Kimberly assists Dutch and international clients with various matters in the field of data protection and IT law. She advises on the design and implementation of GDPR compliance plans and privacy-related matters such as cookie policies and direct marketing campaigns. She also assists her clients during and after data breaches. In addition, Kimberly assists clients with their IT related contract negotiations and legal proceedings. Kimberly is pragmatic, a true team player and loves a challenge.
Board member and co-founder of the Association for Young Privacy Lawyers
As co-founder, Kimberly currently acts as board member of the Association for Young Privacy Lawyers (“Jonge Privacy Advocaten Nederland”). This is an association for young privacy lawyers to share (practical) knowledge during informal lectures hosted by academics, experienced lawyers and privacy officers.
Kimberly has always had a special interest in human rights. She became interested in the concept of privacy law during her master’s degree in constitutional law at the University of Amsterdam. To further specialise in this specific human right, she completed the master’s degree in Internet, IP and IT law at another university: VU Amsterdam. She became a data protection / IT lawyer at a renowned and internationally operating law firm in 2018. She was part of the Technology, Media and Communication Team and gained practical experience as a secondee in the global privacy team of one of the biggest multinationals in the world.
Kimberly is a member of the Association for Privacy Law (VPR), the Netherlands Association for Information Technology and Law (NVvIR) and the Netherlands Association for AI and robot law (NVAIR).
Kimberly Friesen was invited to speak at Pakhuis de Zwijger on 19 May about Smart Mobility as part of a public debate series on Tech for Society.
The privacy rules on transfers of personal data have become stricter after the Schrems II ruling and the subsequent Recommendations by the European Data Protection Board (EDPB). Implementing these stricter rules in practice has turned out to be a complicated process for many organisations. However, as Kimberly Friesen explains in a recent blog for Data & Privacyweb, it seems unwise to not take any action. Several European supervisory authorities have already imposed fines for breaching these rules. (Dutch only)