Hall Of Fame

Firms To Watch: EU regulatory: Privacy and data protection

Founded in 2018, Antwerp-based boutique Artes focuses on technology and communications, data protection and cybercrime, and security issues. Nele Somers is the key senior contact.
Since May 2022, McDermott Will & Emery Belgium LLP has been rapidly developing its local privacy and cybersecurity offering, kickstarted by the recruitment of Rosa Barcelo from Squire Patton Boggs.

EU regulatory: Privacy and data protection in Belgium

A&O Shearman

A&O Shearman‘s ‘very skilled‘ data protection team focuses on four core areas – privacy advice and compliance work, managing the relevant aspects of transactions, cybersecurity issues including data breaches, and investigations brought by the regulators. Peter Van Dyck co-leads the practice, and also acts as head of the firm’s Belgian IP and IT groups. Filip Van Elsen, who oversees the global technology and TMT practices, is another senior name to note. Associate Sarah De Wulf joined from Stibbe in August 2022, shoring up the junior end.

Responsables de la pratique:

Peter Van Dyck; Filip Van Elsen


Autres avocats clés:

Sarah De Wulf


Les références

‘Broad high-quality knowledge and experience, top collaboration regarding different legal aspects within the firm, strengths of each lawyer put to effective use, clear and transparent communication.’

‘Thorough expertise, practical and efficient, professional and ethical conduct towards all concerned parties, focus on results but with respect to the means used, top availability and engagement. I have worked intensely with Peter Van Dyck, but also have experience with other partners and associates. The aforementioned applies to all.’

‘Very skilled team, easy to work with.’

Bird & Bird

The Brussels outpost of Bird & Bird‘s international data protection group regularly collaborates on cross-border mandates. Practice head Benoit Van Asbroeck is noted for his broad-ranging expertise, which spans issues relating to e-commerce, digital marketing, cloud computing, the Internet of Things, AI, 3D printing, cookies, electronic signatures, intermediary liability and automated objects. Hein Hobbelen has extensive experience representing clients before the European Commission and other sector regulatory authorities. The firm also offers a bespoke privacy consultancy arm through Bird & Bird Privacy Solutions.

Responsables de la pratique:

Benoit Van Asbroeck; Hein Hobbelen


Principaux clients

European Commission


Principaux dossiers


  • Advising the European Commission on the EU-funded SMART-BEAR project.
  • Advising the European Commission on the European Blockchain Sandbox project.

CMS

Recently, CMS has distinguished itself as a go-to counsel for cybersecurity incidents, attracting a growing number of businesses which have fallen victim to ransomware, DDoS and man-in-the-middle attacks. Other areas of strength include AI, the Internet of Things, and cross-border data transfers. Tom De Cordier oversees the dedicated team of data protection specialists, and is valued for his ability to leverage the firm’s global reach to assist with projects spanning multiple jurisdictions. Thomas Dubuisson is the name to note at senior associate level.

Responsables de la pratique:

Tom De Cordier


Autres avocats clés:

Thomas Dubuisson


Principaux clients

Meta


McCain


Yondr


STIB/MIVB


Principaux dossiers


  • Representing Facebook before domestic courts in proceedings brought by the Belgian Data Protection Authority for alleged infringements of EU and national rules on privacy protection regarding the use of cookies and pixels.
  • Advising McCain on the implementation of the GDPR requirements across the whole spectrum of its European operations.
  • Assisting Yondr, a young global company which helps businesses fund, design, deliver and operate their data center capacity and technical real estate, with the implementation of GDPR across all its operations globally.

Fieldfisher

With equal expertise in data protection and cybersecurity issues, Fieldfisher is noted for its ‘practical approach‘, arranging work across four broad privacy pillars – operational compliance, commercial and project-related advice, crisis management, and dispute resolution. Tim Van Canneyt and Olivier Proust jointly head up the technology and data department; the former is lauded as an ‘exceptionally bright and pragmatic lawyer‘, while the latter is noted for his expertise in advising companies of all sizes on their global privacy compliance programmes. In terms of sector specialisms, the team focuses particularly on the technology, finance, life sciences and energy industries.

Responsables de la pratique:

Olivier Proust; Tim Van Canneyt


Autres avocats clés:

Nathalie Poupaert


Les références

‘The practical approach to legal matters makes this firm very valuable.’

‘Tim Van Canneyt has extended expertise in many areas of privacy, including related topics. He is able to explain complex matters in pragmatic terms, always taking into consideration the needs of the client.’

‘Due to Olivier Proust’s professional, sound legal knowledge and pragmatic approach, we kept working together even when I changed companies.’

Principaux clients

Brussels Bar Association


Engie


Mediafin


Belgian Federation for Business Information (BFBI)


Telenet


Tricount


Bics


Billtrust


Euroclear


Teva


Principaux dossiers


  • Acting for Mediafin, editor of the financial newspapers De Tijd and L’Echo, in an enforcement case before the Litigation Chamber of the Belgian Data Protection Authority.
  • Appointed by Resmed as its external Data Protection Officer.
  • Providing data protection advice to Tricount, a group expense management app, in the context of its acquisition by Dutch fintech and neobank bunq.

Linklaters

Multinational companies turn to Linklaters for assistance with the full gamut of data governance projects; particular strengths include international data transfers, management of cybersecurity crises, implementation of cloud-based solutions, and compliance reviews. Tanguy Van Overstraeten heads up the firm’s global data protection practice, as well as overseeing the TMT offering locally. Guillaume Couneson is lauded by one client as ‘the absolute reference point for privacy and data in the Belgian market‘. The partners are supported by a strong bench of specialised practitioners, including managing associate Valérie Heremans and counsel Claudia Allatta.

Responsables de la pratique:

Tanguy Van Overstraeten


Autres avocats clés:

Guillaume Couneson; Valérie Heremans; Claudia Allatta; Garance Dekeyser


Les références

‘Guillaume Couneson really stands out in this area. Strong knowledge, very hard working and charismatic. He is extremely knowledgeable, very much available and reactive. He is the absolute reference point for privacy and data in the Belgian market.’

‘Holistic approach, very good knowledge of the clients’ business and needs. Fine negotiators in contract negotiations.’

‘Guillaume Couneson deserves recognition as being extremely technically competent in the underlying matters, in addition to of course being very knowledgeable in the legal landscape. He takes time and is great at understanding the business and can apply and explain the legal implications based on what is relevant to your business.’

