Privacy and Cyber Security

Digitalisation is associated with privacy problems and also changes the threat landscape and risk situation regarding undesirable incidents, but also represents a significant interval of opportunity for improving efficiency, automation and value creation. Clear and practical advice from us helps to ensure that the opportunities created by new technology can be taken advantage of.

At Brækhus, we are aware that handling personal data, trade secrets and other data represents a risk factor for businesses. A key factor is the general legal risk presented by incorrectly handling personal data or having inadequate security, which can lead to breaches of statutory requirements. Of equal importance is commercial risk, i.e. the danger that companies can risk losing reputation, prestige and turnover. For forward-thinking and smart businesses, this presents an interval of opportunity and competitive advantage, and we very much enjoy helping them to make the most of these.

We provide businesses and authorities with advice on how to navigate the regulations and industry-specific requirements regarding security and the processing of personal data and other data. Our technology lawyers have interdisciplinary expertise and are ready to assist our clients in technology matters relating to company law, intellectual property rights, taxes and VAT, etc.

Brækhus is a member of Privacy Rules, a network of specialised attorneys, IT and data crisis communication specialists.

The team at Brækhus Advokatfirma DA is well known for advising large Norwegian and international companies on IT contracts, disputes, procurement matters and technology transactions. The group continues to advise Simplifai on distributorship and sub-licensing agreements with UK and US companies, as well as optimising its current SaaS-templates for international distribution. Stein E Hove is a key contact for IT litigation and contracts, and Brede A Haglund is sought after for his expertise in data protection law. Alexander Mollan was promoted to associate partner in July 2022.

Legal 500

Examples of what we do

  • Electronic marketing and cookies
  • Establishment of basis for transfer of personal data to third countries (BCR, EU’s standard contracts and Transfer Impact Assessments)
  • Crawling and scraping of personal data
  • Special challenges involved in the use of cloud services
  • Data protection declarations and data processing agreements
  • Talks, workshops and project assistance
  • Privacy in the workplace (e.g. access to emails, use of video surveillance or other control measures)
  • Data protection officer as a service
  • Establishment of internal controls, guidelines and procedures for handling requests from registered entities (e.g. for access, rectification and deletion)
  • Compliance, investigation and risk management
  • Data Protection Impact Assessments (DPIA) and risk assessments
  • Handling breaches of security
  • Regulatory requirements regarding information security
  • Security testing (pen testing)
  • Transactions, due diligence and transfer of ownership
  • Contact with the authorities and dispute resolution (Norwegian Data Protection Authority, Norwegian Privacy Appeals Board and the courts)