof continues to excel in the field of data privacy and data protection, representing key tech clients in enforcement proceedings and investigations by the Dutch Data Protection Authority, as well as appeals against its decisions. The team also handles GDPR matters and other regulatory issues for a variety of sectors including financial services, healthcare, pharmaceuticals, platforms, and TMT companies. Clientele includes major US technology platforms, which the firm advises on complex enforcement matters. Practice head Quinten Kroes is a key contact in this area for many notable clients. Remon van Saane is key to the team assisting in a wide range of data protection matters. Media expert Remy Chavannes handles issues that span both privacy and media law, while Dorien Verhulst is a specialist in lawful interception. Manon Oostveen is also noted.

Praxisleiter:

Quinten Kroes


Weitere Kernanwälte:

Remy Chavannes; Dorien Verhulst; Remon van Saane; Manon Oostveen


Referenzen

‘Brinkhof’s team is excellent. They are thought leaders in their space, and our trusted advisors on privacy.’

‘Quinten Kroes is the stand-out partner. He’s wicked smart, very available, and gives sharp and to the point advice. I highly recommend him.’

‘What makes the team exceptional is that in addition to being data privacy experts, they boast vast knowledge of both civil and administrative procedural law: combined with the experience and strategic thinking of the partners, Brinkhof really is the go-to firm for privacy litigation. I feel that I can always trust the advice that Brinkhof delivers.’

Kernmandanten

Google


VoetbalTV


DPG Media


T-Mobile


RTL


PwC NL


LYNX


Duchenne Parent Project (and associated Duchenne initiatives)


ERIKS


Highlight-Mandate


  • Represented VoetbalTV in litigation against the fine imposed by the Dutch DPA regarding the legal basis under the GDPR for its filming and online distribution of amateur football matches – obtaining the first court ruling in the Netherlands completely annulling a GDPR fine.
  • Advising Google on various matters including the data protection impact assessment undertaken on behalf of the national government and subsequent negotiations regarding the potential use of Google’s various cloud services by government bodies and other public sector users.
  • Representing DPG Media in its objections and subsequent appeal against a €525,000 fine imposed by the Dutch DPA for its policy of requiring data subjects to submit a copy of their IDs if they sought access or removal of their personal data.

De Brauw Blackstone Westbroek

The go-to team for larger and complex data protection matters‘, De Brauw Blackstone Westbroek is an expert in handling high-risk privacy and cybersecurity issues. The team focuses largely on public and private enforcement, regularly assisting clients with investigations and litigation. Follow-on mass claims civil litigation, data infringement, and cybersecurity incident responses are particular strengths of the group. Clients typically include multinational technology companies and online platforms. Geert Potjewijd leads the practice together with Axel Arnbak. Potjewijd specialises in complex multidisciplinary litigation and regulatory enforcement, while Arnbak is an expert in both privacy and cybersecurity matters. Arjan Kleinhout adds public law knowledge to the practice, and Mirjam van Dam assists in high-stake litigation.

Praxisleiter:

Geert Potjewijd; Axel Arnbak


Weitere Kernanwälte:

Arjan Kleinhout; Mirjam van Dam; Svetlana Yakovleva;Emma Üstünalp; Jonathan de Geus; Justyna Niemczyk


Referenzen

‘De Brauw’s data protection team is absolutely the go-to team for larger and complex data protection matters. They master the subject matter and work closely with the litigation and mass claims team and as such they are excellently equipped to advise and litigate on data protection class actions. ’

‘On data protection I’ve mainly worked with Axel Arnbak. He is a seasoned and well known data protection lawyer and an amazing sparring partner. He is not only well aware of the latest trends in his field, he also has excellent in-depth knowledge of legal background, political sensitiveness, historic laws and cases etc. Regardless how complex the subject matter is, Axel masters the skill of explaining this in a super clear manner and quickly spots the sensitive topics.’

‘Due to the portfolio of clients and the legal (court) cases the team is involved in, it has a very good oversight of what is happening in the privacy field.’

Kernmandanten

Salesforce, Inc.


Meta Platforms, Inc.


Uber Technologies, Inc.


TikTok Technology Limited


Public Interest Litigation Project (PILP)


Highlight-Mandate


  • Acted as the lead counsel and trusted advisor for TikTok in a collective action initiated by three competing Dutch claim vehicles on behalf of TikTok users for alleged infringements of European data protection and consumer protection laws.
  • Acted as counsel for Meta in mass claims litigation for alleged data protection violations related to its social media platform Facebook.
  • Acted as lead counsel for Uber before Dutch courts in a landmark case and potential follow-on litigation about access to personal data, related information about automated decision making and the right to data portability under the GDPR.

Hogan Lovells International LLP

The data privacy and cybersecurity practice at Hogan Lovells International LLP is led by Joke Bodewits, who is praised for her expertise in privacy regulations. Bodewits advises on both European and global data compliance projects, data governance strategies, and cybersecurity matters. The firm is known for its strong life sciences and health care sector advice, but also advises IT, technology, and large corporations on their data privacy issues. It also routinely advises on cross-border mandates. Working closely alongside Bodewits is Chantal van Dam who is well-versed in the fields of data protection and cybersecurity. Van Dam has actively been supporting global clients with company and personal data issues related to acquisitions and sale of companies.

Praxisleiter:

Joke Bodewits


Weitere Kernanwälte:

Chantal van Dam


Referenzen

‘Easy to communicate with and to-the-point practical advice. ’

‘The team is incredibly privacy aware and has a very good knack for explaining the privacy requirements in a non-legal way. Team also adapts very fast to our everchanging business set up to give us the best guidance in privacy matters.’

