DATA PRIVACY · GDPR · CYBERSECURITY

Data Privacy · protecting your most valuable asset

Full‑service data protection advice, from GDPR compliance to breach response and international data transfers. Based in Brussels, at the heart of EU regulation.
Our data privacy team combines deep regulatory knowledge with practical, business‑focused solutions. We help clients navigate the complex landscape of EU data protection, cybersecurity, and AI regulation.

8,200+

GDPR compliance projects

7,500+

DPAs negotiated

235+

cross‑border transfers

350+

breach responses

GDPR Compliance

Comprehensive compliance programmes, data mapping, gap analysis, and policies. Tailored to your organisation's risk profile.

  • Records of processing
  • Privacy policies
  • DPIAs

Data Protection Agreements

Drafting and negotiating DPAs, data sharing agreements, and intra‑group transfer arrangements.

  • Controller‑processor agreements
  • SCCs & BCRs
  • Data sharing agreements

International Data Transfers

Advice on cross‑border transfers, adequacy decisions, SCCs, and supplementary measures post‑Schrems II.

  • EU‑US Data Privacy Framework
  • Binding Corporate Rules
  • Transfer Impact Assessments

Data Breach Response

24/7 breach response, notification strategies, and liaison with data protection authorities.

  • Breach assessment
  • Authority notifications
  • Communication strategies

Cybersecurity & NIS2

Advice on cybersecurity frameworks, incident response, and compliance with the NIS2 Directive.

  • NIS2 compliance
  • Security measures
  • Incident reporting

AI & Data

Intersection of AI and data protection: AI Act compliance, data governance for AI systems, and ethical AI frameworks.

  • AI Act & GDPR
  • Training data compliance
  • Algorithmic transparency

Key regulatory frameworks

GDPR EU General Data Protection Regulation
NIS2 Directive Cybersecurity & incident reporting
EU AI Act Risk‑based AI regulation
ePrivacy / eIDAS Cookies, e‑marketing, digital identity

Data privacy team

Sophie Dubois – Partner, head of data privacy
Karim Alami – Cybersecurity & NIS2
Elena Ceulemans – AI governance, data ethics
Matthias Vandenbroeck – Breach response, litigation
+ 5 dedicated privacy professionals (CIPP/E certified)

"Pauwels Law Group guided us through a complex cross‑border data transfer project involving 315 jurisdictions. Their practical advice and deep understanding of the SCCs were invaluable."

— Group Data Protection Officer, multinational logistics group

Global privacy network

We coordinate with leading privacy firms worldwide, providing seamless advice for multinational organisations on binding corporate rules, cross‑border transfers, and global compliance programmes.

EU representation UK GDPR US privacy (CCPA) APAC / Japan

Recent data privacy insights

EDPB guidelines on pseudonymisation: key takeaways
NIS2 implementation in Belgium: what you need to know
EU‑US Data Privacy Framework: practical guide
AI Act and data protection: intersections and overlaps
2026 Pauwels Law Group – Brussels Bar. Data privacy practice. Privacy & cookie policy | Legal notice