Data Protection

Personal data is a vital resource for modern businesses. However, the processing of such data is subject to strict regulations. Wiersholm provides guidance on optimising the management of such data in compliance with the Personal Data Act and the General Data Protection Regulation (GDPR).

Our Services

Preparing and quality-assuring privacy policies, statements, consent texts, etc.

Drafting data processing agreements, joint processing responsibility agreements, and data transfer agreements

Assisting with assessments of data protection principles, processing bases, and other GDPR requirements

Advising on transferring personal data to third countries using Binding Corporate Rules (BCRs), Standard Contractual Clauses (SCCs), and conducting transfer impact assessments (TIAs)

Establishing routines for access, correction, deletion, data portability, and other privacy rights

Assessing risks associated with personal data processing.

Implementing privacy in technology, products, and services

Developing routines for storing and deleting personal data

Advising on information security requirements, including cybersecurity, and handling security breaches

Guiding the use of personal data for marketing, online advertising, and cookies

Advising on employee data processing, control measures, email access, and technology use in the workplace

Reviewing GDPR compliance in acquisitions, mergers, and other transactions

Advising on responsible data use in AI solutions in line with the AI Act

Assisting with supervision by the Norwegian Data Protection Authority, complaints to the Data Protection Board, and court disputes

Oslo Privacy Conference

Oslo Privacy Conference stands as one of the largest gatherings for the business community focused on privacy and GDPR. The conference aims to provide a platform for sharing experiences, discussing current issues, and learning from one another.

Read more about the conference

Data protection is a fundamental human right. Undertakings may gain and maintain customers’, users’ and employees’ trust only by processing personal data in compliance with the current regulations. At the same time, data protection must be weighted against the need for value creation, innovation and control. We help your business find solutions that comply with the data protection requirements without compromising business needs.

Wiersholm is one of the country’s leading law firms in terms of data protection expertise. We assist private businesses and public enterprises in understanding and complying with current regulations. Our team stays abreast of policies and practice of the Norwegian Data Protection Authority, the Norwegian Privacy Appeals Board, the courts, the European Data Protection Board (EDPB), the European Data Protection Supervisor (EDPS), the Court of Justice of the European Union and other European supervisory authorities. This way, we ensure that our clients receive professionally sound and up-to-date data protection law advice.

Our approach is practical and solution-oriented. We emphasise that documentation and routines should be simple, understandable and feasible.

Our data protection team also has expertise in related areas of law, such as cyber security and artificial intelligence (AI). In addition, we work closely with the Employment Law team on data protection issues in the workplace, and with the Financial Regulatory team on data protection issues in the financial industry.