Lawrence Advocaten offers a specialism across data, AI, and technology mandates, leveraging the sector expertise of Jeroen van Woezik and Robert-Guillaume Chin A Sen, who joined from Turing Law.

Morrison Foerster opened in Amsterdam in January 2025, bringing over an experienced team from its Brussels office. The team acts for clients across the technology, healthcare, NGO, and government sectors on privacy law, regulatory compliance, and data governance.

Rubicon Impact & Litigation B.V. integrates data protection and cybersecurity into its core practice, providing guidance on GDPR, privacy governance frameworks, cross-border data transfers, and incident response. The firm was founded in November 2024 by a group including data protection expert Vita Zwaan.

Brinkhof advises leading companies across the technology, media, healthcare, financial services and e-commerce sectors on the full spectrum of data protection and privacy law. The team’s work spans regulatory investigations, enforcement challenges, collective actions, and compliance projects under the GDPR, e-privacy, and consumer protection frameworks. Leading the practice is Quinten Kroes, a renowned authority in telecoms, media and data protection law, with a distinguished track record in both regulatory and litigation matters. Remon van Saane, who provides ‘strategically relevant’ advice, is another key contact. The practice strengthened its ranks in March 2025 with the arrival of Nicole Bilderbeek, who brings significant experience in data privacy litigation.

De Brauw Blackstone Westbroek’s cyber, data and privacy practice acts at the forefront of significant and high-profile matters. The team regularly advises on cross-border enforcement, landmark collective actions, regulatory investigations, and precedent-setting disputes. Geert Potjewijd, who is highly skilled in litigation, regulatory enforcement and GDPR collective actions, co-leads the practice alongside Axel Arnbak, a specialist in data and cybersecurity law who offers strategic guidance to boards of major multinational corporations. Andreas Häuselmann is well-versed in AI and data protection law, while recent 2024 arrival Rebecca Aspetti is particularly knowledgeable in digital rights, internet technology policy, and EU advocacy.

Kennedy Van der Laan manages a substantial workload encompassing data privacy, cybersecurity, and regulatory compliance mandates. The practice is led by a trio of experts: Hester de Vries, who advises public and private clients on building robust data strategies, ensuring GDPR and ePrivacy compliance; Quirine Tjeenk Willink, an administrative litigator who handles data protection enforcement, regulatory investigations, and compliance; and Rosalie Brand, who guides clients through complex cyber incidents, including ransomware, fraud, and cyber espionage. Integral to the team is Judica Krikke, who brings strong capabilities in IT law, cloud sourcing, software licensing, data protection, and digital transformation. In February 2025, the team welcomed Erik Jonkman, who has a notable specialism in cyber risk, incident response, and civil claims.

Pels Rijcken acts at the intersection of data protection, privacy, cybersecurity, and regulatory compliance mandates. The team regularly handles collective redress proceedings, regulatory enforcement, and advisory matters involving sensitive personal data, international data transfers, and the use of emerging technologies such as AI. The practice is led by Gerrit-Jan Zwenne, who brings extensive expertise in privacy and data protection law, internet and telecom law, blockchain, cloud services, and generative AI; Marte van Graafeiland who assists public authorities and regulators on GDPR and sector-specific privacy regimes; and Jeroen Naves, who advises on technology law, IT contracts, and data exchange, and represents clients in complex IT disputes and procurement processes. Meine Dijkstra retired in October 2024.

Van Doorne‘s multi-faceted privacy and data protection practice manages high-profile investigations, regulatory enforcement matters, and multi-party litigation, including class actions and administrative proceedings. The team provides guidance on international data transfers, emerging technologies, IT contracts, compliance programs, and data governance frameworks. The practice group is co-led by experienced partner Elisabeth Thole, who oversees both regulatory compliance and contentious privacy matters, and Özer Zivali, who possesses significant knowledge regarding contentious data protection matters, data breaches, and enforcement.

A&O Shearman supports on data, privacy, cybersecurity, and digital regulatory matters, spanning compliance, enforcement, investigations, and general risk management. The team acts for leading financial institutions, technology companies, media and telecoms providers, insurers, and other major corporates across regulated industries. Practice head Nicole Wolters Ruckert advises at the nexus of data, privacy, and technology law, and assists clients on matters including complex compliance obligations and proceedings before the Dutch Data Protection Authority. Marleen Huisman is a further data protection compliance expert. Marleen van Putten left the firm in May 2025.

