Vonne assists Dutch and international clients with various matters in the field of privacy, data protection and cybersecurity. She provides strategic advice that aligns commercial goals with compliance obligations.
More specifically, Vonne’s work entails the design and implementation of GDPR compliance plans, drafting and negotiating privacy agreements (e.g. data processing agreements), drafting other privacy documentation (e.g. privacy statements) and developing processing registers (data mapping). She also advises on privacy-related matters such as cookie policies, direct marketing campaigns and whistleblowing schemes. In addition, Vonne assists her clients in the event of enforcement by the competent authority or court proceedings.
Public speaker and writer
Vonne is a frequent speaker at conferences and seminars. She also gives guest lectures at Nyenrode Business University and the Windesheim University of Applied Sciences. In addition, she provides courses at private training institutions as well as for clients. Vonne also has many legal publications to her name and is the author of the privacy law edition of a Dutch standard series (Boom Basics Privacyrecht). She is furthermore a permanent contributor to the Dutch journals on internet law (Tijdschrift voor Internetrecht) and data protection case law (Jurisprudentie Bescherming persoonsgegevens).
Vonne is an active member of the International Association of Privacy Professionals (IAPP), currently acting as the Co-Chair for the Dutch chapter. Furthermore, she is a member of various Dutch law associations such as the Netherlands Association of Privacy Lawyers (Vereniging Privacyrecht Advocaten). This association is only open to members specialised - demonstrably and extensively - in the field of privacy law. Her other memberships include the Association for Privacy Law (VPR) and the Netherlands Association for Information Technology and Law (NVvIR).
Vonne became interested in the concept of privacy while working as an independent copywriter. How do we perceive privacy in a continuously digitalizing society? She became a privacy lawyer at a renowned internationally operating Dutch law firm in 2013 and gained further experience in this area. She was part of the Information Technology Team for five years until she started her own law firm – Value Privacy Law – in November 2018 and combined forces with Eliëtte Vaal in May 2020 to start The Data Lawyers.
The digital marketing industry is in reform. For the past 25 years, third-party cookie-tracking has been one of the most important tools for online targeting and retargeting. How do things stand now? Are cookies future-proof or has the cookie crumbled, with custom audiences on social media platforms coming to the rescue?
Vonne Laan and Joep Bakker wrote an article on focus areas based on recent guidelines from inter alia the EDPB when concluding data processing agreements for VAST magazine (Dutch only).
The European privacy supervisors as united in the Data Protection Board (EDPB) have published new guidelines on the concept of “controller” and “processor”. What’s new, what’s better and what’s missing? Vonne Laan and Eliëtte Vaal determined this in their opinion for the Dutch scientific journal on internet law (Tijdschrift voor Internetrecht).
What privacy obligations do you need to comply with? That depends on your privacy position. In this White Paper, Vonne Laan sets out the new guidance on this topic step by step.
The CJEU Schrems II judgement of July 16th, 2020 affects the legitimacy of data transfers outside the EU. But what does this mean in practice? What is allowed and what is not in relation to transferring data outside the EEA? What measures can now be taken to legitimise such transfers? Read more about this in our White paper.
The Data Lawyers were interviewed for a Dutch news paper (het Financieel Dagblad) in relation to the cookie consent rules.
Vonne Laan was requested to provide input on the privacy aspects in relation to smart watches.
Eliëtte Vaal and Vonne Laan both spoke at the yearly ePrivacy & Marketing Seminar of IIR.
Eliëtte Vaal and Vonne Laan wrote a blog about the changing position of the Dutch Data Protection Authority (DPA) during the COVID-19 outbreak towards measuring temperature of natural persons (Dutch only).