‘Hogan Lovells really are leading in the field of privacy, cyber incident response and tech; they are always up to date. They have excellent contacts with law makers, are commercially astute and can be counted on when you really need them’

Kernmandanten

Booking.com


Insulet


Wolters Kluwer


Zimmer Biomet


Amylyx Pharmaceuticals


AEGON


PVH


Zoho


Highlight-Mandate


  • Assisting Booking.com with strategic advice on its data privacy and governance, and use and optimisation of data, including personal data, on a day-to-day basis.
  • Assisting Insulet with strategic advice on data protection compliance matters.
  • Advising PVH on data protection, ePrivacy, and cybersecurity matters.

Kennedy Van der Laan

Kennedy Van der Laan is well-versed in administrative enforcement law and data protection law, allowing it to advise on a range of contentious and non-contentious privacy issues. The firm excels in assisting clients in the financial, logistics, telecommunications, entertainment, and healthcare sectors. The team routinely undertakes investigations and enforcement proceedings carried out by data protection regulators both locally and internationally and recently formed a 24/7 incident response team. Hester de Vries, Quirine Tjeenk Willink, Rosalie Brand, and Judica Krikke all jointly chair the practice. De Vries handles issues at the forefront of data protection such as AI, open data, platforms for data sharing, and adtech. Litigator Tjeenk Willink is an enforcement law specialist, Brand was promoted to partner in 2023 and mainly supports clients with cybersecurity incidents. Krikke focuses on complex digital transformation processes, IT and cloud outsourcing issues. Elise Troll was appointed counsel in 2023 and advises on data protection particularly in relation to telecoms.

Praxisleiter:

Hester de Vries; Quirine Tjeenk Willink; Rosalie Brand; Judica Krikke


Weitere Kernanwälte:

Elise Troll


Referenzen

‘Kennedy Van der Laan’s team is uniquely positioned to provide world-class advise. They can leverage experience build up over the past 20 plus years and have a large team with legally, technically and commercially savvy players, not only at partner level. ’

‘Elise Troll is definitely on the rise. She is super smart, always available, very practical, comes with creative and out of the box solutions and is fun to work with. She is strong on both content and relationship. ’

‘The privacy lawyers of Kennedy Van der Laan have thorough knowledge of the GDPR and the Dutch Uitvoeringswet AVG. They are easily approachable and often provide direct support.’

Kernmandanten

Meta Platforms Ireland


Sonos Inc.


Schiphol Group


TNT/FedEx


UNSense


Stichting BKR


Northwave


Translink Systems B.V.


Azerion


Stichting Aidsfonds – Soa Aids Nederland


Highlight-Mandate


  • Advised on a matter including a vast ransomware attack on an IT provider in Canada providing services to many market investigation bureaus, processing a vast amount of personal data of very many large companies.
  • Advising Northwave on various issues including  notification obligations to the Dutch Data Protection Authority, Authority Financial Markets, National Cyber Security Centre and other supervisory authorities, customers and data subjects, ransom payments and liability claims.
  • Assisted Stichting BKR with legal proceedings against the Dutch Data Protection Authority (AP). The AP imposed a fine of €830,000 on Stichting BKR for alleged violation of the GDPR – the district court lowered the fine to €668,000.

Pels Rijcken & Droogleever Fortuijn NV

Pels Rijcken & Droogleever Fortuijn NV is a stand-out firm for data protection and privacy, with broad coverage including litigation and advising on technologies including artificial intelligence. The practice is known for its skills in advising clients within the public sector but also excels in advising private sector clients. As a result of this the team often advises on data exchange arrangements between entities governed by both private and public law. Gerrit-Jan Zwenne and Marte Van Graafeiland both co-lead the privacy and data protection team. ‘Top authority‘ on data protection Zwenne has extensive experience in a number of data protection issues including AI, biometrics, blockchain, sensor data, and other upcoming technologies. Van Graafeiland is especially knowledgeable on public sector data privacy and protection issues, advising a range of ministries to local authorities and regulators.

 

Praxisleiter:

Gerrit-Jan Zwenne; Marte Van Graafeiland; Meine Dijkstra; Jeroen Naves


Referenzen

‘This team has done outstanding work in the area, and does a lot to build communities among their clients such as data protection officers by organising expert meetings and knowledge events about the latest developments in the field.’

‘I’ve known Gerrit-Jan Zwenne for a long time as an academic and a lawyer. He has a can do mentality. His critical approach of supervisory authorities and his solid advice all make him stand out. He is extremely knowledgeable and competent as well as communicative.’

‘The uniqueness lies with Gerrit Jan-Zwenne. He is hands down the top authority on data privacy and data protection. True expertise shows if someone is able to explain it in a simple and effective way. No fuss no uncertainty, just practical advice and guidance with a business lens.’

Kernmandanten

Data Privacy Stichting (DPS)


Stichting Bescherming Privacybelangen (SBP)


Stichting Consumers United in Court (CUIC)


Surfshark Incogni


Infomedics


Ministry of Justice and Security


Ministry of Economic Affairs


Ministry of Foreign Affairs


Ministry of Education


Ministry of Public Health


Parliament (Tweede Kamer)


Highlight-Mandate


  • Represented the Data Privacy Foundation (Data Privacy Stichting) in the first major Dutch class action case against Meta Inc. for multiple serious infringements of data protection law, which the team subsequently won.
  • Represented the Environmental Protection Agency in summary proceedings started by Tata Steel in IJmuiden and subsequently won the case. The Agency had installed video cameras to monitor Tata Steel’s compliance with environment law. Tata Steel argued that such cameras disproportionally harmed its employees’ privacy and consequently their privacy rights were unlawfully violated.
  • Advised Ministry of Education on Google Educational Services Product on its (mandatory) data protection impact assessments, performed by the privacy consultancy Privacy Company. It showed that these products and services were not fully compliant with the GDPR.

