Privacy law

This is how we can help you

Our Team

Since its establishment in 1995, our firm has an established name in the field of IT and privacy law. We keep track of all relevant developments and will be happy to provide you with a concrete and appropriate advice.

Apart from the GDPR, other rules and frameworks are also important, such as national implementation laws (in the Netherlands: UAVG), the Dutch Telecommunications Act and laws and several legislation and guidelines in the field of healthcare, IT law, intellectual property law or employment law. Ploum has a relatively large privacy team that deals with privacy law on a daily basis, whereby each lawyer has his or her own (additional) specialisation. For example, we have specific knowledge of privacy in the healthcare sector and in the workplace. We all have a passion for the IT and privacy practice and combine this with our specific expertise. Where necessary, we also consult with our colleagues from the corporate law section and/or the bankruptcy law section. Because we have all this expertise in-house, we can switch quickly and provide you with sound - and pragmatic - advice. 

Most of our more senior attorneys have completed a Grotius specialisation course and we are members of various relevant specialisation associations. These include: VIRA (Association for Information Technology Lawyers), NVvIR (the Dutch Association for Information Technology and Law), VPR (Privacy Law Association), IAPP (International Association of Privacy Professionals) and LES Benelux (Licensing Executives Society Benelux). Ploum is co-author of Global Privacy Book.

‘There's a lot of expertise in different fields. Complex matters are generally answered quickly and professionally and availability for consultation is exceptionally good.’ - Legal 500 EMEA 2025

‘The team is notable for its speed of thinking along and acting. It takes into account our interests and the latest developments in data privacy and data protection.’ - Legal 500 EMEA 2025

‘Dennis Zieren and his team are very dedicated and willing to help and support in all matters.’ - Legal 500 EMEA 2025

Our assistance

Our privacy team will be happy to assist you with the following:

• Drafting and reviewing agreements, other (required) documents and registers (compliance projects)
  data processing agreement, privacy statement, data breach protocol, data processing register, register of incidents, data retention policy, international data exchange (e.g. SCCs), (intercompany) data transfer agreement
• Advising on a wide range of privacy issues (including themes such as marketing, food, cybersecurity, energy, e-commerce and (health)care)
  cookies, marketing/advertising, opt-in, use of photos in advertisements, consumer data, online sales, employee tracking systems, WiFi tracking, hacks, cyber-attacks, security incidents, access control, staff alcohol and drug testing, camera surveillance, processing of health data, identity documents and citizen service numbers (in Dutch: BSN), e-health and scientific research
• Performing Data Protection Impact Assessments (DPIAs) and Transfer Impact Assessments (worldwide)
• Assessing obligations in the implementation of data subject rights (e.g. the right of access to or deletion of data) or setting up a related policy (SOP)
• Advising on personal data in case of bankruptcy or acquisition (M&A);
• Assisting in case of data breaches (e.g. notification obligations), disputes/proceedings (claims for damages or claims for access to or deletion of data) or investigations by authorities (such as the Dutch DPA).

We assist in proceedings in court as well as in arbitrations and investigations and/or sanctions imposed by authorities (e.g. the Dutch Data Protection Authority). We also have extensive experience in coordinating projects in various jurisdictions worldwide. This enables us, for example, to advise you on how to be 'compliant' with your web shop throughout Europe. We offer assistance in various other manners as well, such as by way of our Privacy Helpdesk, Privacy Tools and Privacy Knowledge Sessions (please see below).

Track Record

• Drafting (group) agreements for the (worldwide) exchange of personal data
• Assisting pharmaceutical companies in tightening up privacy policies and related documents (GDPR compliance), in conjunction with sector-specific legislation (e.g. drug distribution)
• Adjusting the privacy policy of a large organisation in the arts and culture sector
• Advising on direct marketing and the use of consumer data (opt-in vs opt-out)

Compliance projects

Do you want to be sure that your organisation complies with the basic principles of the GDPR? We have developed handy tools to examine this in a structured manner. Subsequently, we help to draft, negotiate and/or update all documents and contracts, perform DPIAs where necessary and, if desired, we also provide training to your employees for the implementation of policies. 

Privacy Tools and Privacy Helpdesk

With the Privacy Helpdesk, we provide short lines of advice, at a fixed/reduced rate, for (in particular) your Data Protection Officer (DPO) or (other) privacy officer. Our team will be pleased to provide you with fast and concrete advice that you can put into practice. With our Ploum Privacy Helpdesk, we do this immediately by telephone where possible. More information can be found here. For our clients, we also offer various Privacy Tools, such as a handy checklist that can be used when assessing data processing agreements and the Privacy Quick Scan.

Privacy Awareness Sessions

We give training sessions, workshops and/or lectures within companies and at conferences. In the field of privacy, we do this with respect to, among other things, privacy in the workplace (focused on your organisation or team, e.g. customer service, HR), privacy & marketing (incl. portrait rights) and privacy in healthcare (professional secrecy, e-health). We can help you to familiarize your employees (e.g. annually) with the GDPR obligations in practice.

Want to know more?

Please contact one of our specialists via the contact details below or privacy@ploum.nl.

‘Committed and expert lawyers. Lots of knowledge in-house. Pleasant people to work with, always an opportunity to spar. Think along with the organisation.’ – Legal 500 EMEA 2023

‘Extensive knowledge in specific areas of law. The lawyers listen carefully to what you want and are very involved. They are always easily accessible to answer questions.’ – Legal 500 EMEA 2023

‘The internal fast-tracking and the cooperation of teams within Ploum’s organisation significantly accelerated the project.’ – Legal 500 EMEA 2023