Principaux clients

Nike


L’Oréal Group


Nu Skin International Inc.


DIGITALEUROPE


TIP Trailer Services


Kaneka Corporation


Principaux dossiers


  • Advising L’Oréal on a number of data protection matters.
  • Advising a Japanese multinational company on the framework of a data subject access request.

Timelex

The ‘outstanding legal team‘ at boutique Timelex is able to ‘navigate the complexities with ease‘. GDPR compliance projects and high-level privacy and data litigation are the core pillars of the practice, and the group is also regularly called on to assist European, national and regional governmental bodies with legislation preparation. Clients value the depth of the senior bench, which includes Jos Dumortier, Frederic Debusseré, Edwin Jacobs and Hans Graux. The firm also fields a strong roster of more junior experts; Ruben Roex is one such name.

Responsables de la pratique:

Jos Dumortier; Hans Graux; Geert Somers; Edwin Jacobs; Frederic Debusseré; Ruben Roex


Les références

‘Exceptional in-depth expertise in the area of privacy and data protection.’

‘Jos Dumortier is an internationally renowned expert in IT and data protection law. His colleagues Geert Somers, Hans Graux and Edwin Jacobs are also very experienced and have in-depth knowledge of privacy and data protection matters, as well as in the area of IT, which is a very valuable advantage.’

‘The team excels in several key areas. Their communication and collaboration are seamless, ensuring clients are well-informed. Their expertise in IT, IP, privacy, and data protection is impressive, offering robust legal support. They handle procedures and disputes with finesse. Overall, Timelex is a reliable choice for comprehensive legal services in the realms of IT, IP, privacy, and dispute resolution.’

Principaux clients

European Commission


Belgian Government


Komatsu


TVH Parts Holding


Luminus


Galapagos


AgomAb Therapeutics


Ansell


DEKRA


Immoweb


Immobel


The Riverside Company


Circet


Hydrogen Europe


International Association of Internet Hotlines (INHOPE)


Irish Council for Civil Liberties


Principaux dossiers


  • Assisting Komatsu with its global GDPR compliance.
  • Representing Luminus in legal proceedings before the Belgian Data Protection Authority.
  • Advising Ansell on international data transfers and privacy by design for new technology for smart gloves.

Wilson Sonsini Goodrich & Rosati

Household names from the full gamut of industry sectors instruct the privacy and cybersecurity team at Wilson Sonsini Goodrich & Rosati to advise on all issues related to the use of data globally. GDPR compliance, strategic counselling, breach management, data transfer strategies, and representation before authorities are all strengths. Key contact Cédric Burton is ‘adept at leading his team in providing strategic advice‘. In June 2023, Yann Padova joined the Brussels office from Baker McKenzie in France; he now splits his time between the two jurisdictions, and is particularly focused on representing clients before the French authorities.

Responsables de la pratique:

Cédric Burton


Autres avocats clés:

Yann Padova; Laura De Boel; Nikolaos Theodorakis


Les références

‘Wilson Sonsini are quick to understand a business’ needs and objectives. They give strategic advice in a style that can be easily conveyed directly to the business.’

‘All team members are super responsive and give succinct, to-the-point legal advice.’

‘Cédric Burton is adept at leading his team in providing strategic advice.’

Principaux clients

First Orion Corp.


Legend Biotech USA, Inc.


Mastercard International and Mastercard Europe


Shopify


Signifyd


Trüata


TuneIn


Wattpad Corp.


Principaux dossiers


  • Instructed as lead global data protection counsel for Mastercard, which includes advising on the General Data Protection Regulation and its implementation throughout the EU.
  • Advising Wattpad on its GDPR compliance program, including assisting with data transfer issues, replying to individuals’ requests to exercise their rights, and advising on incident responses, accountability obligations, and data processing agreements.

ALTIUS

In addition to its long-standing reputation for GDPR compliance work, ALTIUS is increasingly gaining prominence in the more niche areas of personal camera data processing, direct marketing, cookies and traffic data retention, national identifiers, and health and research data. Key senior contact Gerrit Vandendriessche also regularly conducts data protection-related cases before the Belgian Data Protection Authority, as well as the civil and administrative courts. Counsel Jan Clinck is likewise recommended.

Responsables de la pratique:

Gerrit Vandendriessche


Autres avocats clés:

Jan Clinck


Les références

‘Client-centric, pragmatic and business-oriented. Thorough understanding of the market practices.’

‘The Altius team has great expertise and keeps clients informed of important evolutions in their field.’

‘They are easy to reach, have a good sense of humour (which is always a plus), but most importantly, they have excellent knowledge and assist me and my company in a very good way.’

Principaux clients

Google


Mediahuis


Intrum


AT&T


Beiersdorf


Niko


Puratos


VRT


MSD


Principaux dossiers


  • Represented Google Belgium in a Market Court appeal against a decision by the Belgian Data Protection Authority in a right to be forgotten case.
  • Representing several clients in proceedings initiated by the Belgian Data Protection Authority against 10 media companies in Belgium regarding the use of cookies on their websites.
  • Advising a provider of electronic communications on the Belgian rules relating to data retention, lawful interception and encryption.

Baker McKenzie CVBA/SCRL

The IPTech group at Baker McKenzie CVBA/SCRL brings a ‘solution-based approach‘ to regulatory work, advising multinational companies on all aspects of data governance and cybersecurity, as well as handling privacy enforcement work and litigation on a local, regional and global level. The firm is also becoming increasingly well versed in emerging issues, including those relating to data centres, machine learning and AI. Elisabeth Dehareng oversees much of the key work, and is noted for her skill in assisting multinational companies dealing with cyber incidents.

Responsables de la pratique:

Elisabeth Dehareng


Autres avocats clés:

Koen de Winter; Caroline Serbanescu; Quentin Fontaine


Les références

‘Strong team led by Elisabeth Dehareng.’

‘Critical thinking and solution-based approach.’

‘Elisabeth Dehareng has very precise and insightful knowledge of everything data protection related. The advice she provides is always to the point.’

Cooley LLP

Cooley LLP‘s dedicated European data protection practice has been rapidly built up by Patrick Van Eecke, who is seen by one client as ‘the expert to turn to‘, and now fields a deep bench of ‘the most skilled practitioners‘. The team handles the full gamut of advisory work, including assisting with compliance programmes, as well as representing key industry players in high-stakes investigations and contentious mandates. In terms of more niche specialisms, the group is developing a stellar reputation for advising on issues relating to digital signatures, blockchain and e-commerce.