Bird & Bird supports clients across the technology, life sciences, automotive, and industrial sectors with day-to-day compliance as well as large-scale data protection projects. The practice is steered by Berend van der Eijk, a market reference for data protection and technology law, covering EU digital regulation, cross-border data transfers, and privacy matters, and Wilfred Steenbruggen, who advises international corporations on GDPR compliance, regulatory enforcement, and data protection issues. Technology and privacy law associate Julia van der Veen joined the team in May 2025, while Shima Abbady departed in October 2025.

Eversheds Sutherland advises clients across the TMT, pharma, and financial services sectors on data privacy, GDPR compliance, AI, and cross-border data transfers. The practice also supports clients through litigation, regulatory investigations, and incident response. Leading the team is Olaf van Haperen, who is for sought-after for his strong knowledge of personal data protection, IT, and cybersecurity law, making him well-positioned to advise on privacy projects and manage cyber breaches. An ‘excellent sparring partner', Robbert Santifort is a further key team member.

Hogan Lovells International LLP regularly advises on AI and data governance, data protection, ePrivacy, cybersecurity, IT contracts, licensing, and regulatory compliance mandates. The team supports clients through cross-border projects, cyber incident response, and engagement with supervisory authorities, including the navigation of evolving global frameworks. Joke Bodewits, who heads the practice, advises on data protection, AI, and cybersecurity matters. Bodewits also represents clients before supervisory authorities across Europe, including in GDPR enforcement actions. Highly sought-after among global corporates, Chantal van Dam supports the team on regulatory compliance, governance frameworks, and strategic projects.

Data protection, privacy, and IT law form the cornerstone of Project Moore Advocaten‘s practice, which supports clients through AI governance mandates, GDPR compliance, digital health platform matters, and regulatory investigations. The team includes Lieneke Viergever and Eva Visser, who assist public and private sector clients with technology transactions, data-driven projects, and IT-related litigation. Jeroen Koëter and Céline van Waesberge are recognised for their proficiency in handling data privacy, IT, and data protection matters for clients in the health and life sciences sector.

SOLV Advocaten‘s IT and privacy practice advises on data protection disputes, GDPR, data governance, privacy policies, and the management of cybersecurity incidents and data breaches. The practice is led by IT and privacy law specialist Wanda van Kerkvoorden, who provides counsel and litigation support on software compliance, licensing, and cloud sourcing matters. Anouck Bakhuis advises and represents major corporations and organisations in complex privacy, IP, and collective litigation matters. Recent departures include Douwe Linders and Stan Elsendoorn, who left the firm in January and May 2025, respectively.

CMS offers a wide privacy and data protection practice, providing guidance on cybersecurity, risk management, AI governance, and regulatory matters. Following Erik Jonkman‘s departure in late 2024, the team is now led by Simon Sanders, who advises on the contracting and implementing of IT projects, and Tom Jozak, whose recent work focuses on GDPR compliance, cross-border data transfer strategies, and AI governance frameworks. Leonard Böhmer, who joined the firm in 2024, handles litigation for major clients.

Housing a broad team of data protection, privacy, and cybersecurity experts, Freshfields LLP offers considerable experience in class and mass tort litigation, investigations, transactional data issues, and breach response. Leading the practice is Mark Egeler, who advises TMT and financial services clients on regulatory compliance and data breaches, and represents them in contentious matters before Dutch and European authorities. In July 2025, IP and IT specialist Tilly Berkhout joined the team, following the departure of Tim Walree in January 2025.

Houthoff adeptly handles litigation and regulatory disputes alongside advisory work in data governance, cybersecurity risk management, contract negotiations, and cross-border data and IT matters. Thomas de Weerd, who heads the data and digital practice groups, advises on cyber and data compliance and manages the consequences of major cybersecurity incidents. De Weerd is supported by Jurre Reus, who focuses on data protection litigation and consumer law matters, including GDPR proceedings and complaints concerning subject access and deletion requests. The ‘outstanding’ Marco Moeskops is a further key contact.

Loyens & Loeff assists clients in the emerging technology and digital platform sectors in navigating legislative frameworks and sector-specific regulatory challenges. The team regularly handles litigation and dispute resolution, data breach management, and international data transfers. Key contacts include Linde Vrolijk, Laurien Knorringa, and Eva Laan.  Kim Lucassen departed the firm in July 2025, while Nina Orlić left in October 2025.