Van Doorne

Van Doorne focuses on contentious data protection matters including high risk and multijurisdictional issues. The team has handled numerous high profile data breaches for its clients as well as enforcement actions, class actions, and mass claims, as well as a full spectrum of non-contentious regulatory work. Practice head Elisabeth Thole  handles the full gamut of data privacy issues; she is supported by Özer Zivali  who specialises in contentious data protection matters and is well-versed in handling cross-border data breaches and enforcement mandates.

Praxisleiter:

Elisabeth Thole


Weitere Kernanwälte:

Özer Zivali


Referenzen

‘Elisabeth Thole – a powerhouse who is extremely good content wise but also to bring together people and make things happen. It is always a pleasure working with her.’

‘They’re above standard knowledge in their knowledge of data privacy and data protection. Their ability to swiftly address potential risks and actions to be necessary taken.’

‘Elizabeth Thole and her team demonstrated a vast knowledge of the actions to be under taken when needed to. Hands on advice and taken a lot out of our hands, so that we could concentrate on managerial actions to be taken.’

Kernmandanten

Achmea / InShared


Ahold (Koninklijke Ahold Delhaize)


Ascend


Atradius


GGD GHOR


Havenbedrijf Rotterdam (Port of Rotterdam)


IDEXX


TU/e – Eindhoven University of Technology


Xior


Highlight-Mandate


  • Assisted GGD GHOR with the investigation of the Dutch DPA in relation to a widely reported data breach in the Netherlands related to systems used for Covid-19 testing, source-and-contact tracing, and vaccination in the Netherlands.
  • Assisted IDEXX with various cross-border GDPR related matters.
  • Assisted the Eredivisie with an important GDPR compliance related matter.

A&O Shearman

Clients of A&O Shearman include both Dutch corporations and large multinational companies who require comprehensive advice on their data privacy and data protection issues. The practice also handles numerous cybersecurity incidents and issues, as well as cross-border work. Nicole Wolters Ruckert chairs the practice, she advises on the full gamut of data privacy issues including both compliance and enforcement processes. Marleen Huisman and Marleen Van Putten are core members of the team with the former assisting e-commerce platforms in data privacy and the latter handling the crossroads of IP and data protection.

Praxisleiter:

Nicole Wolters Ruckert


Weitere Kernanwälte:

Marleen van Putten; Marleen Huisman


Referenzen

‘Nicole Wolters Ruckert is an authority on privacy and data monitzation issues in particular. Her knowledge of technology makes her a pleasant discussion partner for the business and ensures that advice is not only theoretically correct but also consistent with practice. She is also a very pleasant person to work with, never afraid to go the extra mile and very easy to reach. ’

‘Dedicated, always available, committed’

‘Great team, easy to work with and outstanding knowledge of their subject matter.’

Kernmandanten

LeasePlan


DSM


Highlight-Mandate


Loyens & Loeff

Loyens & Loeff covers a notable range of data protection and privacy issues from representing clients in court before the Data Protection Authorities for data beaches to advising on the GDPR and other key topics such as the data issues concerning M&A deals, AI, e-health, and wearables. The firm combines its expertise from other practice areas to give fully rounded advice to clients in projects and are especially adept at handling the intersection of life sciences and healthcare with data privacy. Practice head Kim Lucassen is ‘highly experienced in all fields of privacy and data protection‘ and regularly advises on both contentious and non-contentious data issues. She is supported by Nina Orlić who assists tech and e-commerce companies with data compliance, data transfers, data infrastructure, and outsourcing. Céline Van Waesberge  left the firm in May 2023.

Praxisleiter:

Kim Lucassen


Referenzen

‘Great diverse and collaborative team headed by the knowledgeable Kim Lucassen. Well organised and works efficiently. ’

‘Kim Lucassen is knowledgeable and highly experienced in all fields of privacy and data protection, from solid litigation advice to coordinating a global data breach. Great to work with. ’

‘Everyone I have worked with from Loyens & Loeff are always willing to assist with any possible problem and always trying the achieve the best possible outcome.’

Kernmandanten

AstraZeneca Pharmaceuticals LP


Banco Santander S.A. / Santander Consumer Finance S.A.


Bol.com


Colosseum Dental Group


Jan Linders Supermarkten B.V.


Keensight Capital


Laced Europe Ltd


Pharmaceutical Research Associates Group B.V.


Stichting Hartwig Medical Foundation (HMF)


Tata Communications Netherlands B.V.


Highlight-Mandate


  • Represented PRA NL in a dispute concerning the ownership of personal data under Dutch law, focusing on trial-related documents and the GDPR.
  • Advised Laced on a range of subjects, including privacy and data protection, including the establishment of a setup for its European expansion ensuring its terms and conditions complied with relevant European and Dutch consumer laws and GDPR.
  • Advising Banco Santander on a regular basis on data protection related matters, including  a dispute concerning a negative credit registration and the right to be forgotten.

Project Moore Advocaten

Boutique firm Project Moore Advocaten specialises in the field of data protection and privacy, typical work includes data breaches, cross-border data transfers, and data compliance. The team has been increasing its capabilities with regards to M&A-related privacy advice and litigation disputes. The arrival of Céline van Waesberge from Loyens & Loeff in June 2023 has greatly bolstered the practice. Van Waesberge is well-respected for her data privacy expertise and has strengthened the firms ability to assist life sciences and healthcare clients with all their data-related issues. Eva Visser is a expert in IT and data protection and leads on technology and data-driven transactions. Lieneke Viergever regularly advises local business media companies on data privacy issues, while Jeroen Koëter handles a range of IT and data privacy disputes and advisory work.

Weitere Kernanwälte:

Céline van Waesberge; Eva Visser; Lieneke Viergever; Jeroen Koëter


Referenzen

‘Great firm, they are able to make complex information understandable and are always thinking along. I enjoy working with them a lot.’

