Vonne Laan
Privacy lawyer / advocaat
Phone
+31 (0)6 11 38 85 26
Email
vlaan@thedatalawyers.com
Social media
Facebook
Twitter
Instagram

Biography

Vonne assists Dutch and international clientswith various matters in the field of data, AI and privacy. She litigates, both in individual cases as well as in class actions. Using this litigation experience, she provides strategic advice that aligns commercial goals with compliance obligations. More specifically, her strategic input covers the following laws: the GDPR, the AI Act and other EU Data Laws (incl. the Digital Services Act, Data Governance Act, Data Act, Digital Markets Act, Open Data Directive and NIS2). She also advises on privacy-related matters such as online tracking, data breaches, direct marketing campaigns and escalated privacy complaints from individuals.

Public speaker and writer

As a public speaker, Vonne is frequently asked to present or moderate at conferences and seminars. She also gives guest lectures at universities and provides courses at private training institutions or for clients. Vonne has many legal publications to her name and is the author of two books about privacy law (Boom Basics Privacyrecht and Privacyrecht Begrepen). In addition, she regularly contributes to the Dutch legal journals Tijdschrift voor Internetrecht (internet law) and Jurisprudentie Bescherming Persoonsgegevens (data protection case law)."

(Board) Memberships

·        Vonne is Chair of the Board of the Dutch Register for Data Protection Officers: NRFG (Stichting het Nederlands Register voor Functionarissen voor Gegevensbescherming). The aim of the register is to improve the position of qualified DOPs in the Netherlands.

·        Vonne is a member of the Supervisory Board of The Privacy Collective. The Privacy Collective is a foundation that started a class action against Oracle and SalesForce for illegal online tracking.

·        Vonne is a member of various Dutch legal associations, including the Vereniging Privacyrecht Advocaten (Netherlands Association of Privacy Lawyers) and the Netherlands Association for Information Technology and Law (NVvIR).

Background

The concept of privacy became interesting to Vonne while she was working as an independent copywriter. How do we perceive privacy in a continuously digitalizing society? She became a privacy lawyer at a renowned internationally operating Dutch law firm in 2013 and gained further experience in this area. She was part of the Information Technology Team for five years until she started her own law firm in November 2018 and combined forces with Eliëtte Vaal in May 2020 to start The Data Lawyers.

Latest Posts
The cookie has crumbled: custom audiences to the rescue?
Article
The cookie has crumbled: custom audiences to the rescue?
By
Eliëtte Vaal
Vonne Laan

The digital marketing industry is in reform. For the past 25 years, third-party cookie-tracking has been one of the most important tools for online targeting and retargeting. How do things stand now? Are cookies future-proof or has the cookie crumbled, with custom audiences on social media platforms coming to the rescue?

Read more
Arrow Icon
Focus areas for concluding data processing agreements
Article
Focus areas for concluding data processing agreements
By
Vonne Laan
Joep Bakker

Vonne Laan and Joep Bakker wrote an article on focus areas based on recent guidelines from inter alia the EDPB when concluding data processing agreements for VAST magazine (Dutch only).

Read more
Arrow Icon
Processor or (joint) controller: does the EDPB provide clarity?
Article
Processor or (joint) controller: does the EDPB provide clarity?
By
Eliëtte Vaal
Vonne Laan

The European privacy supervisors as united in the Data Protection Board (EDPB) have published new guidelines on the concept of “controller” and “processor”. What’s new, what’s better and what’s missing? Vonne Laan and Eliëtte Vaal determined this in their opinion for the Dutch scientific journal on internet law (Tijdschrift voor Internetrecht).

Read more
Arrow Icon
The data processing agreement: facing the tough questions
Event
The data processing agreement: facing the tough questions
By
Vonne Laan

Netwerk voor Ondernemende Juristen or OJ (nowadays known as WeLegal network) held an ICT expertmeeting on January 13th, last. Vonne Laan was invited to give a presentation on the requirements that apply to data processing agreements as well as other data protection agreements, and on the related negotiation tactics.

Read more
Arrow Icon
(Joint) controller(s) or processor?
Article
(Joint) controller(s) or processor?
By
Vonne Laan

What privacy obligations do you need to comply with? That depends on your privacy position. In this White Paper, Vonne Laan sets out the new guidance on this topic step by step.

Read more
Arrow Icon
Update data transfers
Article
Update data transfers
By
Eliëtte Vaal
Vonne Laan

The CJEU Schrems II judgement of July 16th, 2020 affects the legitimacy of data transfers outside the EU. But what does this mean in practice? What is allowed and what is not in relation to transferring data outside the EEA? What measures can now be taken to legitimise such transfers? Read more about this in our White paper.

Read more
Arrow Icon
Financieel Dagblad: The Data Lawyers on cookie consent
News
Financieel Dagblad: The Data Lawyers on cookie consent
By
Vonne Laan

The Data Lawyers were interviewed for a Dutch news paper (het Financieel Dagblad) in relation to the cookie consent rules.

Read more
Arrow Icon
Vonne Laan in Financieel Dagblad about smart watches
News
Vonne Laan in Financieel Dagblad about smart watches
By
Vonne Laan

Vonne Laan was requested to provide input on the privacy aspects in relation to smart watches.

Read more
Arrow Icon
ePrivacy & Direct Marketing Seminar
Event
ePrivacy & Direct Marketing Seminar
By
Eliëtte Vaal
Vonne Laan

Eliëtte Vaal and Vonne Laan both spoke at the yearly ePrivacy & Marketing Seminar of IIR.

Read more
Arrow Icon
Update and recap Direct Marketing rules: when exactly is consent required?
Article
Update and recap Direct Marketing rules: when exactly is consent required?
By
Vonne Laan

Over the last year, various European Data Protection Authorities have focused their attention to Direct Marketing. Already, various fines have been imposed for non-compliance with the privacy rules in relation to direct marketing activities. Thus, it is ever more important to mind the rules in this respect. This update may help you achieve this. It gives an overview on in which cases consent is required, and in which cases the legitimate interest can be relied upon. (Dutch only)

Read more
Arrow Icon