Responsables de la pratique:

Patrick Van Eecke


Autres avocats clés:

Enrique Gallego Capdevila


Les références

‘The data protection team at Cooley, particularly in Belgium, has some of the most skilled practitioners I’ve worked with in this field. I find their advice to be practical and innovative as needed. They are incredibly responsive and willing to understand and balance business needs with legal risk.’

‘Patrick Van Eecke and Enrique Gallego Capdevila are some of my favorite outside counsel with whom we work. They are easy to approach, creative, and deeply knowledgeable about their fields.’

‘Cooley has particular experience in the tech sector. This is helpful if your issues are specifically related to the interaction between data protection/privacy and technical questions, which is why we rely on their advice. They speak the relevant business language, understand it and give concrete and usable insights to use without losing much time on writing overly formal advice.’

Principaux clients

AllTrails


Apple


Booking


Checkout


Coinbase


DocuSign


Form Athletica


eBay


EurID


Google


Grindr


Huntsman


KBC Group NV


Meta (Facebook)


Nasdaq Inc


Netflix


NTT


Snapchat (Snap)


Sodastream


Telesign


UiPath


Zoom


Principaux dossiers


  • Advising Google on different data protection and AI-related matters and representing the company before the Belgian Data Protection Authority in a case related to the exercise of the right to be forgotten.
  • Advising Grindr on a wide range of data protection, cybersecurity and e-commerce matters and representing the app before several EU Data Protection Authorities.
  • Advising Telesign on data protection and regulatory matters related to the provision of its digital identity and anti-fraud services.

Covington & Burling LLP

With a client base spanning the full gamut of industry sectors, Covington & Burling LLP‘s specialised data privacy and cybersecurity group is seen by major multinationals as a go-to for handling government investigations and enforcement actions, advising on regulatory and compliance issues, and assisting with global data breaches. The team is also well versed in the range of novel data-related legislation, including the AI Act, Data Act, and Digital Markets Act. Daniel Cooper, who originally founded the European data privacy practice, continues to oversee the work.

Responsables de la pratique:

Daniel Cooper


Autres avocats clés:

Kristof Van Quathem; Sam Choi


Principaux clients

American Express


American Airlines, Inc.


Aristocrat Technologies and Aristocrat Leisure


AstraZeneca


Abbvie


Bristol-Myers Squibb


Cloudfare


Compass


Danaher Corporation


Dun & Bradstreet


Eli Lilly


European Federation of Pharmaceutical Industries and Associations


General Mills


Merck


Microsoft


Oxford Biomedica


PegaSystems


Regeneron


Square


Takeda Pharmaceuticals U.S.A. Inc.


The World Anti-Doping Agency (WADA)


Principaux dossiers


  • Advising EFPIA on the application of data protection law to the collection, use and sharing of health and genetic data for scientific research purposes.
  • Representing The Dun & Bradstreet Corporation, an American provider of commercial data, analytics, and insights for businesses, and its Austrian affiliate Bisnode, in a case before the CJEU.
  • Representing IAB Europe in its litigation against the Supervisory Authorities.

DLA Piper

DLA Piper fields a ‘very talented‘ core team focused on data protection and cybersecurity work, nestled within the firm’s wider IPT practice; Heidi Waem, who is singled out by one client as an ‘expert in the field‘, leads the dedicated group and was promoted to partner in May 2023. The department is well known for representing major industry players in dealings with the Belgian Data Protection Authority at all stages, and is also noted for its digital strategy work. Kristof De Vulder leverages his expertise in the technology sphere to provide support.

Responsables de la pratique:

Heidi Waem; Kristof De Vulder


Autres avocats clés:

Simon Verschaeve


Les références

‘The DLA Piper team is very talented, focusing on delivering pragmatic and efficient advice.’

‘Heidi Waem and Simon Verschaeve are pragmatic and solution oriented.’

‘The lawyers are responsive, have a good understanding of our business, and are highly capable of summarising complex technical issues. The practice stands out for its litigation capabilities, the excellent quality of its advisory work and the knowledge maintained by the team on upcoming EU legislation.’

Principaux clients

bpost NV


SD Worx People Solutions


Levi Strauss & Co


NMBS/SNCB (Belgian railways)


Randstad


Royal Antwerp Football Club


Kinepolis


SkeyDrone


Luminus


Cegeka


Duracell


Q8


Vaillant


Myria


Nexuzhealth


Principaux dossiers


  • Advising bpost on various issues, including upcoming EU data legislation, as well as acting in proceedings before the Belgian Data Protection Authority.
  • Represented NMBS in appeal proceedings before the Brussels Market Court against the decision of the Belgian Data Protection Authority relating to its Hello Belgium Railpass.
  • Assisted a public entity with strategic advice and a detailed transfer impact assessment in relation to the cloud migration of a large amount of sensitive health data.

Faros

Since its inception in September 2022, data protection boutique Faros has grown to ‘distinguish itself through its highly pragmatic approach, displaying a deep understanding of operational and business challenges‘. On the advisory side, the team regularly assists with issues concerning access to data, direct marketing set-ups, breach notification requirements, and international data transfers. The firm is also regularly instructed to appear in proceedings before the Belgian Data Protection Authority. Anouk Focquet, one of the original founding partners, is singled out for her ‘great job leading the team‘.

Responsables de la pratique:

Anouk Focquet


Les références

‘Highly motivated and competent team, thinking along with clients and not afraid to go the extra mile. Pragmatic, no-nonsense and solution oriented.’

‘Anouk Focquet does a great job of leading the team. Not purely theoretical, but also thinking outside the box.’

‘Faros is a very dedicated and agile partner to us, and I highly appreciate their commitment to deadlines and attention to detail. They are keen to understand the business models we are using in order to tailor their advice, and they are not afraid to share “uncomfortable advice” or to challenge our position, but in a very diplomatic but clear way.’

Principaux clients

Orde Van Vlaamse Balies (OVB)


Jones Day

Star lawyerJörg Hladjk helms the dedicated cybersecurity, privacy and data protection practice at Jones Day, frequently cooperating on key mandates with experienced practitioner Laurent De Muyter. In addition to GDPR compliance work, the team predominantly focuses on four key areas – advising on cyber and ransomware attacks, developing binding corporate rules for global data transfers, handling the data aspects of transactions, and assisting critical infrastructure companies. Clients are regularly able to benefit from the firm’s global network.

