Data are digital transformation’s undisputed protagonists. Data are being collected and processed on an unprecedented scale and driving the emergence of innovative and disruptive products and services, new ways of developing know-how and adding value to undertakings' assets.

Investors and other stakeholders are turning their gaze to ESG issues and organizations are under growing pressure to implement data governance processes and procedures that can keep up with all the privacy regulations being churned out at blinding speed and tackle the increased financial, legal and reputation risks of compliance failures. If one is to manage such risks without adversely impacting the tremendous value of data, one must take a holistic and structured approach to these very important issues. Only if one defines and implements an effective data governance strategy that is in step with reality and the relevant organization’s sector will one be able to actually monetize data.

VdA has ample experience, know-how and proven track-record in dealing with privacy and data protection legal, regulatory and policy issues. We involve every relevant practice area required from time to time to provide multidisciplinary and all-encompassing legal services to different undertakings and other organizations and help them manage risk and maximize data value. 

Our team has a unique technical understanding of digital economy related legal and governance issues coupled with a vast and unparalleled knowledge of the different privacy challenges faced by and of the risks that most commonly affect each sector (finance and insurance, health care, electronic communications and media, energy, transportation, information technology, among others).


  • Advice in connection with the definition and implementation of data governance structures, including for corporate groups
  • Drafting of compliance programs and personal data protection policies
  • Assistance in risk assessments and privacy impact assessments
  • Definition of privacy by design and privacy by default methods in connection with the launch of new products or services
  • Advice in connection with the definition of business models when launching products or services
  • Drafting of data sharing agreements
  • Assistance in the definition of third-party engagement risk assessment processes
  • Assessment of technical/technological solutions in accordance with data protection rules
  • Advice in the implementation of international personal data transfer projects
  • Privacy due diligence in the context of M&A transactions
  • Assistance in data breaches and other legal violations related lawsuits
  • Implementation of training and on the job training programs
Please note, your browser is out of date.
For a good browsing experience we recommend using the latest version of Chrome, Firefox, Safari, Opera or Internet Explorer.