‘I worked with Lieneke Viergever and she is extremely flexible, always available and accommodating the requests. Skilled individual, prepared and quick in understanding business needs and how to better protect/ help it. ’

‘I would like to express my appreciation to the exceptional team at Project Moore Advocaten, a dynamic practice group specialising in the field of privacy and data protection. I believe that the team is clearly a front runner in the field of data privacy law. One of team’s key qualities is the wealth of expertise its members bring to the table. Its professionals possesses a profound understanding of data protection laws and regulations, coupled with a profound awareness of the latest industry developments.

Kernmandanten

Radboud University Medical Centre


Dutch National Police


The Dutch Ministry of Justice and Security


The Employee Insurance Agency (UWV)


Custodial Institutions Agency (DJI)


Curio


Crisp


Nikon Corporation (Japan) and Nikon Holdings Europe BV


ASML


KLM Royal Dutch Airlines


Transavia Airlines


Mitsubishi Logisnext Europe


Picnic


Kickstart AI


Highlight-Mandate


  • Advising Radboud University Medical Centre on its collaboration with the Michael J. Fox Foundation for participation in the Global Parkinson’s Programme (GP2) to combat the disease.
  • Advised Crisp on the crucial data protection elements of its January 2023 acquisition of meal box supplier De Krat.

CMS

The team at CMS is sought out by clients to help with incident response and management. The team has worked on numerous high-profile cyber incidents and continues to assist major cyber insurers. Erik Jonkman leads the privacy and cybersecurity practice lading on key cyber incidents and data breaches. Simon Sanders and Edmon Oude Elferink are also key names in the team.

Praxisleiter:

Katja van Kranenburg-Hanspians; Erik Jonkman


Referenzen

‘Erik Jonkman not only is very experienced, but also brings a lot of enthusiasm for his profession. He always finds a solution for the problem. ’

‘The team consists of lawyers with extensive knowledge of cyber incidents. they switch very quickly in the event of a cyber incident and know how to bring in the right experts in the field of a cyber attack where the need arises at the time. Their own focus is on breach of personal data and how to secure it, recover it or take further action on it’

‘Erik Jonkman has a great knowledge of cyber incidents and how to guide the initial process in case of a new cyber incident. His is also specialist in the loss of personal data and the GDPR ’

Kernmandanten

ASR


KNVB


Primark


SkyShowtime


AIG


Beazley


Chubb


Accor


Arcelor Mital


Lemonade


citizenM


I-SEC International Security


Kubota


ID Logistics


Corten Capital


Highlight-Mandate


  • Advising AIG on cyber security incidents and data breaches for AIG cyber insureds.
  • Advising Chubb on cyber security incidents and data breaches for Chubb cyber insureds.
  • Advising Beazley on cyber security incidents and data breaches for Beazley cyber insureds.

Dentons

Dentons assists international and Dutch companies with a slew of cross-border privacy and cybersecurity issues. The team has been increasingly involved with matters involving emerging legislation, such as the use of non-personal data. Clients of the firm largely come from technology, finance, hotel, retail and manufacturing sectors. Rosemarie Schaar is particularly knowledgeable on IT contracts and data protection issues in the finance services industry.

Weitere Kernanwälte:

Rosemarie Schaar


Referenzen

‘They provide prompt and practical solutions, always taking in consideration the business side of the issue and therefore balancing the various needs under a business and legal point of views. I trust them and I really enjoy working with them.’

‘Dentons Data privacy and data protection practice has a very strong global reach and that is necessary with such a practice as data tends to travel without borders.’

‘The care and individual attention we get is what matters the most. Their thorough in depth understanding of our business, the commercial model and the industries we serve make that this is and continuous to be an invaluable extension of our team. ’

Kernmandanten

Aegon


Analog Devices


CNA Hardy


DuckDuckGo


Feld Entertainment


Foot Locker


ING Bank


Mattr (f/k/a Shawcor)


Palta


Payconiq


Playa Hotels & Resorts


Prisma AI


Saphyre


SkyKick


Sonder


Stichting 113


Tella


The Social Hub


Unibail-Rodamco Westfield


Valvoline


WebMD


Highlight-Mandate


  • Advised DuckDuckGo on a variety of data protection and e-commerce matters, including in respect of the global launch of its subscription bundle.
  • Advising Foot Locker on managing a consistent EU data privacy framework as well as on various e-commerce matters.
  • Advising ING Bank on the renewal of its binding corporate rules.

Eversheds Sutherland

Olaf Van Haperen leads the data privacy practice at Eversheds Sutherland . The firm regularly advises on regulatory data privacy and protection issues, as well as handles cybersecurity matters such as data breaches. Clientele range from TMT companies to data centres, science institutions, and healthcare insurers. Van Haperen is an expert in IP, IT, privacy and cybersecurity issues, combining his knowledge of these sectors to advise technology and science-driven clients. Robbert Santifort assists a range of clients with matters involving personal data, data processing, and data breaches. Also noted is Judith Vieberink who aids with cybersecurity incident responses and the intersection between IT and data privacy.

Praxisleiter:

Olaf van Haperen


Weitere Kernanwälte:

Robbert Santifort; Judith Vieberink


Referenzen

‘Eversheds’ Dutch privacy team is strongly connected to their international privacy and tech colleagues and is able to provide cross-border advise and documentation to support fast-growing international organisations. ’

‘The team is able to translate the applicable regulations to our specific business. Robert Santifort in particular has been willing to act as sparring partner to help me fine tune my own ideas.’

Kernmandanten

Cyrus One


Unilever


Shell


ESET


Adidas


Getir


Microsoft


Paypal


Zorgverzekeraars Nederland


Kering Group


Everest Re


Gibson Brands


Cognizant


EPAM


Aegon


Zorginstituut Nederland


ORTEC


Experian


Highlight-Mandate


  • Advised GETIR on the transfer of customer data after the acquisition of Gorillas.
  • Advised Aegon on a large cross border re-insurance deal involving portfolios with large amounts of personal data.
  • Represented Zorgverzekeraars Nederland in an important legislative procedure including data protection assessments.