Responsables de la pratique:

Jörg Hladjk


Autres avocats clés:

Laurent De Muyter


Les références

‘They have high quality individuals who truly understand EU privacy and data protection laws. They are well rounded and have been advising on data privacy/protection since before the EU Data Directive. They provide great advice in the data breach context and regularly work with regulators on data breach, data transfer, and other issues. They operate efficiently.’

‘Jörg Hladjk is a star lawyer. He is a great communicator and provides practical advice that is readily implemented.’

‘Jörg Hladjk can take a chaotic situation and bring order and common sense.’

Principaux clients

Experian Information Systems


Verint Systems


Imperva


Affinius Capital


Orange


Trustwave


Visible Alpha


Sonoco


Principaux dossiers


  • Advising Orange on a data protection and cybersecurity assessment of MásMóvil’s data processing activities in Spain and across the EU, in the context of its agreement with MásMóvil to combine their businesses in Spain.
  • Advising Affinius Capital on GDPR compliance in the context of US securities laws, including policies and procedures and related issues, such as data transfer mechanisms.
  • Advising Verint Systems on data transfers, including the new standard contractual clauses for international data transfers.

Osborne Clarke

Working as part of Osborne Clarke‘s international network, the Brussels-based IP, IT and data group advises on the full gamut of interactions with the Belgian Data Protection Authority, including handling investigations, as well as drafting data protection and whistleblowing policies and carrying out audits. Recently, the firm has been particularly active in the data exchange and transfer space, and has assisted several major EU and US clients with complex international data transfer projects. Practice head Benjamin Docquir is noted for his ‘creative solutions‘.

Responsables de la pratique:

Benjamin Docquir


Autres avocats clés:

Laurens Dauwe


Les références

‘One of their main advantages is that they operate in many European countries, which ensures cost efficiency and privacy consistency within our different affiliates.’

‘Benjamin Docquir is business-oriented and he is active in the area of data protection having built a good network of clients and peers in the industry.’

‘Skilled and available. Aware of new regulations.’

Principaux clients

Orderello


Molière


Black Tiger Belgium


Crowell & Moring

Crowell & Moring‘s privacy and cybersecurity group advises on issues concerning the collection, use, transfer, and protection of data both within the EU and globally, counting ‘some of the major players on the Belgian market‘ among its client list. Edward Taelman heads up the practice after the departure of Maarten Stassen in October 2024. Another key name in the team is Frederik Van Remoortel.

Responsables de la pratique:

Edward Taelman


Autres avocats clés:

Frederik Van Remoortel; Sari Depreeuw


Les références

‘The team provides advice to some of the major players in the Belgian market.’

‘What makes Crowell unique, is their didactical approach to the subject matters.’

Principaux clients

Belgian Mercedes Benz Dealer Club


FEAC (Association of European Dealers of Mercedes Benz)


Belgian Esports Federation


Data Protection Institute


Delta Light


DPG Media


Federal Public Service Finance


Ingersoll Rand (formerly Gardner Denver)


Kia Belgium


Telenet / Liberty Global


Trane Technologies (formerly Ingersoll Rand International)


Vias Institute


Direct Social Communications (DSC)


Principaux dossiers


  • Assisting the Data Protection Institute with day-to-day data protection challenges and operational issues.
  • Advising TheGreenShot, a crew engagement platform designed specifically for sustainable audio-visual production teams, on data protection compliance for products and services.
  • Assisting Vias Institute, a Belgian independent and multidisciplinary knowledge centre focusing on safety and security, with the development of a privacy program and negotiation of data protection-specific agreements with partners and providers.

Deloitte Legal

For Deloitte Legal, data protection and privacy work forms a core component of the IP and IT team’s regular workload. The group assists with practical questions regarding the applicability of data protection legislation, as well as advising on data ownership, localisation, retention, and transferability issues. Jurgen Egger and Matthias Vierstraete oversee and co-ordinate the wider practice, regularly leading on key regulatory mandates.

Responsables de la pratique:

Matthias Vierstraete; Jurgen Egger


Principaux clients

Borealis


Intix NV


Beeple NV


Nipro Digital Technologies Europe NV


Federale Overheidsdienst Economie, K.M.O., Middenstand en Energie (Federal Public Service Economy)


Stad Gent


Elia NV


Carvago Belgium NV


Principaux dossiers


  • Assisting the Federal Public Service Economy with all data protection and privacy-related aspects with regard to the development of a central platform for consumer protection.
  • Advised Elia on its digitisation processes and all legal aspects which need to be taken into consideration when moving to a cloud environment, including international data transfer issues.
  • Advising Nipro Digital Technologies Europe on an international software reseller structure and the related contractual framework.

Eubelius

The ‘very versatile‘ digital and data protection practice at Eubelius is built around five key areas – innovative data projects; litigation and incident response; non-contentious issues, including data transfers and GDPR compliance; contract drafting; and audits. Anneleen Van de Meulebroucke, who founded the group, made partner in January 2023, and continues to lead on both advisory and contentious mandates. Pieter Callens, who oversees the IP and IT offering, lends support.

Responsables de la pratique:

Anneleen Van de Meulebroucke; Pieter Callens


Les références

‘Great all-round practice with strong competencies in-house.’

‘Very competent people, all super-high profile. Peronalised contact and very close relationship on all matters. Think “with the client” to find practical solutions rather than bringing up legal obstacles.’

‘The data protection team at Eubelius is very versatile. They have supported us in legal analyses on a broad range of topics related to data protection and combined with other legal domains such as ICT law, contract law, public law.’

Principaux clients

Agency Digital Flanders (Agentschap Digitaal Vlaanderen)


Pioneer


Agency Care & Health (Agentschap Zorg en Gezondheid)


Flemish Data Utility Company/Athumi (Vlaams Datanutsbedrijf)


Bancontact Payconiq


Pandox


Viapass


Principaux dossiers


  • Assisting the Belgian branch of the Pandox Group with a complex GDPR compliance project which concerns 7 hotels in Brussels and Antwerp.
  • Advising Athumi on the set-up of a data vault project.
  • Assisting the Digital Flanders Agency with the establishment of the Real Estate Information Platform, enabling an easy and digital exchange of real estate information between applicants and central or local data sources.

