Data protection

Data Protection Lawyers for Businesses and Law Firms

The Faros Data Protection Team supports companies in the most diverse aspects of data protection law. This includes both companies that we assist regularly and those that - for example, in the context of an investigation or an acquisition - require more occasionally, specialised assistance. We also work closely with numerous law firms focusing on other areas of law. They call on our team when specialized data protection questions or procedures arise. We are very proud of the trust our colleagues place in us, and they can attest that our collaboration is always pleasant, efficient, and seamless.

In a Nutshell

Faros advises on all matters relating to the GDPR, as well as other data protection legislation, such as the ePrivacy Directive, the Data Act, the AI Act, the NIS2 Directive and various sector-specific data protection legislation (including in the healthcare and automotive sectors). As a trusted advisor, we guide our clients on all strategically important data protection questions. Audits and Impact Analyses ('DPIA’)

AI, Internet of Things (‘IOT’) and Other Innovative Technologies

Faros advises companies on the development and use of artificial intelligence, IOT products and other technologies, in line with regulations such as the AI Act and ePrivacy legislation. For example, we support companies in developing strategies to ensure the lawful implementation of AI solutions.

Audits and Impact Analyses ('DPIA’)

The experts of the Faros Data Protection Team have extensive know-how and experience in conducting audits and other compliance projects, such as data protection impact assessments (‘DPIA’). We guide companies in mapping their processing activities and implement data protection principles, such as privacy by design, data minimisation and transparency.

Data Breaches and Other Incidents

In the event of a data breach, the Faros Data Protection Team provides immediate support with notifications to authorities and data subjects. Our team is trained to efficiently analyse and document data breaches. In addition, we also assist in preparing an incident response plan.

Data Protection at Work

Compliance with data protection rules concerning employee data is essential, both for ensuring respect for employees and protecting the employer's reputation, as well as for the smooth operation of the company, for example in cases of absences or fraud investigations.

The Faros Data Protection Team is ready to support companies in all aspects of data protection in the workplace. This ranges from drafting internal policies, such as for IT use and monitoring, to implementing whistleblowing systems and complying with legal requirements in HR processes. Thanks to our extensive expertise, we provide workable solutions that balance the interests of both employers and employees.

International Data Transfers and Intra-group Data Sharing

Faros provides expert advice to companies on intra-group and international data transfers, including drafting Standard Contractual Clauses and other mechanisms to make data flows GDPR-compliant. We have extensive experience with complex issues, including conducting data transfer impact assessments.

Marketing and Customer Data

Our team offers clear and practical advice on direct marketing campaigns, cookies, loyalty programmes, push notifications and so on. With our extensive experience, we support companies in seamlessly integrating complex legal requirements into their marketing strategies.

M&A

The introduction of the GDPR has a significant impact on M&A transactions. The transfer of and access to personal data of employees, customers and suppliers (or their contacts) by the seller, potential acquirers and their advisors during transactions, particularly during the due diligence, must be in full compliance with GDPR requirements. In addition, there is a growing focus on how personal data is processed within the target and to what extent the target itself is GDPR-compliant.

The Faros team provides pragmatic support in ensuring GDPR compliance during due diligence and in assessing the target's level of compliance. Moreover, we advise on the continued use of (customer) data after the acquisition, always with a focus on workable and forward-looking solutions.

Requests for Access, Rectification, Data Erasure, etc.

Faros assists companies in efficiently following up on data subject requests such as access, rectification, data erasure and transfer. Our team helps establish internal processes can meet their GDPR obligations in a timely and correct manner, without losing sight of day-to-day business operations.