Freshfields Bruckhaus Deringer

The data and cyber group at Freshfields Bruckhaus Deringer sits as part of the wider dispute resolution practice; the team advises on data compliance projects, data incidents, transactional work involving data, and regulatory issues. The Amsterdam-based group works closely with its wider international practice to assist in a range of cross-border data-related issues. Financial institutions are key clients of the firm. Mark Egeler heads up the group focusing on data protection, e-privacy, compliance, and data governance issues as well as data-heavy transactional matters.

Praxisleiter:

Rutger Kleemans; Mark Egeler


Kernmandanten

ICTS NV


Macromill


MetrixLab


RELX Group


CVC Capital Partners


Advent International


Hexion


The Goldman Sachs Group, Inc.


Essent NV


Getir


Highlight-Mandate


  • Advising Macromill on its sale of MetrixLab to the leading global insights technology and panel provider Toluna.
  • Advising a major technology company on various proceedings in front of the responsible supervisory authority including the implementation of the requirements of the new data and technology regulations in the EU and in the world.

Greenberg Traurig LLP

Greenberg Traurig LLP advises a range of clients, including notable entities in the technology and public sectors. The team routinely handles matters involving the GDPR, data compliance, and cybersecurity threats. Practice head Herald Jongen specialises in IT outsourcing, data protection, and complex transactions and is supported by Nienke Bernard who mainly assists the Dutch state and education sector in data privacy issues. Emre Yildirim and Wouter van Wengen are also key to the team.

Praxisleiter:

Herald Jongen


Weitere Kernanwälte:

Nienke Bernard; Emre Yildirim; Wouter van Wengen


Referenzen

‘Greenberg Traurig is very responsive and delivers on time at any request.’

‘Easy going, open minded people. Specialists for different topics.’

‘The ability to execute based on recent knowledge and experience and advise clients in a fast and pragmatic way on topics of privacy.’

Kernmandanten

State of the Netherlands (Ministry of Defence)


State of the Netherlands (Ministry of Justice and Security)


State of the Netherlands (Ministry of Education & Science)


SURF


SIVON


Athora Netherlands N.V.


Anonos, Inc.


Detailresult


Messagebird B.V.


Bioforum


European Stability Management (ESM)


Highlight-Mandate


  • Assisted the State of the Netherlands on their landmark deal with AWS to enable government-wide use of their cloud services.
  • Assisted Athora Netherlands N.V. on a major outsourcing deal involving insurance portfolios and IT services.
  • Advising Anonos, Inc. on their data embassy tool’s compliance with the data protection rules.

Houthoff

Regulatory enforcement and litigation alongside data compliance and privacy advice are all handled by the data team at Houthoff. The team sits within the IP and IT practice and has been increasingly working on issues such as profiling, automated decision-making, and representing clients before the European Data Protection Supervisor (EDPS). Chairing the practice, TMT expert Thomas de Weerd handles both privacy and cybersecurity issues. Jurre Reus is key to the practice, he focuses on tech and platform-related data issues and is also particularly adept at matters involving mobility and automotive industries. Nicole Bilderbeek advises clients on the GDPR.

Praxisleiter:

Thomas de Weerd


Weitere Kernanwälte:

Jurre Reus; Nicole Bilderbeek


Referenzen

‘The team shows a high level of knowledge both in automotive and the juridical field. They know what is happening in the automotive sector in the Netherlands and in Europe. Not only do they give answers and advice, they have an added value in supporting our business processes.’

‘Jurre Reus is highly valued senior associate who makes the perfect match between European and local privacy law. He always reacts promptly to our requests and he is always willing to go for the extra mile. He thinks further than only answering the questions and challenges us with his in depth questions. ’

‘The Houthoff team is comprised of real professionals. We have a very short line to contact them and to discuss eventual information related to an specific case. We built a very good working relationship with them and I see them more as real colleagues than as an external partner. They take every single case very serious. ’

Kernmandanten

Marktplaats (part of Adevinta)


2dehands.be (part of Adevinta)


Schiphol Airport


Kia Nederland


Royal VolkerWessels


Ola Cabs


Renault Groupe and Renault Nederland


RDW (national Vehicle Licensing Authority)


Hyundai Motor Netherlands and Hyundai Motor Europe


Ford Nederland and Ford Motor Corporation


Goodix Technology


Huawei Digital Power Technologies


Volvo Car Corporation


Tesla Motors


Polestar Automotive


XPeng


Pensioenfonds Detailhandel


Nebu (part of Enghouse Systems)


InShared (part of the Achmea group)


MOCS


Highlight-Mandate


  • Advised Marktplaats and 2dehands.be on ‘DAC7’ (EU Directive 2021/514), an EU Tax Directive which imposes strict requirements on online platforms to report user activity on their platforms to the Tax Authorities.
  • Represented Ola Cabs (its Dutch subsidiary Ola Netherlands B.V.) in a case of three London app drivers invoking their data protection rights to get personal data and other information from Ola Cabs before the Amsterdam Court of Appeal.
  • Representing an individual in complaints proceedings with the Brussels’ European Data Protection Supervisor (EDPS) regarding the handling of an access request and the alleged unlawful processing of personal data by Europol.

NautaDutilh

The Benelux-based data protection and cybersecurity team at NautaDutilh primarily handles data protection compliance issues, advising its local and international clients on data privacy matters that often cross over into other practice areas such as finance and employment. Other than advisory work, the team also handles data protection litigation such as contentious data subject rights requests and issues involving sensitive personal data. TMT specialist Joris Willems leads the practice focusing on IT outsourcing, data monetisation, and cyber security. Terrence Dom, Sarah Zadeh, Danique Knibbeler, and Anke Holtland all assist with the full range of data privacy matters.