Hunton Andrews Kurth LLP

Noted for its ‘proactive stance in adapting to regulatory shifts‘, Hunton Andrews Kurth LLP‘s privacy and cybersecurity team is ‘able to work through multiple layers and numerous laws to help with planning and strategic solutions‘. As well as advising on GDPR compliance issues and globalisation projects, the group regularly responds to data breaches. David Dumont heads up the practice, ably assisted by counsel Anna Pateraki and associate Laura Léonard.

Responsables de la pratique:

David Dumont


Autres avocats clés:

Anna Pateraki; Laura Léonard


Les références

‘This practice distinguishes itself through a comprehensive understanding of EU laws, including GDPR and evolving regulations. The team’s strengths lie in its multidisciplinary approach, blending legal expertise with technical proficiency and ensuring robust compliance strategies.’

‘Noteworthy is their proactive stance in adapting to regulatory shifts and leveraging cutting-edge technology for efficient data management and protection.’

‘The practitioners are distinguished by their deep expertise in privacy and data protection, bolstered by a keen understanding of emerging technologies.’

Principaux clients

The Procter & Gamble Company


Herbalife International of America, Inc.


Tiffany & Co., Inc.


Church & Dwight


doTERRA International LLC


iHerb, Inc.


Principaux dossiers


  • Assisting a multinational consumer goods corporation with a variety of privacy and data protection matters.
  • Advising a multi-level marketing company on a range of privacy and cybersecurity issues.
  • Assisting a major technology company with several compliance initiatives, including building a global privacy programme framework to manage and protect all personal information maintained across the organisation.

Keller and Heckman LLP

Since the highly regarded ‘reference point in the sectorPeter Craddock joined Keller and Heckman LLP to grow the privacy, data security and digital media offering, the firm has steadily gained recognition for its regulatory expertise in these spaces. Data protection, AI and machine learning governance have become particular areas of strength. The team has also lately worked on projects regarding user identification across multiple devices.

Responsables de la pratique:

Peter Craddock


Les références

‘Peter Craddock is a reference point in the sector, has a profound understanding of the legislation and is able to advise, taking into account strategic undertakings. He is pleasant to work with, and is always available.’

‘Peter Craddock is supporting us efficiently by providing sound advice on a wide range of topics, both on litigation matters and compliance efforts. His pedagogy and ability to simplify has been crucial to boost communications with different types of stakeholders.’

Principaux clients

IAB Europe


Proximus


Intangiable


Prosus


RTBF


Danone


Greenomy


Bureau Veritas


Principaux dossiers


  • Advising IAB Europe, the organisation managing the Transparency & Consent Framework, on discussions regarding the development of TCF 2.2 and on the development of changes and an action plan to meet compliance requirements of the Belgian Data Protection Authority.
  • Advising Proximus on various compliance matters and handling several regulatory investigations.
  • Assisting Danone with a revamp of its approach, including rolling out EMEA compliance training and advising on a large-scale project on data governance.

Liedekerke

Operating best at the intersection between IP, IT and dispute resolution work, Liedekerke‘s ‘excellent‘ team typically assists with GDPR compliance audits and implementation projects, as well as advising on the use of data by public authorities. Commercial expert Etienne Kairis oversees much of the work. Other key contacts include IP specialist Sarah van den Brande and associate Myrtle Gevers.

Responsables de la pratique:

Etienne Kairis


Autres avocats clés:

Sarah van den Brande; Myrtle Gevers; Dorien Taeymans


Les références

‘The team is excellent. The service provided is highly qualified and managed to deliver very satisfactory work results. More goal-oriented work than others.’

‘Etienne Kairis is a very pleasant practitioner who, in addition to his legal knowledge, also keeps an eye on the business challenges of his clients. He is extremely well connected throughout the region. We would also like to make a special mention of his team, who have also supported us for some time with exemplary commitment and very good work results.’

‘Myrtle Gevers is recommended for her pragmatism and knowledge of the field.’

Principaux clients

Greenyard


Data Protection Authority


Volkswagen


Family Partners


Verge Motorcycles


Celcuity Inc.


Principaux dossiers


  • Representing the Belgian Data Protection Authority before the Court of Justice in the framework of a preliminary ruling regarding the data protection law concept of a data controller.
  • Assisting Volkswagen with compliance issues regarding data protection regulations for a number of different functionalities which the client wishes to implement in its connected vehicles.
  • Advising Celcuity, a clinical stage biotechnology company, on a global clinical trial with sites within the European Union, which involves the large-scale processing of personal data.

Loyens & Loeff

At Loyens & Loeff, the ‘sharp‘ Belgian data protection and privacy group sits within the firm’s wider litigation and risk management practice, and typically works in close co-operation with the Dutch, Luxembourgish and Swiss offices. The workload spans the full gamut of relevant issues, ranging from privacy policy drafting to assistance with data transfers. The team also leverages the support of a well-regarded disputes department to handle contentious mandates. Stéphanie De Smedt is the key senior contact.

Responsables de la pratique:

Stéphanie De Smedt


Les références

‘Great team with great expertise.’

‘Stéphanie De Smedt is highly available and responsive with practical and intelligible advice in complex matters. She understands the legal needs of technology-driven companies.’

‘For every request received from our business, Stéphanie De Smedt makes her best effort to concretely understand the business need in the current case and our expectations from the firm in this respect. This helps to ensure that we, as a client, receive high-quality legal advice on privacy/data protection matters, adjusted to our expectations at that particular moment.’

Principaux clients

Joos Consulting


Legrand Nederland B.V.


Stanley and Stella SA


Meta Platforms Ireland Limited


Demant A/S


Principaux dossiers


  • Represented Meta Platforms Ireland in proceedings regarding restrictions imposed on – and content removed from – a Facebook page and ad account.
  • Advised a global manufacturer on setting up a complete GDPR compliance framework.
  • Assisted Demant with the acquisition of the audiology branch of Goed Hulpmiddelen.

Lydian

Fielding a team of ‘trusted advisers, problem solvers, and creative thinkers‘, Lydian‘s information governance and data protection group handles compliance work, international data transfers, marketing and e-commerce issues, record management, and cybersecurity matters. Practice head Bastiaan Bruyndonckx oversees a growing team, which is consistently gaining strength at the junior end; associate Françoise Billen, who joined from CMS in October 2022, was the latest example.

