Kinstellar is a great choice for clients looking for the best possible legal representation. The team is experienced, knowledgeable, and committed to getting the best results for clients.
Legal 500, 2023
Issues relating to the processing and protection of personal data are of fast-growing importance worldwide. Clients value our deep knowledge of data-related regulations and ability to offer pragmatic solutions. Our experience includes complex multijurisdictional data protection projects, comprehensive privacy risk assessments, support in negotiations, privacy by design advice, data analytics for start-ups, data breach response support and other security issues.
Kinstellar’s dedicated team of lawyers are experts in data-related legislation and are respected high-profile practitioners in their jurisdictions. We maintain regular contact with data protection authorities to monitor developments across Europe, Asia and the US and work closely with reputable data protection organisations (such as the IAPP).
Clients include life sciences companies, banks, insurance companies, retailers, traders, manufacturers, as well as marketing agencies and intermediaries.
Our work includes:
- structuring complex projects, including project management and coordination with other advisors
- cross-border transfers of data, drafting required documentation, and support in obtaining approvals by the authorities
- day-to-day support for in-house privacy teams, e.g., handling data subject requests, data processing agreements (DPAs), legitimate interest assessments
- drafting data protection documentation, e.g., compliance programmes, policies, data protection impact assessments (DPIAs), consents, cookie policies
- data protection audits
- advice on and drafting data retention policies
- project support and providing end-to-end privacy by design advice
- assistance with inspections by the authorities and with data breach response
- advice on the impact of GDPR outside the EU
- whistleblowing and employee monitoring
- data protection litigation and privacy claims
Compliance with EU privacy rules can be difficult and costly and requires specialised staff. We understand that the workload differs each month, therefore we offer our clients the Dedicated Privacy Lawyer service, which is based on expanding the capacity of their privacy and data protection team according to their needs, providing the right number of lawyers for peak times as well as down times.
Cybersecurity breaches expose companies to significant threats. In addition to any direct harm caused by such breaches, companies can also face investigations by the authorities, fines, and negative media coverage.
We assist clients with both threat prevention and the necessary steps to take in the event a cybersecurity breach occurs. Our comprehensive advice includes assistance with reporting, external communication, internal investigation (including employment law aspects). We work closely with technical experts, including ethical hackers, investigators, IT providers, asset-tracing specialists and insurers to provide clients with a full package of services.
Our lawyers offer considerable expertise in assisting clients with implementing local and European cybersecurity-based requirements. They also remain in close contact with cyber-watchdog agencies.
Our work includes:
- structuring cybersecurity projects to ensure compliance with local and international norms (including project management and coordination with other advisors)
- advice and support when considering appropriate organisational and security measures
- drafting comprehensive cybersecurity documentation
- negotiating cybersecurity contracts with IT, hardware and network providers
- incident documentation and incident reporting, including on-site support and crisis management
- pre-litigation and litigation support resulting from security incidents (including insider threats and employee errors)
- preparation of documentation for penetration testing
- cybersecurity due diligence in M&A transactions
- reviews of client data management and data protection practices
- cybersecurity audits