We guide leadership teams in responsible AI, data use, privacy and cyber risk strategies. From governance and innovation to incident response and litigation, we help businesses navigate legal complexity and build ethical, resilient tech frameworks that safeguard data, uphold privacy rights and unlock the full potential of digital transformation. When legal challenges arise from data protection investigations, privacy litigation and cybersecurity incidents to cybercrime cases and AI-related disputes we protect your business with specialised expertise and tailored legal strategy.
-
Work highlights
- Advised Achmea,on various data protection matters.
- Delivered bespoke privacy and AI governance training to Arcadis.
- Assisting several fintech market parties with the upcoming implementation of the Second Consumer Credit Directive in the Netherlands, including credit card providers and providers of BNPL solutions.
- Advised Infomedics on matters concerning the processing of social security numbers for individuals to whom declarations are issued.
- We act as main counsel to Irdeto.
- Advised MSPS Group on legal structuring for innovative digital healthcare services and a group-wide e-commerce strategy, ensuring GDPR compliance and effective privacy strategies.
- Assisted PayU on an ongoing basis with anything tech, AI, cyber and data related, including advising on DORA implementation, various technology licensing and outsourcing transactions and on the use of GenAI solution.
- Provided GDPR support to Rosewood Hotel Group
- Advised S&P Global Platts on setting up a joint venture with the Port of Rotterdam for the first high-frequency decentralized energy trading platform, 'Distro Energy'.
- Shell GO+ app launch
- Advised the Advisory Committee on Diversity and Inclusion in Higher Education and Research (Adviescommissie Divers en Inclusief Hoger Onderwijs en Onderzoek – D&I HOO), an independent body established by the Dutch Ministry of Education, Culture and Science on GDPR matters on the collection and use of sensitive personal data.
- Advised the Municipality of The Hague on data processing practices within multi-stakeholder collaborations.
- Advised TripleTen on the introduction of the ‘Nebius Academy’ and NEMO AI-based recruitment tools, ensuring compliance with the AI Act and GDPR.
-
What others say
- ‘The NautaDutilh team is highly skilled and very knowledgeable. They have thorough knowledge and combine it with hands on advice.’ Legal500, 2025
- The rather young team at NautaDutilh is extremely dynamic and passionate about the subject matter. They have great visibility in the marketplace and each of its members are extremely active in the data protection community. It makes them the go-to team of the Benelux region on all tech-related matters.’Legal500, 2025
- ‘Great knowledge of privacy issues and able to customise it for our organisation.’ Legal500, 2023
- ‘The individuals have made sure that they understand our company, our culture and risk appetite properly before advising us. They are all very motivated and willing to deliver.’ Legal500, 2023
- ‘The team is very knowledgeable and cooperates internally like a charm. Due the continuing expansion of the team, clients can be assured that continuity is assured.’ Legal500, 2023
- ‘The team is very knowledgeable, practical and delivers work on time.’ Legal500, 2023
- ‘Very pleasant in meetings, very quick to react to questions and able to simplify complex issues.’ Legal500, 2023
- 'NautaDutilh’s continuously growing data privacy and data protection practice is always of great help to us when we need legal advice. They know our business very well and really understand the interaction of data privacy/data protection with our business. Would recommend!’ Legal500, 2023