Responsables de la pratique:

Bastiaan Bruyndonckx


Autres avocats clés:

Olivia Santantonio; Françoise Billen


Les références

‘Knowledgeable and flexible.’

‘Whether you need advice or representation, Lydian can offer you the best solution for your situation. Lydian delivers high-quality advice that is based on thorough research, innovative thinking, and clear communication. They always respect the deadlines and expectations of their clients, and strive to exceed them.’

‘The people at Lydian are more than just lawyers. They are trusted advisers, problem solvers, and creative thinkers.’

Principaux clients

DKV


Ergo


Orange


Engie Electrabel


Vaillant


Ethias


Keyence


Essent Belgium


BNPP Fortis


SSI Schäfer Shop


Solidaris


Baloise


Febelco


Cardif


De Lijn


AXA Bank


DELA


Agentschap Inburgering & Integratie


Principaux dossiers


  • Advised Agentschap Integratie & Inburgering, the Flemish agency for integration, on the data protection compliance aspects of a transformative IT project involving the development of a new Salesforce cloud-based platform covering its main activities.
  • Assisted DELA, a Dutch insurer, with the setting up of a new whistleblowing platform and advised on accompanying procedures and policies for its Belgian operations in compliance with the Belgian Whistleblowing Act.
  • Assisted AXA Bank Belgium with a complete overview of relevant legislation and regulatory guidelines concerning data privacy and security which apply specifically to the financial sector.

Morrison Foerster

Morrison Foerster‘s Brussels office acts as a hub for the firm’s privacy and data security offering, with global practice co-chair Alex van der Wolk presiding over an expanding team of dedicated specialists, including ‘very promising‘ recently promoted of counsel Marijn Storm and ‘inquisitive‘ associate Marta Hovanesian. The department is particularly noted for its expertise in handling cybersecurity incidents, and is regularly instructed on pan-European data breaches; compliance advice is another stalwart of the group.

Responsables de la pratique:

Alex van der Wolk


Autres avocats clés:

Lokke Moerel; Alja Poler Dr Zwart; Marijn Storm; Marta Hovanesian; Yaron Moszynski


Les références

‘I really appreciate the expertise of Lokke Moerel and Marijn Storm on GDPR topics. They are always efficient and quick to respond.’

‘MoFo has a deep wealth of experience and is practical in its recommendations. More than other firms, the MoFo team simplifies and offers common sense solutions. MoFo has saved us tons of time and stress, and I am forever grateful. The team is truly service-oriented and business friendly.’

‘In addition to the attentive and knowledgeable service, each of the individuals with who we have worked with is friendly and pleasant. No question is dismissed and every response is thorough and well thought through.’

Pierstone

Pierstone is differentiated by its core focus on legal issues specifically concerning the digital economy. Aside from contract drafting and GDPR complaince advice, the team is increasingly called on to provide assistance with more general privacy policy issues. Technology specialist Patrice Vanderbeeken is singled out for his ‘flexibility, swiftness and diplomacy‘, while Alain Strowel brings valuable IT and IP experience to the group.

Responsables de la pratique:

Patrice Vanderbeeken; Alain Strowel


Autres avocats clés:

Jeanne Jacobs


Les références

‘The firm has great lawyers to work with. They work as a real team which is great.’

‘Patrice Vanderbeeken is able to quickly grasp issues and find a practical solution in our best interests. I have also been impressed by his knowledge of the law during negotiations we had on certain delicate privacy-related topics. His flexibility, swiftness and diplomacy are other qualities we very much appreciate.’

Principaux clients

Toyota EU Headquarters


Prime Alliance


Meters & More


Catalina Marketing


Datawords


EDSO for Smart Grids


Karhoo


Pierre & Vacances


Rotterdam The Hague Airport


Lelystad Airport


Eindhoven Airport


Brussels Regional Informatics Centre (BRIC)


Microsoft Inc


GitHub


Nike EU headquarters


Unioncamere Europa ASBL


GlaxoSmithKline Pharmaceuticals Ltd


Interparking


NATO (DIANA)


Franet


Digital Ethics


Rio Tinto


Principaux dossiers


  • Advising Microsoft on the new Data Governance Act and its potential application to the client’s products and services.
  • Advising the Brussels Regional Informatics Centre on the digitalisation of the public services of the Brussels Region, including assisting with GDPR compliance in relation to the development and management of a new platform.
  • Advising Catalina Marketing on various GDPR, e-privacy and other EU data-related legislation.

Van Bael & Bellis

The ‘extremely collaborative‘ data protection team at Van Bael & Bellis advises a roster of major multinationals on GDPR compliance programmes, ethical impact assessments, cybersecurity issues, e-privacy matters, cross-border data transfers, and data breaches. In terms of industry focus, the firm is noted particularly for its expertise in the life sciences space. Counsel Thibaut D’hulst is the key senior contact.

Responsables de la pratique:

Thibaut D’hulst


Autres avocats clés:

Dariusz Kloza


Les références

‘I have found VBB to be extremely collaborative and responsive. They also take the time to listen and understand my particular situation and give practical advice that can realistically be implemented.’

‘Thibaut D’hulst is excellent – very knowledge, responds quickly, gives practical advice.’

Principaux clients

Encoded Pharmaceuticals


Gedeon Richter


Health Standards Organization


Patient Centrics


Pharma.be


Super League Triathlon


Principaux dossiers


  • Advising Super League Triathlon, an organiser of innovative triathlon events and formats which also provides related apps and services, on a range of data protection matters.
  • Assisting Belgian industry association and national EFPIA member pharma.be and its members with the use of Real World Evidence in the context of drug development and approval.
  • Advising Encoded Therapeutics, a US-based pharmaceutical research company, on GDPR compliance issues.

AContrario.Law

According to clients, when boutique AContrario.Law is instructed, ‘the outcome will be right, and still achieved in a pragmatic way‘. Projects relating to GDPR compliance form the core of the practice. Founding partner Magali Feysstands out through the way she is able to rapidly understand complex situations and challenges‘. Data security lead Tim Wulgaert has extensive experience in developing, reviewing and improving strategies, governance and policies.

Responsables de la pratique:

Magali Feys; Tim Wulgaert


Les références

‘Magali Feys combines her legal skills with a feel for technology, which is exceptional.’

‘What struck me most was how close of a fit the team is, both on a professional and personal level. This allows them to quickly add to each other’s strengths. AContrario has a hardworking and highly flexible team.’

