Privacy and Data Protection
The increasing use of personal data by companies, governments and institutions has led to a data protection legal framework that is in continuous development. Almost every organisation processes personal data, such as information on employees, business contacts, patients or customers. The Internet of Things ("IoT"), big data analytics and the increasing use of cloud services, as well as growing globalisation, inevitably poses challenges to processing personal data in a way that is secure and compliant with privacy and data protection laws. Contrary to popular belief, we believe that current data protection regimes offer sufficient opportunities to legitimately process personal data, enabling our clients to do business as usual.
Our clientsOur Privacy & Data Protection Team has gained specific expertise within a number of sectors, including e-commerce, automotive, FinTech, real estate, financial services and insurance, healthcare and retail.
RecommendedLegal 500, Data privacy and data protection (2021 Edition)
RecommendedLegal 500, Telecoms (2020 Edition)
“Key strengths are their business-minded focus and practicality.”Legal 500, Media and Entertainment (2020 Edition)
“Sources say the firm’s offering is ‘excellent’ and entails a ‘high-level service.’”Chambers Europe, TMT: Data Protection (2019 Edition)
“The lawyers have a thorough and deep understanding of the law combined with a hands-on and service-oriented approach.”Chambers Europe, TMT: Data Protection (2019 Edition)
RecommendedLegal 500, Media and Entertainment (2019 Edition)
"One client remarks on how well the IT and data team integrate with their business, describing the lawyers as 'open and accessible' and adding: 'They are like an extension of my colleagues'."Chambers Europe, TMT: Data Protection (2018 Edition)
"The team is very knowledgeable and responsive, and we rely heavily on their expertise for many projects. If one lawyer is unavailable, there are others who will step in so that projects continue seamlessly."Chambers Europe, TMT: Data Protection (2018 Edition)
RecommendedLegal 500, Telecoms (2018 Edition)
"Houthoff’s practice is particularly strong in corporate work and litigation."Legal 500, Media and Entertainment (2018 Edition)
"One client admires the way the lawyers 'very easily broke down the case, the options and possibilities.' The same client praises the 'very high quality' of the individuals within the team."Chambers Europe, TMT (2017 Edition)
"Another client is pleased with the way the team is 'able to get deeply involved in our business model' and is also impressed with 'the supporting team and how they deal with the associates'."Chambers Europe, TMT (2017 Edition)
Our expertise on privacyHouthoff's Privacy & Data Protection Team has extensive experience in the field of privacy and data protection, including the General Data Protection Regulation. We regularly litigate on privacy and data protection matters before supervisory authorities and courts, including the Dutch Supreme Court.
Our privacy and data protection specialists advise clients (governments, companies and other organisations) on a variety of topics, such as:
- online advertising and direct marketing;
- connected cars;
- data breach reporting;
- intermediary injunctions;
- privacy complaints (access, rectification, objection, data portability);
- big data analysis;
- clinical trials and healthcare research;
- whistleblowing schemes;
- HR and recruitment;
- employee monitoring;
- international/third party data transfers; and
- corporate investigations.
We help our clients to understand the applicable legal framework, and take the required measures in order to comply. This includes:
- negotiating contracts (data processing agreements, service agreements, data transfer agreements, joint controller arrangements);
- advising on day-to-day topics (data transfers, advertising campaigns, prize draws, direct marketing, data sharing, data retention, customer complaints);
- setting up a register of processing activities;
- drafting data protection policies and statements, including data breach protocols and retention policies;
- advising on the implementation of employee monitoring tools;
- advising on connected services, and the related graphic interfaces; and
- carrying out data protection impact assessments and privacy audits.
Our Privacy & Data Protection team also has experience in dealing with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, "AP"), including responding to inquiries and investigations, and oral hearings. If a client is subject to an investigation, we have the required experience to provide the necessary assistance.
We also work with our experts on areas such as IT, automotive, insurance, litigation, employment law and M&A. This multi-disciplinary approach enables Houthoff to deliver well-thought-out solutions, and our specialists to help clients succeed.
Represented Ola Cabs in data access request proceedings before the Amsterdam District Court. This was the first judgment by an EU court on data portability.
Represented RDW (Dutch Vehicle Licence Authority) before the Dutch DPA and administrative courts in defence of complaints raised by a group of data subjects.
Houthoff advised multiple companies on compliance with the General Data Protection Regulation (GDPR).
Houthoff advised a major car manufacturer on the processing of big data (including personal data, vehicle data and location data) from connected cars.
Houthoff advised multiple companies on the preparation and negotiation of data processing agreements and data transfer agreements.
Houthoff advised various companies on compliance issues with e-discovery requests made in the United States.
Houthoff advised multiple companies on cross-border personal data transfers, including the use of standard contractual clauses and Binding Corporate Rules.
Advised a major car manufacturer on a privacy impact assessment and privacy compliance.