Digital & data protection

The digital & data protection team is renowned for its strong foundation in GDPR, which it expertly combines with unique insights into new data legislation such as the Artificial Intelligence Act, Data Act, Data Governance Act, Digital Services Act, eIDAS2, NIS2, etc.

The work of the digital & data protection team encompasses six main pillars:

• Data Projects: Supporting large-scale and innovative digitalisation and data-sharing projects, including advising on strategy, contracting, compliance, and drafting legislative texts involving new technologies. We also provide risk assessments and strategic support in drafting and negotiating complex IT contracts, focusing on cybersecurity legislation including NIS2.

• Artificial Intelligence: Providing guidance on various AI projects, offering strategic legal advice on the application of and classification under the Artificial Intelligence Act, conducting impact and risk assessments of AI tools, assisting with AI compliance and governance, and drafting contracts.

• Litigation and Incident Response: Representing clients in privacy and data protection litigation before ordinary courts and tribunals, the Belgian Data Protection Authority following complaints in data protection matters, and in cases of cyber incidents and data breaches. Our team also handles cases before the Constitutional Court and Conseil d’Etat regarding data protection safeguards in legislation. We assist clients in managing incident response and offer strategic advice in the event of data breaches, particularly ransomware attacks, including providing support with incident management and notifications to supervisory authorities and data subjects.

• Strategic Advice: Advising on complex data protection matters, including international data transfers, health data, the interplay between GDPR and other legislation in such areas as ePrivacy, direct marketing, camera legislation, eSignatures, eArchiving, and the use of social security numbers, often within highly regulated contexts and sectors.

• Audits and Internal Investigations: Conducting 360° risk assessments, audits, and internal investigations in digital transformation and data projects involving new technologies.

• Drafting: Offering compliance services for numerous Belgian and multinational companies across various sectors. This includes establishing policy frameworks such as privacy and cookie policies, retention policies, data breach notification policies, record of processing activities, data subject request policies, data processing agreements, data protection impact assessments, data transfer impact assessments, and more.