‘Magali Feys and Tim Wulgaert are both such striking individuals with profound knowledge that you can only be in awe of them. I’ve seldom seen people who manage to come up with quick and long-term solutions, compatible with the current situation of their client. They are very forward thinking – they actually dare to think differently, which is refreshing to say the least.’

Principaux clients

Agentschap Digitaal Vlaanderen


Agentschap Facilitair Bedrijf (Government Agency of Facility Operations)


Agentschap Zorg & Gezondheid (Government Agency Care and Health)


Algemeen Ziekenhuis Delta (AZ Delta)


Always Better


Anonos


BlueHealth Innovation Centre


Calltic


Cascador Health


Centrum voor Informatica (CEVI)


Citymesh


Club Brugge


Commission communautaire française (COCOF) (Government of the French Community Commission)


Communauté française (Government of the French Community)


Conversation Starter


Creative Therapy


Deltaworx


Departement Cultuur, Jeugd en Media of the Flemish Government


E17-Ziekenhuisnetwerk (including AZ Glorieux, AZ Groeninge, AZ Maria Middelares, AZ Sint-Elisabeth, AZ Sint-Vincentius Deinze, O.L.V. van Lourdes ziekenhuis Waregem, Sint-Jozefskliniek Izegem)


Enbro


EPIC Consortium


ExtraHorizon


FAQIR


Fixform


FOD Binnenlandse Zaken (Federal Public Service of Home Affairs)


FOD Volksgezondheid (Federal Public Service of Health, Food Chain Safety & Environment)


Gemeenschappelijke Gemeenschapscommissie (COCOM) (Government of the Common Community Commission)


Imec.istart


International Organization for Migration (IOM)


Interuniversity Micro-Electronics Centre (IMEC)


Korian


Larian Studios


Leadlife


Mindthriven


Ministerium der Deutschsprachigen Gemeinschaft Belgiens – Ostbelgien (Government of the German-speaking Community)


MyPitch


Payflip


Qompium (Fibricheck)


Risolto


Région Wallonne (one of the two federated Walloon entities)


Salvus Health


Sciensano


Securitas


Shavatar


Skindr


Solaria Consortium


Tinkerlist


Ministerie Vlaamse Gemeenschap (Ministry of the Flemish Community)


Watcherr (former Tequinity)


WeGroup


Principaux dossiers


  • Assisting FOD Volkgsgezondheid with drafting and solidifying the Belgian e-health digital architecture, including the BelRAI screener, in a future proof manner through a cooperation agreement with the Belgian federal and regional governments.
  • Assisting Cascador Health with the creation of a holistic data protection strategy and governance framework for the client and its Trusted Third Party to support its mission to technically, legally and operationally enable access to medical source data for legitimate secondary purposes.
  • Advising Securitas on a comprehensive Data Protection Impact Assessment for the internal roll-out of the Basking.io tool by the client.

Alston & Bird LLP

Alston & Bird LLP‘s privacy, cyber and data strategy team ‘does an exceptional job of providing practical advice‘; the group is well versed in assisting with security incident responses, cybersecurity preparedness, privacy and data protection compliance, and information governance, as well as advising on the related strategic and operational considerations. The ‘nimble and pragmaticWim Nauwelaerts heads up the practice.

Responsables de la pratique:

Wim Nauwelaerts


Autres avocats clés:

Paul Greaves


Les références

‘Strong data privacy expertise for complex matters.’

‘Wim Nauwelaerts is a top-notch privacy lawyer who can be entrusted with the most complex matters. He is responsive, knowledgeable and pragmatic.’

‘This practice has a wealth of knowledge and expertise and does an exceptional job of providing practical advice.’

Principaux clients

Alticor Inc. (Amway)


Chick-fil-A, Inc.


Cross-Border Data Forum (CBDF)


Fortive Corporation


Fresh Del Monte


Principaux dossiers


  • Assisting Alticor with a variety of privacy and data protection matters across the globe.
  • Assisting Fortive Corporation with a variety of privacy and data protection matters across the globe.
  • Advising Cross Border Data Forum, a 501(c)(4) which publishes about how law enforcement access to evidence should change due to cloud computing and the globalisation of criminal evidence.

Lexing

Sitting within the firm’s broader IP, IT and media department, which is headed up by Jean-François HenrotteLexing‘s data protection specialists are regularly instructed by global groups, SMEs, public authorities and start-ups. The group often provides clients with DPO outsourcing services, as well as advising on compliance issues and appearing before the Belgian Data Protection Authority.

Responsables de la pratique:

Jean-François Henrotte


Autres avocats clés:

Fanny Coton; Victoria Ruelle


Principaux clients

Avocats.be


Circuit de Spa-Francorchamps


NRB


Etnic


Noshaq


Larcier-Intersentia


Andaman7


DIM3


Dwelling


Let’s go City


Principaux dossiers


  • Successfully represented Avocats.be in several appeals before the Belgian Constitutional Court to overturn a data retention law.
  • Advising Noshaq on various technology-related matters, including assisting with GDPR compliance.
  • Instructed by Andaman7 as Data Protection Officer, as well as negotiating an agreement with a pharmaceutical company on behalf of the client.

Monard Law

Monard Law‘s ‘perfectly matched‘ privacy and data protection team is seen as a go-to for clients looking to navigate the growing regulatory framework governing the collection, storage, distribution and use of personal data. On the non-contentious side, the group carries out audits, drafts contracts and navigates risk. In the contentious space, the practice is well versed in representation before domestic courts and regulatory bodies. Commercial specialist Kristof Zadora is the key name to note.

Responsables de la pratique:

Kristof Zadora


Autres avocats clés:

Jill Leen; Jenna Auwerx


Les références

‘Appreciate the diversity of the team very much, the open collaboration, and the pragmatic approach to translate complex issues so they can be understood in a business context.’

‘The team of Monard works very well together and is very responsive.’

‘Kristof Zadora – senior contract for us with an excellent view on which lawyers need to be added to the team to help us with specific issues. Very pragmatic and always a lot of focus on how to resolve issues as efficiently as possible.’

Principaux clients

WEAREONE.WORLD (Tomorrowland)


Limburg.net


Primagaz


Hedin Automotive


Computacenter


Allimex


Chili Publish


Dewaele Vastgoed en Advies


Toerisme Limburg


Appoint


Equals Three


Principaux dossiers


  • Advising the Tomorrowland group on all privacy and data protection questions related to the launch of its digital events and innovative endeavors.
  • Assisting Limburg.net with a privacy and data protection implementation project.
  • Advising Primagaz on all matters related to privacy and data protection.

