The team of Nádasdy Law Firm, formerly Noerr & Partners, has joined WTS Legal, an independent Hungarian legal partnership that has swiftly gained recognition in data protection and privacy law under the leadership of Edina Czegledy, who brings over 14 years of experience advising Hungarian and international clients across diverse sectors on complex national and cross-border matters.

CMS maintains a large data protection team comprised of ‘exceptional’ individuals who possess a ‘mastery of the subject matter’. The firm is a leading adviser to major international clients across technology, fintech, energy, and financial services, specialising in complex matters. The group's expertise encompasses the entire compliance lifecycle for generative AI, DORA, e-Privacy, and data transfers, as well as high-value work in cybersecurity, HR data processing, and TMT-related M&A. The team is led by Dóra Petrányi, who focuses on cybersecurity, data protection, and GDPR matters. CEE data protection co-ordinator Márton Domokos and Katalin Horváth, an expert in fintech and AI law, add depth, and are complemented by Péter Homoki, who shines for his ‘deep IT expertise’. The team is further supported by Anna Zsófia Horváth, who develops guidelines to enable the effective application of EU data protection and IT policies.

Hegymegi-Barakonyi and Fehérváry Baker&McKenzie Attorneys-at-Law maintains a full-service offering in its IPTech practice, with vast expertise in data privacy and proactive cybersecurity solutions. The firm advises multinational clients across the pharmaceutical, automotive, and banking sectors, with a focus on regional GDPR compliance, data breach handling, and the implementation of sophisticated NIS2 projects. Their work is integrated, encompassing internal investigations, cross-regulatory enforcement, and practical policy development, including matters related to whistleblowing compliance. The team is led by Csaba Vári, who provides complex GDPR compliance advice and assists clients with implementing compliant data processes. Other key members include András Gaál, an expert in data protection and IT law, and Anna Howe, who delivers tailored regulatory compliance solutions for multinational corporations.

Oppenheim Ugyvedi Iroda offers a long-established data, technology, and AI practice distinguished by a strong regulatory, contentious, and litigation background. The firm combines deep GDPR compliance expertise, including CEE-wide projects and DPO services, with advisory work on complex regulatory proceedings. It is highly active across the automotive, tech, and financial services sectors, routinely advising on sophisticated issues, such as data transfer structuring, whistleblowing compliance, and the data protection aspects of AI systems and the AI Act. The team is led by Ivan Bartal, an expert in IP and IT transactions, e-commerce, and AI governance.

Siegler Bird & Bird Ügyvédi Iroda operates one of the largest data protection practices in Hungary, with international clients spanning the automotive, healthcare, banking, and technology sectors. The firm excels in comprehensive GDPR audits, data breach management, and contentious regulatory proceedings before the Hungarian authorities. Its expertise also covers pioneering work in NIS2 compliance, the DSA, and AI development. The practice is co-led by Bálint Halász, who focuses on IT, privacy, and data protection litigation, and Ádám Simon, who handles cross-border cybersecurity compliance, NIS2 strategy, and international data transfers. They are ably supported by Judit Nagy, who is experienced with European data protection and privacy compliance matters.

VJT & Partners is a highly respected boutique with a data protection and privacy practice founded on a longstanding market presence that predates GDPR in Hungary. The firm secures regular mandates from leading international and Hungarian corporates, offering comprehensive support across the full spectrum of matters, from GDPR audits and cross-border data transfers to legal representation before the Data Protection Authority. Its expertise covers cutting-edge challenges in AI privacy compliance, NIS2 Directive implementations, whistleblowing hotlines, and pre-employment background checks. The team is jointly led by János Tamás Varga, a ‘strategic visionary’ and leading data protection lawyer, and Endre Várady, a leading figure who handles cross-border privacy matters and is noted for his ‘impressive knowledge of privacy and cyber law’. The core team is rounded out by Andrea Belényi, a trusted adviser in matters concerning regulation and compliance.

