Dr. JörgHladjk

Partner

Brussels + 32.2.645.15.30

Connect:

Share

Jörg Hladjk has assisted clients with complex and international cybersecurity and data protection matters for more than 18 years. He leads the Cybersecurity, Privacy & Data Protection Practice in Brussels, which is top-ranked in The Legal 500 EMEA.

Jörg advises clients across all industry sectors, including automotive, IT, energy, and life science. His work covers implementing the EU General Data Protection Regulation (GDPR), developing global compliance strategies, obtaining approvals for Binding Corporate Rules, advising on the EU-U.S. Transatlantic Data Transfer Framework, data breach preparedness and cyber incident response, as well as contentious matters and regulatory investigations. He has a significant track record advising on data and cyber issues in cross-border M&A transactions.

Jörg also advises companies on the following new EU data and cybersecurity regulations: Data Governance Act (DGA), Data Act (DA), Artificial Intelligence Act (AI Act), Digital Services Act (DSA), Digital Operational Resilience Act (DORA), and Network Information Security Directive 2 (NIS 2).

His representations include advising a major U.S-based software company on its offering of cybersecurity tools for the EU, a global automotive supplier on its GDPR implementation program, a multinational company on its strategy for connected cars, and a medical device company on its mobile app technology.

Jörg is chair of the advisory board of the industry association Trust in Digital Life (TDL). He has authored more than 50 legal articles and has coauthored leading EU commentaries, including GDPR (Ehmann/Selmayr, 1st/2nd/3rd editions). He sat on the IAPP Publications Advisory Board from 2018 to 2020. Since July 2021, Jörg is co-issue leader for cybersecurity at AmCham EU.

Experience

  • GfK sells European Consumer Panel (GfK CP) business to YouGovJones Day advised GfK SE in the €315 million sale of its European Consumer Panel business (GfK CP) to YouGov PLC, a leading international online research data and analytics technology group headquartered in the United Kingdom and listed on the London Stock Exchange (LSE: YOU).
  • Labcorp completes spin-off of FortreaJones Day represented Labcorp (NYSE: LH), a leading global life sciences company, in the spin-off of Fortrea, the newly formed independent Contract Research Organization providing Phase I-IV clinical trial management, market access and technology solutions to pharmaceutical and biotechnology organizations around the world.
  • iSTAR Medical enters into strategic alliance with AbbVieJones Day advised iSTAR Medical SA in its strategic alliance with AbbVie (NYSE: ABBV).
  • Consortium BelGaN Group BV acquires ON Semiconductor Belgium BVJones Day advised the consortium BelGaN Group BV with the acquisition of ON Semiconductor Belgium BV, a subsidiary of Semiconductor Components Industries, LLC, which designs and manufactures semiconductors components.
  • Orange and Masmovil combine in €18.6 billion mergerJones Day advised Orange, S.A. ("Orange"), one of the world's leading telecommunications operators, on the combination of their telecom business in Spain with Masmovil, one of the leading telecommunications operators in Spain, for an enterprise value of €18.6 billion (€7.8 billion for Orange Spain and €10.9 billion for Masmovil).
  • Fragbite acquires Lucky Kat B.V.Jones Day advised Fragbite Group AB, a global esports and gaming company, in the acquisition of Lucky Kat B.V.
  • STERIS acquires Cantel Medical for $3.6 billionJones Day advised STERIS plc in its acquisition of Cantel Medical Corp, a global provider of infection prevention products and services primarily to endoscopy and dental customers, for $3.6 billion.
  • Sumitovant Biopharma acquires remaining stake in Urovant SciencesJones Day advised Sumitovant Biopharma in its acquisition of all of the outstanding shares of Urovant Sciences Ltd. not already owned by Sumitovant at a price of $16.25 per share in cash.
  • International chemicals producer conducts internal auditJones Day is advising an international chemicals producer in conducting a multi-national internal antitrust audit.
  • Sumitomo Dainippon Pharma acquires late stage biopharma companies and forms alliance with Roivant Sciences Ltd. worth $3 billionJones Day advised Sumitomo Dainippon Pharma Co., Ltd. ("Sumitomo") in an acquisition of late stage biopharma companies and formation of alliance with Roivant Sciences Ltd.
  • ICON acquires Symphony Clinical ResearchJones Day advised ICON plc as health care, clinical trial regulatory, and data privacy diligence counsel in its acquisition of Symphony Clinical Research, a leading provider of at-home patient and site support services.
  • Fortune 500 manufacturing company investigates cyberattacks targeting payment card data on eCommerce siteJones Day directed the investigation into cyberattacks targeting payment card data on an eCommerce site of a Fortune 500 company's recently-acquired subsidiary.
  • Arsenal Capital Partners acquires HistoGeneX and Caprion BiosciencesJones Day advised Arsenal Capital Partners on major investments in HistoGeneX and Caprion Biosciences and the subsequent combination of the two businesses.
  • Evidera acquires MedimixJones Day advised Evidera, a business unit of Pharmaceutical Product Development, LLC, in its acquisition of Medimix International, a global technology company providing real-world evidence (RWE) insights and information to the pharmaceutical, diagnostic, and medical device industries.
  • Garmin® acquires Tacx, the leading manufacturer of indoor bike trainersJones Day advised Garmin Ltd. in its acquisition of the Tacx group, a Dutch family business that designs and manufactures high end indoor bike trainers, tools and accessories, as well as indoor training software and applications.
  • SAP acquires Qualtrics for $8 billionJones Day advised SAP in its $8 billion acquisition of Qualtrics International Inc., the global pioneer in the experience management software category.
  • Procter & Gamble acquires consumer health business of Merck KGaAJones Day advised The Procter & Gamble Company (“P&G”) in its €3.375 billion ($4.2 billion) acquisition of the worldwide consumer health business of Merck KGaA.
  • Advantage Solutions acquires Jun GroupJones Day advised Advantage Solutions on its acquisition of Jun Group, an industry-leading mobile video advertising company.
  • Financial services company conducts internal investigation into potential FCPA violationsJones Day assisted a financial services company in conducting an internal investigation into potential FCPA violations.
  • Global information technology company implements EU General Data Protection Regulation (GDPR)Jones Day is advising a global information technology company regarding its implementation of the EU General Data Protection Regulation (GDPR).
  • Global supplier of automotive systems implements pan-EU data protection compliance programJones Day is advised a global supplier of automotive systems on the strategy and implementation of a pan-EU data protection compliance program.
  • U.S. software company launches cybersecurity toolsJones Day is advising a U.S-based software company on its offering of cybersecurity tools for the EU and on related compliance questions.
  • Randstad acquires Monster for $429 millionJones Day advised Randstad Holding nv (AMS: RAND), a leading human resources services provider, in the acquisition of Monster Worldwide, Inc. (NYSE: MWW).
    • View All

