Our Website Uses Cookies 

We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.

For more information, please contact us or consult our Privacy Notice.

Your binder contains too many pages, the maximum is 40.

We are unable to add this page to your binder, please try again later.

This page has been added to your binder.

For over 25 years, our specialist EMEA team based in Brussels, Frankfurt, London, and Johannesburg have advised multinational companies on national and regional data privacy laws. Our multi-lingual lawyers, provide a “one-stop shop solution” with practical advice that is informed by deep knowledge of various local requirements and experience of dealing with regulators across the region, including advising clients on the implications of Schrems II. We advise a number of clients on building globally compliant privacy programs and policies that address the Protection of Personal Information Act (POPIA) and UK Data Protection Regime, as well as emerging frameworks in Brazil, India, and elsewhere.

We maintain an established network of local counsel that we can use to advise on privacy and data security issues in a multitude of international markets, if needed.

We have particular expertise in advising companies in the software, technology, life sciences, financial services, energy, manufacturing, and publishing sectors, and regularly advise in the following areas:

  • International data transfers – including transfers of personal data using Binding Corporate Rules (BCRs), model contracts and taking advantage of exemptions.
  • Online compliance, eprivacy and cookies, including advising on cutting-edge adtech issues as well as drafting privacy policies and compliance materials.
  • Data breaches – advising on and assisting with data breach notification requirements, including liaising with regulators and managing reputational risks.
  • Investigations – including representing clients in internal, regulatory, and criminal investigations into data and cyber-related issues
  • Legislative and regulatory advocacy – advising on the growing number of data privacy laws emerging and developing across the region,
  • New uses of data – advising tech, pharmaceutical and other companies in relation to new services that involve increased use of personal data and analysis of "Big Data."
  • Employee issues – advising on international laws and regulations affecting employer rights to monitor employee Internet use, call recording and access to (and disclosure of) employee e-mail.
  • Adtech – advising social media, e-commerce and other companies on all aspects of the adtech landscape including ad serving, tracking and measurement, and data analytics, licensing and commercialization strategies.