Kinstellar Andrékó Ferenczi & Társai Ügyvédi Iroda is a strong, multi-jurisdictional firm with a robust data privacy and data protection practice, excelling in complex cross-border projects across the CEE region. The firm provides GDPR compliance programmes, privacy-by-design advice, data retention policies, and handles regulatory audits. It is highly active in advising major international clients on internal investigations and the data protection aspects of AI. Its capabilities have been enhanced by the October 2024 arrival of Tímea Bana, the new head of TMT and a renowned expert in media, telecoms, and entertainment law, as well as IP and data protection. The team saw the departure of Dániel Endre Nagy  in August 2025.

BLB Legal Attorneys at Law maintains a strong focus on advanced GDPR compliance, including international data transfers, data breach responses, and digital investigations. The firm utilises its technical prowess to embed privacy by design and address the full range of new EU digital regulations, including the AI Act, DSA, NIS2, and DORA., leveraging the co-heads’ technical cybersecurity credentials. The team is jointly led by Ádám Liber, an expert in data protection and corporate compliance, and Tamás Bereczki, a cybersecurity specialist with a background in computer science. The duo is credited for complementing each other well and providing a ‘rare combination of technical excellence’.

DLA Piper Posztl, Nemescsói, Györfi-Tóth and Partners Law Firm boasts a wide-ranging data protection and privacy offering, providing localised expertise within the framework of GDPR and NIS2. The firm advises on day-to-day data privacy and cybersecurity matters, handles crisis management in the event of breaches, and represents clients in litigation. It also advises on EU-wide NIS2 compliance programmes. The practice is led by Zoltán Kozma, who focuses on data protection and IT transactional support, and he is ably supported by Márk Almásy, who specialises in GDPR compliance and cross-border data transfers.

KPMG Legal Tóásó Law Firm's data, digital, and technology practice differentiates itself by focusing on a wide array of important legislative areas, extending beyond traditional GDPR compliance. The firm offers highly specialised support in complex sectors, such as healthcare, financial services, and fintech, and excels in new digital laws, including the DSA, DMA, AI Act, and NIS2 requirements. Moreover, the team provides complex data protection due diligence, handles regulatory representation, and acts as local DPO for major multinationals. The practice is co-led by Fanni Márkus and Nóra Takács, experts in DPO management and GDPR implementation, respectively.

Widely recognised for delivering data protection and privacy advice in complex environments, Lakatos, Köves and Partners excels in an integrated advisory model that incorporates IP, employment, and consumer protection to manage data exposure from design through to enforcement. The practice regularly handles GDPR compliance, sophisticated cross-border data transfers, and high-risk DPIAs, specialising in the architecture of complex digital platforms and acting as an external DPO. The team is led by Iván Sólyom, who advises on complex data protection and data governance, and is complemented by Zsuzsanna Lukács, whose expertise encompasses GDPR implementation, international data transfers, and inquiries to supervisory authorities.

The dedicated digital and technology group at PROVARIS Varga & Partners focuses on technology, privacy, and digital regulation. The group is sought after for its ability to handle complex mandates that require expertise intersecting cybersecurity and regulatory compliance. It demonstrates deep engagement with key regulatory transformations, including DORA, NIS2, and the AI Act. Zsombor Orbán, who is recognised widely as a ‘top data privacy expert’ with specific expertise in TMT and NIS2 compliance, took over as leader of the practice following the departure of its co-heads, Adam Liber and Tamás Bereczki, in July 2025. The team’s capabilities were bolstered by the May 2025 arrival of Zoltán Herce, who brings substantial experience in regulatory banking and fintech matters.