Praxisleiter:

Joris Willems


Weitere Kernanwälte:

Terrence Dom; Sarah Zadeh; Danique Knibbele; Anke Holtland


Kernmandanten

ABN AMRO Bank


American Express


ASR Nederland


ABN AMRO


Captin


CBRE Global Investors


Deloitte


Dynamic Credit


Ginkgo Bioworks


Prosus


HAL Investments


ING Bank


Irdeto


Knab Bank (Aegon Bank)


Keensight Capital


Levine Leichtman Capital


Lineage Logistics


Nationaal Park De Hoge Veluwe


NIBC


NPM Capital


Petrobras


Rabobank


RTL Group


Tata Consultancy Services


Triodos Bank (nu publishable)


Uber


International Card Services


Volksbank


Shell


Highlight-Mandate


  • Assisting ASR on all privacy and technology aspects of their acquisition of AEGON Nederland.
  • Advising Prosus on the launch of their PlusOne AI tool.
  • Representing the Association des Américains Accidentels (Accidental Americans Association) in a case before the Belgian, Dutch and Luxembourg tax authorities, data protection authorities, and the Luxembourg administrative courts regarding the transfer of personal data under the FATCA agreements.

Osborne Clarke

Osborne Clarke focuses its practice on technology, media, and telecoms sectors, enabling it to advise on online advertising and marketing, virtual and augmented reality, as well as e-commerce. The team advises large multinational technology companies on data protection issues as well as retail, healthcare, hotels, and leisure industries. The practice is led by Joanne Zaaijer, who is well-versed in many areas of data privacy including cross-border data transfers, GDPR compliance, implementing privacy policies, and telecom specific legal and regulatory data issues. Senior associate Dewi Harkink joined the firm in April 2023 from Van Iersel Luchtman Advocaten and combines his specialist knowledge in IT with data privacy and data protection.

Praxisleiter:

Joanne Zaaijer; Coen Barneveld Binkhuysen


Weitere Kernanwälte:

Dewi Harkink


Referenzen

‘Dewi Harkink has thorough knowledge of all privacy related matters and is able to provide practical advice in a swift and efficient manner.’

‘The team members strive to understand our technology and business in detail. Joanne Zaaijer is a great professional who combines excellent knowledge of data privacy, a sense of urgency, flexibility and a practical approach to legal advice. ’

‘I have worked with Joanne Zaaijer from this team and I really appreciated her pragmatic approach on GDPR. She can explain very clearly what GDPR entails and how this should be translated into our daily practice.’

Kernmandanten

Meta (previously Facebook)


Google


Henkel


HEMA


Adidas


Sonos


Weight Watchers


Cairn


Baxter


Oaky


Levi9


Highlight-Mandate


  • Assisting Meta with a wide variety of matters on a continuous basis, mainly in relation to Facebook, Instagram and general advertising matters.
  • Advising Google Ireland Ltd. on the Digital Services Act and updates on a regular basis on the local implementation of the Omnibus Directive and the effect it has on Google’s services in the Netherlands.
  • Advising Henkel on data protection law, including providing training to its employees who are responsible for certain processing operations, advice in the event of data breaches, assessing its data processing role with third party vendors and assisting with the review and negotiation of data protection agreements.

Stibbe

Stibbe mainly advises clients on data compliance regulations and ensuring that clients can keep up-to-date with new legislative requirements. The team assists the firms’ finance, employment, and administrative law practices with data privacy and data protection aspects of their work. Cyber insurance is also a notable focus of the practice. Team lead Nynke Brouwer is a specialist in cyber security and cyber insurance issues, she handles advisory and contentious work for clients such as insurers, brokers, healthcare, and public authorities. Frederiek Fernhout is also noted.

Praxisleiter:

Nynke Brouwer


Weitere Kernanwälte:

Frederiek Fernhout


Kernmandanten

The Dutch State


KLM


Qaring


CIP


BDO


Highlight-Mandate


  • Advised APG on data protection issues regarding vitality of employees
  • Advised TNO on data protection issues regarding sick absence of employees, including the use of complex anonymization techniques.
  • Advised the Dutch State on data protection issues, e.g. the DPIA, regarding new legislation on levying toll.

Turing Law

Recently established boutique firm Turing Law has continued to grow in the data privacy space focusing on international and national companies in the public sector, advising on GDPR compliance, contract reviewing, data transfers, and data security. The firm merged with an IT specialist firm Lawrence Privacy (Due Diligence) & Tech, welcoming  Jeroen van Woezik to the team in August 2023, bringing specific expertise on data privacy in relation to M&A transactions. The team is jointly led by Huub de Jong and Tom de Wit who both assist on a range of complex privacy mandates. Also key to the team are Marijn Rooke who mainly assists healthcare clients with data privacy issues and Corine d’Hulst who assists with privacy contracts.

Praxisleiter:

Huub de Jong; Tom de Wit


Weitere Kernanwälte:

Jeroen van Woezik; Marijn Rooke; Corine d’Hulst; Esmée Fonville; Moo Miero


Referenzen

Turing advocaten is a great firm that really understands the needs of a major IT-company and  their agility and fast pacing resourcefulness have been detrimental. Tom de Wit is a great and unique lawyer that can quickly disentangle a very complex situation. Especially navigating the complex regulatory field makes him an ideal partner to your organisation.

‘A young, dynamic and highly specialist IT focused law firm. They offer a valuable combination of excellent legal expertise and a commercial business mindset. Huub de Jong is a well respected authority in privacy who provides valuable advise on complex privacy issues that my client faces.’

‘Immensely knowledgeable team, which operates smoothly with and alongside our legal team. Corine is absolutely a star; she’s very responsive and goes out of her way to service our needs.’