    April 2024 Alert

    CISA Releases Proposed Cyber Incident and Ransom Payment Reporting Rules to Implement CIRCIA

    March 2024 Alert

    China Finalizes Provisions on Cross-Border Data Transfer

    February 2024 Newsletters

    EU Emergency Response Update – Key Policy & Regulatory Developments No. 112

    March 2024 Newsletters

    Vital Signs: Digital Health Law Update | Winter 2024

    JANUARY 2024 Alert

    EU Releases Data Act to Facilitate Access and Use of Data

    December 2023 Newsletters

    EU Emergency Response Update – Key Policy & Regulatory Developments No. 111

    November 2023 Newsletters

    EU Emergency Response Update – Key Policy & Regulatory Developments No. 110

    November 2023 Newsletters

    EU Emergency Response Update – Key Policy & Regulatory Developments No. 109

    December 2023 Alert

    EU Strikes Political Deal on Landmark Artificial Intelligence Act

    November 2023 Newsletters

    Vital Signs: Digital Health Law Update | Fall 2023
    View All

    Additional Publications

    • February 2019
      The German Facebook Case – Towards an Increasing Symbiosis Between Competition and Data Protection Laws?, Competition Policy International
    • February 2019
      The German Facebook Case – Towards an Increasing Symbiosis Between Competition and Data Protection Laws?, coauthor, CPI Antitrust Chronicle

