Vonne assists Dutch and international clients with various matters in the field of privacy, data protection and cybersecurity. She provides strategic advice that aligns commercial goals with compliance obligations.
More specifically, Vonne’s work entails the design and implementation of GDPR compliance plans, drafting and negotiating privacy agreements (e.g. data processing agreements), drafting other privacy documentation (e.g. privacy statements) and developing processing registers (data mapping). She also advises on privacy-related matters such as cookie policies, direct marketing campaigns and whistleblowing schemes. In addition, Vonne assists her clients in the event of enforcement by the competent authority or court proceedings.
Public speaker and writer
Vonne is a frequent speaker at conferences and seminars. She also gives guest lectures at Nyenrode Business University and the Windesheim University of Applied Sciences. In addition, she provides courses at private training institutions as well as for clients. Vonne also has many legal publications to her name and is the author of the privacy law edition of a Dutch standard series (Boom Basics Privacyrecht). She is furthermore a permanent contributor to the Dutch journals on internet law (Tijdschrift voor Internetrecht) and data protection case law (Jurisprudentie Bescherming persoonsgegevens).
Vonne is an active member of the International Association of Privacy Professionals (IAPP), currently acting as the Co-Chair for the Dutch chapter. Furthermore, she is a member of various Dutch law associations such as the Netherlands Association of Privacy Lawyers (Vereniging Privacyrecht Advocaten). This association is only open to members specialised - demonstrably and extensively - in the field of privacy law. Her other memberships include the Association for Privacy Law (VPR) and the Netherlands Association for Information Technology and Law (NVvIR).
Vonne became interested in the concept of privacy while working as an independent copywriter. How do we perceive privacy in a continuously digitalizing society? She became a privacy lawyer at a renowned internationally operating Dutch law firm in 2013 and gained further experience in this area. She was part of the Information Technology Team for five years until she started her own law firm – Value Privacy Law – in November 2018 and combined forces with Eliëtte Vaal in May 2020 to start The Data Lawyers.
Vonne will speak about the legal considerations when using AI systems, at the Dutch Data Forum 2024. AI is being applied more and more. But what legal aspects do you need or are recommendable to take into account?
Vonne will speak about enforcement at Privacyweb’s Privacy Symposium on 28 November 2023. She will discuss the topic together with a senior inspector of the Dutch Data Protection Authority.
As of today, Vonne’s new book about privacy law can be purchased: Privacyrecht Begrepen. It is published by Boom Juridisch as part of their standard series Recht Begrepen.
Vonne was invited to speak about enforcement at this years’ Data Protection Congress of Outvie. What type of enforcement cases did we see over the last period? What can we learn from them?
Vonne Laan will participate in a panel discussion during IAPP Data Protection Intensive: Nederland 2023 on Children's Online Privacy and Data Protection on 14 June.
Vonne Laan will moderate an IAPP KnowledgeNet virtual event on 21 April 2022, which will focus on the opportunities and challenges that come with class actions and the GDPR from a Dutch litigation perspective.
The subject for this year's annual CPO Privacy Day Symposium on 25 May 2022 will be Algorithms and Artificial Intelligence. Vonne Laan of The Data Lawyers is invited as one of the speakers.
On 28 January 2022, an IAPP KnowlegdeNet event on the investigation and enforcement practice of the Dutch Data Protection Authority was moderated by Vonne Laan.
The 10th annual edition of the IAPP Europe Data Protection Conference in Brussels featured a session with Eliëtte Vaal and Vonne Laan of The Data Lawyers, on the One-Stop-Shop Mechanism (OSS) under the GDPR. The application of the OSS in practice has been met with some resistance and its scope seems unclear. This session aimed to bring more conceptual clarity and practical guidance.