Kernmandanten

Zorg van de Zaak Netwerk


Nederlands Centrum Jeugdgezondheidszorg


Patiëntenfederatie Nederland


Ministry of Education, Culture and Science


Meerdervoort


NovaCair


Actiz


Cerba


The Next Web (Financial Times)


Zuyderland Medisch Centrum


Stichting CJG Rijnmond


Stichting verslavingsreclassering GGZ (SVG)


Deutsche Leasing


WeTransfer Supporting Act


AWVN


Twise Victory Publishing (Oei, ik groei / Wonder Weeks)


Highlight-Mandate


  • Representing a client in an investigation by the Dutch supervisory authority into a high profile case.
  • Assisting a large software supplier with a privacy due diligence for the acquisition of a health care platform that supports collaboration between professionals within the healthcare sector.
  • Advising on responsible secondary use of health data of more than one million people for statistical and research purposes.

bureau Brandeis

Specialist dispute resolution and prevention firm bureau Brandeis handles a mix of contentious and non-contentious data protection mandates. Collective actions and other litigation issues are also a focus for the practice, which has a track record of work in areas such as telecoms. Vita Zwaan and Christiaan Alberdingk Thijm jointly lead the team.

Praxisleiter:

Vita Zwaan; Christiaan Alberdingk Thijm


Weitere Kernanwälte:

Jacob van de Velde; Sarah Stapel; Silvia van Schaik; Minke Gommer


Referenzen

‘We mostly work with Vita Zwaan. We very much value Vita for — even in the most complex matters — being able to provide us with very pragmatic and accurate advice of the highest quality. Vita is very knowledgeable, which makes it very pleasant to work with her and easy to just quickly call her whenever we do not have a lot of time but still want to run things by her. Vita is also reliable and remains at our disposal 24/7 — even outside of business hours we can always count on her support if we need it. ’

‘Vita Zwaan is very knowledgeable, always available on short notice, and able to translate complex/abstract legal matters to others without legal background. Vita always looks for ways to enable our business needs and has guided (and regularly guides) us through setting up our customer loyalty programs and e-commerce ventures. ’

‘Bureau Brandeis has exhibited exceptional patience and a high level of expertise in GDPR matters. I’d like to highlight is their invaluable assistance in guiding us towards an inclusive approach to our privacy policies and protocols. Additionally, they have been instrumental in helping us navigate the complexities of GDPR within municipal and other governmental systems.’

Kernmandanten

Hartstichting


Pathé


Dutch Digital Agencies


Fieldlab Evenementen


NewBees


The Privacy Collective


Stichting Massaschade & Consument


Civinc B.V. and Stichting Civinc


Timelex


Studocu


Polarsteps


deBreij B.V.


Alfen


Marktplaats


Spotzer


Maxeda DIY Group


Highlight-Mandate


  • Represented Stichting Massachade & Consument in a case against TikTok before the District Court of Amsterdam in one of the collective damages actions based on the GDPR and the new Dutch collective claim regime.
  • Assisted Pathé with updating its internal and external privacy policies, taking into consideration its new business ventures, partnerships and corresponding processing activities, including a review of its privacy statements, data processing agreements and the register of processing activities.
  • Advised Studocu on the possibilities for commercial communication and advertising, taking into consideration recent decisions and case law regarding (behavioural) targeting and analytics.

Holla legal & tax

The privacy team at Holla legal & tax is based in ‘s-Hertogenbosch and has sector-specific expertise in e-sports, healthcare, recruitment, and public entities. The practice largely advises on GDPR issues and other data protection matters and is sought out for its skills in international data transfers. Kim de Bonth leads the team and combines her knowledge of IT contracting and data protection law to assist clients. Femmie Schets aids clients with international data transfers and advises on any potential data breaches.

Praxisleiter:

Kim de Bonth


Weitere Kernanwälte:

Femmie Schets


Referenzen

Holla’s data protection team is able to understand the privacy issue of the client in a short time and provide a good analysis of the options available to the client. Care is taken to provide realistic advice. The team is strong in analysing recent judicial decisions. The team investigated the interaction between the AI ​​Act and the GDPR.’

‘Femmie Schets is an ambitious lawyer with a broad knowledge of Privacy and GDPR regulations. Her way of working is characterized by quickly getting to the heart of the matter. She is able to report the results of her research in a compact paper. In consultation with the customer Femmie knows how to find the right tone and after her research she knows how to present her results in a convincing manner.’

‘From the initial contact they showed full comprehension on the matter at stake and were able, by focused questioning, to assess the situation, the context and it’s complexity at full. By doing so they differentiated from the competition who initially only responded with trivial replies. Even though the context of the case was quite complex they we’re able to make clear to all involved actors what would be required for each discipline and provided good advice to do so.’

Kernmandanten

MijnGemeenteDichtbij


Vitalis WoonZorg Groep


IFG Pensions Ltd (UK)


Celegence LLC / Qdossier B.V.


Talent Inc. / Imkey B.V. (‘Resume.io’)


Innovatie nul13 B.V.


Liquid Enterprises B.V. (‘Team Liquid’)


Kiwa N.V.


Ricoh Nederland B.V.


Enigma Distribution Benelux B.V. (‘Asmodee’)


OTTO Work Force B.V. and Kafra Vastgoed B.V.


Würth Elektronik Nederland B.V.


Forbo Flooring B.V. (‘Forbo Flooring Systems’)


Spotmaster B.V.


Brabant Water N.V.


Stichting PCOU Willibrord


TeleQare Europe B.V.


PIDZ Zorg B.V. / Qrabbl B.V.


Stichting BrabantZorg


Regionale Ambulancevoorziening Brabant Midden-West Noord.


