Global menu

Our global pages

Close


Data protection and cybersecurity


The implementation of data protection regulations is a challenge that every company has to face. The protection of personal data is more important than ever, not only because data protection violations can lead to high fines under EU law.

The number of cyberattacks is rising steadily and represents a risk that companies should not underestimate. Cyber incidents pose an existential threat for companies, as they can lead to immense losses due to loss of production, damage to reputation, administrative fines and claims for damages. Therefore, every company should be prepared for a cyber emergency.

Cybersecurity is also a matter of data protection. Every cyber incident relentlessly reveals the data protection practices of the affected company. We increase companies' awareness of cyber risks and prepare them for a possible emergency.

With a global team, we advise on all matters of data protection and cybersecurity.

Our services in this field:

  • Support in developing and implementing data protection strategies
  • Data protection-compliant design of business models, contracts and products, preparation of all kinds of data protection documentation (privacy notices, data processing agreements, records of processing activities etc.)
  • Data protection training for employees and managers
  • Employee data protection – drafting the necessary privacy notices for employees and the respective contract clauses in employment contracts
  • Support in data protection risk assessments and data protection impact assessments
  • Advice on data transfers to countries outside the EEA
  • Assistance in responding to data subject access requests and other requests by data subjects
  • Advice on the admissibility of newsletters and advertising campaigns under data protection law
  • Representation in proceedings before the Austrian Data Protection Authority and the Austrian Courts
  • Support in preparing crisis plans and implementing preventive measures against cyber incidents
  • Cyber incident response - rapid and global support in the event of a cyber incident.


Some examples of our expertise:
  • Advising numerous national and international companies across all industries on the implementation of their corporate data protection strategy
  • Drafting and revising hundreds of GDPR-compliant privacy notices and data processing agreements
  • Representing numerous national and international companies as well as private individuals in proceedings before the Data Protection Authority
  • Supporting companies in dealing with the direct and indirect challenges following a cyberattack
Print Friendly and PDF

© Eversheds Sutherland 2023. All rights reserved. Eversheds Sutherland is a global provider of legal and other services operating through various separate and distinct legal entities.

Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client.