Simmons & Simmons

Best known for its work in the life sciences, TMT and financial services sectors, Simmons & Simmons leverages its contentious prowess to handle data protection-related mandates on behalf of clients from these industries. Olivier Mignolet and Alejandro Guerrero provide dispute resolution and TMT expertise respectively, while Jérémie Doornaert is the key GDPR specialist.

Responsables de la pratique:

Olivier Mignolet; Alejandro Guerrero


Autres avocats clés:

Jérémie Doornaert


Les références

‘The data protection team is small but has a very good reputation in the life sciences sector as it has a deep understanding of the issues that the sector must face.’

‘They combine legal expertise with a client-friendly and practical approach.’

‘Jérémie Doornaert is very pragmatic, has a good understanding of the business and is able to translate the GDPR principles into business-oriented solutions. In addition, he is very responsive and respectful of deadlines.’

Principaux clients

ArgenX


Ascensia Diabetes Care


Barclays


beMedTech


Celyad


Coloplast Belgium


DiaSorin SA


GlaxoSmithKline Biologicals


GlaxoSmithKline Pharmaceuticals


Hownet Aerospace


HSBC


Medista


Meta Platforms, Inc. (Facebook)


MiDiagnostics


Monument Re


Moody’s


Morgan Stanley


Oncidium Foundation


Ordre des Pharmaciens


Rhythm Pharmaceuticals Inc.


Sanofi Belgium


Servier Benelux SA


Stryker


Warner Bros


Principaux dossiers


  • Representing Meta in a dispute with the Belgian Data Protection Authority concerning the setting and use of cookies on the site’s own and third-party websites.
  • Representing Ordre des Pharmaciens in litigation before the Belgian Data Protection Authority and the Market Court.
  • Advising a global pharmaceutical company on the transfer of human samples from Belgium to the US, including all data protection and regulatory aspects.

Simont Braun

The data and privacy offering at Simont Braun comprises a group of dedicated practitioners drawn from the digital finance, IP and ICT departments; the resultant cross-practice team is therefore able to handle both broader and more niche regulatory issues. Data transfers, processing agreements and internal policies are some key areas of strength. Joan Carette and Emmanuel Cornu lead on much of the work.

Responsables de la pratique:

Joan Carette; Emmanuel Cornu


Autres avocats clés:

Esra Güler


Principaux clients

Groupe Meilleurtaux (Silver Lake)


Active Partners


NewB


Aion Bank


Belgian Mobile ID (itsme)


Taptap Send


Principaux dossiers


  • Representing Doctor Anytime, an internet platform gathering professional data from health professionals, in administrative proceedings before the Litigation Chamber of the Belgian Data Protection Authority with the aim of demonstrating that the client has a legitimate interest in the processing of the personal data of the professionals listed on its platform.
  • Filed a criminal complaint relating to the processing of his personal data on behalf of the President of the Green Group in the European Parliament.
  • Representing Cathobel, the press agency of the Catholic Church in Belgium, following a complaint against the client before the Belgian Data Protection Authority.

Squire Patton Boggs

In October 2022, Squire Patton Boggs‘ data privacy, cybersecurity and digital assets offering in Brussels was injected with talent following the acquisition of the team formerly based at Steptoe LLP; Charles Helleputte and Diletta De Cicco are some of the key senior arrivals. As well as advising on GDPR compliance issues, the group assists with breach preparedness and crisis management work.

Responsables de la pratique:

Charles Helleputte


Autres avocats clés:

Diletta De Cicco


Les références

‘Squire Patton Boggs offers a unique blend of cutting-edge legal knowledge, a diverse and skilled team, practical solutions, and unwavering dedication to client success. Potential clients can trust this law firm to navigate the intricate world of EU privacy and data protection regulations effectively.’

‘With Squire Patton Boggs, clients are not just gaining legal representation, they are gaining a trusted partner committed to safeguarding their interests in an ever-changing regulatory landscape.’

‘What sets the individuals at Squire Patton Boggs apart is their exceptional expertise, collaborative mindset, practical approach to problem-solving, client-centric focus, and proactive risk mitigation strategies. These qualities, exhibited by standout partners and associates, make Squire Patton Boggs a top choice for clients seeking unparalleled legal support in the complex and ever-evolving field of EU regulatory privacy and data protection.’

Principaux clients

Bitfinex


Discover


Aviagen


World Bicycle Relief


eBay


Vialto


Bank of China


SRAM


Caterpillar


Aplo


TfS


IU Group


Principaux dossiers


  • Advising a crypto platform on its deployment of a P2P lending app.
  • Advised a major marketplace on the framing of its AI governance.
  • Advised a multinational company on the practical consequences of the upcoming EU AI Act for its business, in particular whether any of its systems qualify as prohibited or high risk.

Stibbe

Stibbe‘s TMT team is well versed in the full gamut of data protection work, from compliance advice, to negotiation of data processing agreements, to representation in relevant proceedings. Recently, the group has also been increasingly instructed to handle issues stemming from cybersecurity incidents. Senior contact Erik Valgaeren is ‘particularly noted for his ability to advise on the risk based on his understanding of the approach of the Belgian regulators and courts‘.

Responsables de la pratique:

Erik Valgaeren


Autres avocats clés:

Carolien Michielsen


Les références

‘I have enjoyed working with Erik Valgaeren and his data protection team. I appreciated their swift responses to queries, and their ability to provide hands-on legal advice oriented to meet clients’ needs.’

‘The Stibbe team not only has excellent technical knowledge, they are able to apply it in a commercial manner to enable us to provide the type of advice that our clients need and expect from us.’

‘Erik Valgaeren has an in-depth knowledge of this area and is particularly noted for his ability to advise on the risk based on his understanding of the approach of the Belgian regulators and courts. This means that his advice is always grounded in commercial reality.’

Principaux dossiers


  • Represented a client during suspension proceedings before the Council of State instituted against the Royal Decree of 10 December 2019, which introduced the obligation to store the digital image of two fingerprints of citizens on electronic identity cards.
  • Advised a Chinese logistics company on the GDPR assessment of several of its business activities.
  • Advised a provider of on-demand cloud computing platforms on specific national statutes, case law and guidance on direct marketing in Belgium in order to update internal policies.