Highlight-Mandate


  • Advised Talent Company Inc. on becoming GDPR-compliant. this included topics such as international data transfers, accountability, transparency and direct marketing.
  • Advised Celegence LLC on international data transfers. Holla performed the privacy scan for Celegence to understand Celegence’s data flows and organisational structure.
  • Assisted Innovatie nul13 with proceedings before the Dutch data protection regulator, the Dutch DPA. Successfully defended Innovatie nul13’s interest at the Dutch Authority.

Ploum

Ploum is sought-out by clients for its expertise in e-health data protection matters, regularly advising and assisting life sciences and health care companies with a slew of data and cybersecurity issues. The team is also adept at advising on marketing and e-commerce sectors, including issues relating to processing employee data and international data transfers. The privacy team is co-headed by Dennis Zieren and Dorine ten Brink who are well-versed in issues that span IT and data privacy including contracts and data transfers. Nina Witt is also noted for her knowledge on privacy in the health care sector.

Praxisleiter:

Dennis Zieren; Dorine ten Brink


Weitere Kernanwälte:

Nina Witt; Anamika Wilbrink


Referenzen

‘Each team member has his or her own expertise. So combined that makes a great team.’

‘They are familiar with our company and the way we work combined with up to date and in depth knowledge of the privacy laws & legislation.’

Kernmandanten

Codeless Technology B.V.


CleanLease B.V.


BovenMaas Prenataal B.V.


Young Perfect B.V. (Eatertainment)


Portbase B.V.


Hutchison Ports Delta II


Arbo Unie B.V.


Unit4


CACI B.V.


Highlight-Mandate


  • Assisted CleanLease B.V. with further mapping the data processing activities of its entities in the Netherlands and Belgium. The privacy team has updated and drafted various documents, such as the register of processing activities and several data protection policies, in order to ensure GDPR compliance.
  • Assisted BovenMaas Prenataal B.V. with how to handle patient files to be kept for years, in case a care institution would ever be dissolved.
  • Advised Portbase B.V. on several privacy matters, e.g., with regard to the use of a new data platform in which multiple parties (providers and users) are able to share and view data.

SOLV Advocaten

SOLV Advocaten is known for its internet and technology focus, assisting technology-driven clients such as software and e-commerce platforms with data protection and privacy issues. In particular the team handles a number of class actions in this space. The team is co-led by Douwe Linders and Wanda Van Kerkvoorden. Thomas Van Essen left the firm in March 2023.

Praxisleiter:

Douwe Linders; Wanda van Kerkvoorden


Weitere Kernanwälte:

Yentl van den Winkel


Kernmandanten

Jumbo Supermarkets


Catawiki


Holland Casino


Sanoma Learning


Multitankcard


Stichting ICAM


SOMI


Highlight-Mandate


  • Representing SOMI Foundation in a €1.4bn data privacy class action against TikTok.
  • Representing Foundation ICAM in a €3.2bn data privacy class action against the Dutch State.
  • Advising Multi Tank Card on GDPR related issues of Qrid, a platform for electric vehicle charging.

Taylor Wessing

As part of the wider technology and data practice, the data privacy team at Taylor Wessing is led by Otto Sleeking , who leads on IT-related data protection issues such as data processing agreements, security measures, and data transfers. The firm also handles data breaches and technology-related disputes. Complex cross-border issues are also a key area for the practice which assists a myriad of technology clients from start-ups to international companies. Martijn Loth excels in technology-related issues and assists with data protection regulatory compliance.

Praxisleiter:

Otto Sleeking


Weitere Kernanwälte:

Martijn Loth


Referenzen

‘I would strongly recommend Martijn Loth. Excellent lawyer who is always focused on rendering solid and pragmatic solutions. He is also an excellent litigator and negotiator and knows how to de-escalate disputes. ’

‘Small team, but very knowledgeable.’

‘Martijn Loth is an expert on both law and IT and therefore really pleasant to work with.’

Kernmandanten

Atradius


BYD


CM.com


Homefashion Group (Leen Bakker & Kwantum)


ING Bank N.V.


Kawasaki Motors Europe NV


Keylane


Lidl Nederland GmbH


Match Worn Shirt


Semmie


Sociale Verzekeringsbank


Sony


Technische Unie BV / Sonepar Group


Technische Universiteit Delft (TU Delft)


The NU


Vinted


Vizgen


Highlight-Mandate


  • Assisting ING Bank with an extensive project regarding the use of electronic signatures, eIDAS-compliance and related cybersecurity & data protection (and outsourcing) issues.
  • Assisted Sony with their acquisition of Beyond Sports, a data and AI company.
  • Advised a €10bn+ revenue corporate group active in the energy sector on a multi-jurisdictional data breach.

Vondst Advocaten N.V

Vondst Advocaten N.V assists with GDPR compliance, as well as related matters such as data privacy issues related to M&A deals, assisting clients with investigations that arise as well as data breach notifications. Innovative businesses make up a portion of the firm’s client base from sectors including retail, media and clinical research. Practice head Herwin Roerdink is experienced in data protection and online marketing matters, often lecturing on e-privacy law. IT specialist Polo van der Putt assists with issues involving new technology, while newly promoted partner Tineke van de Bunt is well-versed on GDPR compliance audits and M&A data privacy mandates.

Praxisleiter:

Herwin Roerdink


Weitere Kernanwälte:

Polo van der Putt; Tineke van de Bunt


Referenzen

‘A down to earth expert team that always delivers, cooperates, thinks along and is always available. What it differentiates from other legal companies is the personal touch due to it’s relatively small practice. Innovations have been in legal counselling.’

‘It is especially Herwin Roerdink that stands out for me. Knowledge translated to practice.’

‘Herwin Roerdink & Tinke van de Bunt: Great availability, very efficient, and always deliver on time.’

Kernmandanten

Funda


Dutch Postcode Lottery


StrausWolfs


Bergman Clinics


Credit Europe Bank


Shimano


Retail Unity


The DPO Center


Hunton Andrews Kurth (new referrer)