Taylor Wessing Hungary operates with an integrated advisory model, unifying privacy, cybersecurity, and digital compliance. The firm is highly proactive in regulatory shifts, advising on complex, multijurisdictional projects involving the AI Act, NIS2, DSA, and the Data Act. It supports dynamic clients in AI-powered technology, industrial automation, and global consumer technology platforms, advising on comprehensive GDPR audits and vendor privacy compliance. The practice is headed by Dániel Ódor, an expert in GDPR compliance with years of experience advising multinational companies, and is complemented by János Kopasz, who is heralded as ‘one of the most impressive lawyers in Hungary’ for his knowledge of AI, regulatory, and privacy matters.

CERHA HEMPEL Dezso & Partners handles intricate GDPR compliance frameworks and executes detailed data protection audits. The firm is active in the transactional space, where it manages privacy-related due diligence and evaluates the compliance standing of target companies during acquisitions. Practice head Andrea Presser specialises in cross-border data movements, the application of technical security protocols, and e-commerce regulations. Tamás Polauf advises on the data protection elements of broader commercial instructions, and Tamás Novák focuses on privacy issues within the workplace, including the implementation of video monitoring and the management of data breaches.

CLV Partners - Csabai & Partners Law Firm integrates data protection expertise into its corporate and employment practice to handle multifaceted regulatory matters. The firm advises multinational corporations in the manufacturing, technology, and FMCG sectors on the privacy aspects of digital transformation and commercial contracting. Practice head Anna Katalin Papp is noted for her ‘strong legal thinking’ when overseeing the coordination of cross-border transactions and representing foreign-owned entities before courts. The group is particularly experienced in structuring whistleblowing frameworks and managing the privacy requirements of internal workplace investigations. This includes ensuring privacy by design is maintained during inquiries into sensitive corporate or harassment reports.

Réti, Várszegi and Partners PwC Legal's privacy and technology team specialises in personal data protection and compliance, and is particularly adept at handling complex, GDPR-compliant structures involving cross-border data transfers and emerging technologies, including AI, for data-driven clients. It offers comprehensive advisory services, including continuous DPO services to major international and domestic corporations, such as airport operators and retailers. The practice is led by Csilla Judit Dékány, who draws on expertise in IP/IT, cybersecurity, and civil law to provide strategic compliance counsel. She is ably supported by András Csenterics, a technology and privacy specialist in AI and cybersecurity, and another core member of the department Márton Farkas, who is experienced in major compliance projects and DPO delivery.

Schoenherr Hetényi Ügyvédi Iroda expertly manages data protection matters, including compliance audits and the implementation of internal privacy policies. The firm oversees the privacy components of corporate transactions and the setup of workplace monitoring systems. Practice head Dániel Gera has nearly two decades of experience, with a particular focus on the privacy aspects of handling HR data. He advises international and domestic clients across the energy, construction, and telecoms sectors on regulatory compliance. The team also assists retail clients with the privacy implications of marketing promotions and the management of incident reports.

Sándor Szegedi Szent-Ivány Komáromi Eversheds Sutherland routinely advises on GDPR compliance, data mapping, and internal privacy audits. The firm monitors shifting regulatory frameworks, such as NIS2 and DORA, to manage data obligations in HR and transactional contexts. Practice head Gergely Dzsinich handles cross-border data transfers, privacy impact assessments, and the data implications of AI usage. Katalin Varga focuses on the intersection of employment and privacy law, specifically regarding whistleblowing protocols and workplace monitoring. The team maintains an international outlook, frequently managing compliance issues that span the EU and Asian jurisdictions.

Operating through a data protection practice integrated within its employment department, Wolf Theiss Faludi Ügyvédi Iroda provides specialised expertise at the intersection of GDPR and employment law. The firm is highly regarded for its cross-border work and deep regional experience in CEE, advising clients on complex cybersecurity matters, employee monitoring, and compliance with new EU security regulations. The practice is jointly led by János Tóth, who specialises in data management, including handling data leaks and cybersecurity threats, and Barnabás Buzási, who possesses deep knowledge of Hungarian labour regulations and focuses on data protection compliance in employment and transactional contexts.