Vonne Laan
Privacy lawyer / advocaat
Phone
+31 (0)6 11 38 85 26

Biography

Vonne assists Dutch and international clients with various matters in the field of privacy, data protection and cybersecurity. She provides strategic advice that aligns commercial goals with compliance obligations.

More specifically, Vonne’s work entails the design and implementation of GDPR compliance plans, drafting and negotiating privacy agreements (e.g. data processing agreements), drafting other privacy documentation (e.g. privacy statements) and developing processing registers (data mapping). She also advises on privacy-related matters such as cookie policies, direct marketing campaigns and whistleblowing schemes. In addition, Vonne assists her clients in the event of enforcement by the competent authority or court proceedings.

Public speaker and writer

Vonne is a frequent speaker at conferences and seminars. She also gives guest lectures at Nyenrode Business University and the Windesheim University of Applied Sciences. In addition, she provides courses at private training institutions as well as for clients. Vonne also has many legal publications to her name and is the author of the privacy law edition of a Dutch standard series (Boom Basics Privacyrecht). She is furthermore a permanent contributor to the Dutch journals on internet law (Tijdschrift voor Internetrecht) and data protection case law (Jurisprudentie Bescherming persoonsgegevens).

Memberships

Vonne is an active member of the International Association of Privacy Professionals (IAPP), currently acting as the Co-Chair for the Dutch chapter. Furthermore, she is a member of various Dutch law associations such as the Netherlands Association of Privacy Lawyers (Vereniging Privacyrecht Advocaten). This association is only open to members specialised - demonstrably and extensively - in the field of privacy law. Her other memberships include the Association for Privacy Law (VPR) and the Netherlands Association for Information Technology and Law (NVvIR).

Background

Vonne became interested in the concept of privacy while working as an independent copywriter. How do we perceive privacy in a continuously digitalizing society? She became a privacy lawyer at a renowned internationally operating Dutch law firm in 2013 and gained further experience in this area. She was part of the Information Technology Team for five years until she started her own law firm – Value Privacy Law – in November 2018 and combined forces with Eliëtte Vaal in May 2020 to start The Data Lawyers.

Latest Posts
Processor or (joint) controller: does the EDPB provide clarity?

The European privacy supervisors as united in the Data Protection Board (EDPB) have published new guidelines on the concept of “controller” and “processor”. What’s new, what’s better and what’s missing? Vonne Laan and Eliëtte Vaal determined this in their opinion for the Dutch scientific journal on internet law (Tijdschrift voor Internetrecht).

Arrow Icon
The data processing agreement: facing the tough questions

Netwerk voor Ondernemende Juristen or OJ (nowadays known as WeLegal network) held an ICT expertmeeting on January 13th, last. Vonne Laan was invited to give a presentation on the requirements that apply to data processing agreements as well as other data protection agreements, and on the related negotiation tactics.

Arrow Icon
(Joint) controller(s) or processor?

What privacy obligations do you need to comply with? That depends on your privacy position. In this White Paper, Vonne Laan sets out the new guidance on this topic step by step.

Arrow Icon
Update data transfers

The CJEU Schrems II judgement of July 16th, 2020 affects the legitimacy of data transfers outside the EU. But what does this mean in practice? What is allowed and what is not in relation to transferring data outside the EEA? What measures can now be taken to legitimise such transfers? Read more about this in our White paper.

Arrow Icon
Financieel Dagblad: The Data Lawyers on cookie consent

The Data Lawyers were interviewed for a Dutch news paper (het Financieel Dagblad) in relation to the cookie consent rules.

Arrow Icon
Vonne Laan in Financieel Dagblad about smart watches

Vonne Laan was requested to provide input on the privacy aspects in relation to smart watches.

Arrow Icon
ePrivacy & Direct Marketing Seminar

Eliëtte Vaal and Vonne Laan both spoke at the yearly ePrivacy & Marketing Seminar of IIR.

Arrow Icon
Update and recap Direct Marketing rules: when exactly is consent required?

Over the last year, various European Data Protection Authorities have focused their attention to Direct Marketing. Already, various fines have been imposed for non-compliance with the privacy rules in relation to direct marketing activities. Thus, it is ever more important to mind the rules in this respect. This update may help you achieve this. It gives an overview on in which cases consent is required, and in which cases the legitimate interest can be relied upon. (Dutch only)

Arrow Icon
Measuring temperature with advanced digital thermometer might be subject to the GDPR

Eliëtte Vaal and Vonne Laan wrote a blog about the changing position of the Dutch Data Protection Authority (DPA) during the COVID-19 outbreak towards measuring temperature of natural persons (Dutch only).

Arrow Icon
Introductory lecture privacy law Windesheim

On 18 May 2020, Vonne Laan provided her regular introductory lecture on privacy law for students of the University of Applied Sciences Windesheim.

Arrow Icon