Eliëtte Vaal
IT Privacy lawyer / advocaat
Phone
+31 (0)6 29 47 71 74
Email
evaal@thedatalawyers.com
Social media
Facebook
Twitter
Instagram

Biography

Eliëtte advises national and international clients, from multinational companies to public organisations in complex privacy matters, GDPR compliance projects and acts as an external DPO. She is also an experienced litigator in cases concerning IT, IP and freedom of expression. Her professional focus lies in working in the legal field of technology and data. She provides strategic, risk-based, practical and to-the-point advice.


Background

Before founding The Data Lawyers in May 2020, Eliëtte worked as an IT and privacy lawyer at the international law firm AKD for over 10 years (2009-2019) and her own independent firm (2019-2020). She became interested in the concept of privacy and its effects on society during her studies at the Social Science Department of the University of Nijmegen and has been passionate about privacy law ever since. Eliëtte also holds a Master of Law degree from the University of Amsterdam and finished the post-academic degree at the Grotius Academy (Information Technology Law). She also obtained the CIPP/E credentials from the IAPP.


Network

Eliëtte has a strong international network in IT and data protection law as well as in other legal fields. She is an active member of the International Association of Privacy Professionals (IAPP), currently acting as one of the members of the European Advisory Board.


Public speaker and writer

Eliëtte is a frequent speaker at conferences and seminars. She also gives guest lectures and courses for both private training institutions and clients. She publishes frequently and is a permanent contributor to the Dutch journals on internet law (Tijdschrift voor Internetrecht) and Computer Law (Computerrecht).


Memberships

Eliëtte is also a member of various Dutch law associations. She has been admitted as a member of the Association of Privacy Lawyers (Vereniging Privacyrecht Advocaten). It is only open to members specialised - demonstrably and extensively - in the field of privacy law. Her other memberships include the Association for Privacy Law (VPR) and the Netherlands Association for Information Technology and Law (NVvIR).

Latest Posts
Do we need a Data Processing Agreement?
Article
Do we need a Data Processing Agreement?
By
Vonne Laan
Eliëtte Vaal

Vonne Laan and Eliëtte Vaal wrote an article on how to determine the privacy position of parties and what type of data protection agreement is required (Dutch only).

Read more
Arrow Icon
Role and responsibilities of the DPO
Event
Role and responsibilities of the DPO
By
Eliëtte Vaal

Eliëtte Vaal was a speaker at the IAPP KnowledgeNet Chapter meeting on the role and position of the Data Protection Officer (DPO) at Local Municipalities.

Read more
Arrow Icon
The cookie has crumbled: custom audiences to the rescue?
Article
The cookie has crumbled: custom audiences to the rescue?
By
Eliëtte Vaal
Vonne Laan

The digital marketing industry is in reform. For the past 25 years, third-party cookie-tracking has been one of the most important tools for online targeting and retargeting. How do things stand now? Are cookies future-proof or has the cookie crumbled, with custom audiences on social media platforms coming to the rescue?

Read more
Arrow Icon
Processor or (joint) controller: does the EDPB provide clarity?
Article
Processor or (joint) controller: does the EDPB provide clarity?
By
Eliëtte Vaal
Vonne Laan

The European privacy supervisors as united in the Data Protection Board (EDPB) have published new guidelines on the concept of “controller” and “processor”. What’s new, what’s better and what’s missing? Vonne Laan and Eliëtte Vaal determined this in their opinion for the Dutch scientific journal on internet law (Tijdschrift voor Internetrecht).

Read more
Arrow Icon
Update data transfers
Article
Update data transfers
By
Eliëtte Vaal
Vonne Laan

The CJEU Schrems II judgement of July 16th, 2020 affects the legitimacy of data transfers outside the EU. But what does this mean in practice? What is allowed and what is not in relation to transferring data outside the EEA? What measures can now be taken to legitimise such transfers? Read more about this in our White paper.

Read more
Arrow Icon
Lecture privacy law VNG legal conference 2020
Event
Lecture privacy law VNG legal conference 2020
By
Eliëtte Vaal

Eliëtte Vaal will speak at the yearly two-day conference of VNG, the Association of Netherlands Municipalities.

Read more
Arrow Icon
ePrivacy & Direct Marketing Seminar
Event
ePrivacy & Direct Marketing Seminar
By
Eliëtte Vaal
Vonne Laan

Eliëtte Vaal and Vonne Laan both spoke at the yearly ePrivacy & Marketing Seminar of IIR.

Read more
Arrow Icon
Naming and shaming under Dutch law
Article
Naming and shaming under Dutch law
By
Eliëtte Vaal

Under the GDPR the Dutch Data Protection Authority has the competence to actively publish fines and guidance including the names of the alleged offender(s). The naming of offenders cam lead to reputational damage. What legal measures are present to avoid publication by the DPA? Read more on this in our blog “Naming and shaming onder de AVG: hoe zit dat eigenlijk?” (in Dutch).

Read more
Arrow Icon
Course on CCTV under the GDPR
Event
Course on CCTV under the GDPR
By
Eliëtte Vaal

Eliëtte Vaal will provide a half day course at the Berghauser Pont Academy on GDPR & CCTV.

Read more
Arrow Icon
Measuring temperature with advanced digital thermometer might be subject to the GDPR
Blog
Measuring temperature with advanced digital thermometer might be subject to the GDPR
By
Eliëtte Vaal
Vonne Laan

Eliëtte Vaal and Vonne Laan wrote a blog about the changing position of the Dutch Data Protection Authority (DPA) during the COVID-19 outbreak towards measuring temperature of natural persons (Dutch only).

Read more
Arrow Icon