NautaDutilh’s data protection and cybersecurity practice serves a mix of public- and private-sector clients across diverse industries, including technology, finance, healthcare, and digital services. The team provides guidance on data sharing, cybersecurity incidents, cross-border transfers, and regulatory enforcement. It also handles high-profile cross-border investigations, litigation, and class actions. Practice head Joris Willems advises clients on a host of AI, privacy, and technology matters, including AI governance, digital transformation, and technology investments. Danique Knibbeler is a further integral team member.

The technology and data department at Taylor Wessing regularly supports clients through GDPR compliance, international data transfers, and regulatory investigations. The practice is led by Otto Sleeking, who focuses on IT projects and data protection proceedings, including claims and complaints before the Data Protection Authority, and Martijn Loth, who specialises in technology-related contracts and ensuring compliance with data protection law and regulation. Tim de Klerck joined the team in September 2025.

Chaired by Martin Hemmer, AKD is well-equipped to handle IT, privacy, and data protection matters, including enforcement actions, data access disputes, and compliance across sectors such as healthcare, HR, and security. The ‘very knowledgeable’ Sophie Hendriks is another key team member and stands out regarding privacy, data protection, IT, and AI law issues.

BarentsKrans acts for a broad range of clients across the technology, financial services, real estate, healthcare, and infrastructure sectors. Marc Elshof leads the team and demonstrates a strong track-record across the full scope of data, technology, and cybersecurity matters, such as data governance and compliance, complex IT projects, and related contentious claims. Elshof is supported by Julius Louter, who is also specialised in data and technology.

Dentons provides strategic advice on data protection, AI, cybersecurity, and data breach issues. The practice is co-chaired by Alexander Odle, who focuses on IT law and technology transfers, and Elze ’t Hart, who joined in January 2025 and brings extensive experience advising on EU and Dutch regulations covering digital transformation, AI, and e-commerce. Rosemarie Schaar supports clients with data protection and cybersecurity matters.

DLA Piper is at the forefront of data privacy and cybersecurity law. The team advises on compliance, regulatory engagement, investigations, enforcement actions, and disputes. Practice leader Richard van Schaik counsels clients on both contentious and non-contentious matters, including GDPR compliance, data breach and cyberattack response, and the design and implementation of privacy governance frameworks.

Greenberg Traurig LLP is active across the data protection and privacy law landscape. The practice manages IT and cloud contract negotiations, data transfer issues, privacy and cybersecurity risk assessments, healthcare data projects, and M&A and commercial technology transactions. Practice lead Herald Jongen advises major technology companies, government bodies, and leading financial institutions on data protection, IT outsourcing, and GDPR compliance.

Holla legal & tax possesses ‘a deep understanding’ of data privacy, data protection, cybersecurity, and emerging technologies developments. The team regularly acts for clients across the healthcare, IT, energy, and innovation spaces. Practice leader Kim de Bonth is highly knowledgeable in privacy, data protection, and IT contracting matters. Femmie Schets has a ‘winning combination’ of privacy, AI, and cybersecurity expertise. Christopher Cats and Nathalie van der Zande joined the team in September 2024 and March 2025, respectively.

Data privacy and data protection are core areas of focus for HVG Law B.V. which advises clients on a host of key industry developments including cybersecurity and AI matters. Led by Saskia Vermeer de Jongh and supported by Merien Voorboom, the practice handles a vast range of mandates, including data protection compliance, GDPR implementation, risk management, and related litigation.

Norton Rose Fulbright ‘combines in-depth knowledge’ of data protection and privacy with a ‘practical approach’. The team is headed by the ‘excellent’ Jurriaan Jansen, who acts for listed companies across multiple sectors on data protection, cyber risk management, incident response, and technology-related contracts. Naomi Schuitema focuses on cross-border data transfers. In 2025, the team welcomed Alina Warmerdam, who advises on data protection compliance as well as transactional IT and IP matters, following the departure of Tilly Berkhout .

Boutique firm Turing Law advises on all facets of IT, data, and digital transformation. The team is steered by Huub de Jong, who manages ICT and data privacy disputes. Corine d’Hulst is ‘very knowledgeable when it comes to GDPR issues'. Sjaak Nouwt joined the practice in February 2025 as an external advisor. Jeroen van Woezik and Robert-Guillaume Chin A Sen left the firm in January 2026, while Marijn Rooke departed in September 2025.