Data protection law is growing still more complex and is constantly challenged by digital development. The area involves significant possibilities for development of new and optimisation of existing business areas through increased utilisation of personal data. However, if an organisation does not comply with the rules, it may have serious consequences in the form of large fines, loss of goodwill and market value, claims for damages as well as leaks and abuse of personal data.

The GDPR took effect on 25 May 2018. According to the GDPR, all public and private organisations are now subject to stricter statutory requirements in connection with the processing of personal data. The focus on lawful processing of personal data has increased. Organisations have introduced procedures and changed work processes in order to ensure ongoing compliance, including for instance in relation to data processors, documentation requirements and reduction of risk. Data controllers as well as data processors are subject to the strict statutory requirements, and merely collecting for instance a person's name, an email address or a telephone number will activate the rules.

We can help
Our advisory services focus on practical solutions. Our clients are Danish enterprises, international corporations with head offices or subsidiaries in Denmark, and public authorities. We have vast experience advising clients on the interaction between data protection law and special legislation, including financial, health and marketing legislation. We adapt our advisory services to the organisation's strategy and commercial reality – regardless whether it is a small enterprise, a C25 enterprise or a public authority. Over the past years we have assisted more than 300 organisations with data protection compliance, including the implementation of GDPR.

Our advisory services include:

  • Data protection strategy, including data protection compliance programmes
  • Mapping of personal data
  • Gap analyses
  • International data transmissions, including BCR
  • Security breach
  • Outsourcing
  • DPA Service
  • DPO Support
  • DPO Services
  • GDPR Support
  • Pactius
  • SmartDraft
  • Processing of employee information
  • Data protection for marketing purposes
  • Use of customer information and cookies
  • Data protection law, due diligence procedures and business transfer
  • Data protection compliance audit (download folder here)
  • Data protection mock audit
  • Data processor agreements and control of data processors
  • Data Protection Agency permits
  • Apps, AI, big data, etc.

Cloud computing.We can help ensure that you comply with legislation, for instance by offering a data protection pre-analysis or an audit examining whether the measures already implemented are sufficient and are observed by the organisation. We assess the risks and make the necessary operational implementation recommendations ("closing of gaps"). 

We also offer DPO training for organisations that are obligated to or voluntarily appoint a DPO. This training is also useful for organisations that are not required to have a DPO but want one of the most in-depth data protection courses on the market.

When required to ensure optimal advisory services, we cooperate with our experts in the areas of, for instance, Compliance, Real Estate & Construction, EU & Competition, Labour and Employment Law, Pension, Insurance. 

Data Protection

Data Privacy and Protection

Ranking: tier 1

The IP and technology team at Bech-Bruun works with a range of clients, including public bodies, Danish businesses and global corporations. Led by Mikkel Friis Rossa, the group advises on the full gamut of data protection issues, from GDPR disputes and outsourcing mandates to DPO services and the implementation of data protection compliance programmes. Other key members of the team include Susanne Stougaard, who focuses on gap analyses and data mapping, and newly promoted partner Charlotte Bagger Tranberg, who is an expert in EU law.

The Bech-Bruun house delivers very professional and thorough advice. The Data privacy and protection team is in our opinion one of the most competent teams in Denmark.

Bech-Bruun has a very practical approach to complex legal issues and understands the value of aligning solutions with business needs, when possible.

With their highly specialized team in data protection, Bech-Bruun offers a very unique service, also to public authorities.

Seen from the point of view of the client the team gives us a perfect match. We are receiving extremely competent advice and unrequested information about new practices. Our requests are treated immediately and with a prompt response.

Legal 500, Data Privacy and Protection


Let us call you

If you would like us to call you, please contact us via email here