    Speaking Engagements

    • October 4, 2023
      Speaker, Jones Day - Cybersecurity and Privacy Update: A Roundtable Discussion of Key Developments and Hot Topics (Rise of Data Subject Access Requests (DSARs)
    • June 21, 2023
      Speaker, Jones Day - Cybersecurity and Privacy Update: A Roundtable Discussion of Key Developments and Hot Topics (Personal Data Transfers – Update on new EU-U.S. Transatlantic Data Privacy Framework)
    • April 25, 2023
      Panelist, Jones Day Sixth Annual Latin American Privacy and Cybersecurity Symposium - Session 5: Key Developments in Cybersecurity, AI, and Data Protection: Europe vs. Latin America (English)
    • October 14, 2022
      Speaker, Jones Day - Compliance difficulties of data security and personal information protection 数据安全和个人信息保护合规难点
    • October 12, 2022
      Speaker, Jones Day - Cybersecurity and Privacy Developments for Life Sciences companies
    • September 28, 2022
      Moderator, panel, What If Privacy Shield 2.0 Never Happens? Practical Advice On Lawful International Data Transfers at PrivSec Amsterdam (Part of the Digital Trust Europe Series)
    • June 22, 2022
      Speaker, Jones Day - Cybersecurity and Privacy Update: A Roundtable Discussion of Key Developments and Hot Topics (GDPR enforcement trends)
    • December 15, 2021
      Speaker, Jones Day - Life Sciences Cyber Session: Cybersecurity and Privacy risks in life sciences transactions
    • September 22, 2021
      Moderator, Session 5. The GDPR vs. Brazil's General Data Protection Law, Jones Day's Fifth Annual Latin America Data Protection, Privacy & Cybersecurity Symposium
    • June 24, 2021
      Speaker, Cybersecurity Incidents – EU Legal Framework and Data Breach Response, BJA Webinar on Cybersecurity – how to prepare your company for a Cyber Crisis
    • March 26, 2021
      Speaker, Obligation to document data breaches and Post-breach management measures: contract management and liability issues, Online Seminar "Responding to personal data breaches in the Post-GDPR", Academy of European Law (ERA)
    • January 13, 2021
      Jones Day - Cybersecurity and Privacy Update: A Roundtable Discussion of Key Developments and Hot Topics (Update on Schrems II Developments)
    • October 8, 2020
      Session 2: Practical GDPR – Challenges in real life/lessons learned, Legal Council
    • November 11, 2019
      How to close the deal: Data protection risks and solutions for M&A transactions, Roundtable Topic Discussion, IAPP Europe Data Protection Congress 2019
    • October 23, 2019
      Big Data and GDPR, IDACON Data Protection Congress
    • June 18, 2019
      GDPR - a catalyst for digital transformation? European Association for Identity and Security (EEMA) Annual Conference 2019
    • June 6, 2019
      The GDPR One Year On: A Look at the Lessons From Implementation and the Next Steps for Compliance and Enforcement
    • May 23, 2019
      Eighth Annual European Labor & Employment Conference
    • April 30, 2019
      Panelist, Cybersecurity and Data Governance: Threat Landscape, Legal Regime, and Policy Challenges, Seminar: Cybersecurity, Data Protection, and the Rule of Law - Evolving Policy and Legal Risks in a Global Digital Economy, Jones Day and Peking University Law School
    • April 10, 2019
      Data Localization and Privacy Regulations - Cybersecurity Risk Management Council
    • January 2019
      Implications of the US Cloud Act and Other Developments Regarding Data Protection in Context of the USA, GDD Winter Workshop
    • November 29, 2018
      International Data Breach Notification: How to Get it Right, Roundtable Topic Discussion, IAPP Europe Data Protection Congress 2018
    • October 25-26, 2018
      Data Protection and Open Banking: Experiences and Expectations
    • October 5, 2018
      Marketing under GDPR: Challenges, experiences and solutions, IAPP Brussels KnowledgeNet Chapter
    • October 1, 2018
      Wearables in the context of data protection regulations (Risks & Challenges), FIFA Football Technology & Data Summit 2018
    • February 28, 2018
      Antitrust and Data Portability Rights, EMEA Conferences: GDPR and Antitrust
    • January 2018
      The European Union's General Data Protection Regulation (GDPR), Jones Day MCLE University
    • January 2018
      The ePrivacy Regulation, Jones Day MCLE University
    • January 2018
      The European Union's General Data Protection Regulation (GDPR), Jones Day MCLE University
    • October 23, 2017
      How to Prepare for the GDPR for Japanese Companies
    • October 17, 2017
      The EU-U.S. Privacy Shield in context of the developments in the USA, Annual IDACON Conference
    • September 14, 2017
      Introduction to the GDPR - Top 10 Implementation Issues for Companies
    • July 12, 2017
      The Upcoming ePrivacy Regulation: Status and Assessment of the Commission’s Proposal, IAPP Knowledge Net
    • April 25, 2017
      GDPR Workshop: Best Practices for Implementing the EU General Data Protection Regulation, Jones Day Seminar
    • April 24, 2017
      GDPR Workshop: Best Practices for Implementing the EU General Data Protection Regulation, Jones Day Seminar
    • April 5, 2017
      Le RGPD en détail – Analyse des directives des autorités de protection des données et des efforts de mise en œuvre au niveau national
    • April 2, 2017
      The EU Cybersecurity Directive—What Do the New Rules Mean for Business?, 10th Annual GDD Seminar Data Protection International
    • March 15, 2017
      Webinar Series: EU General Data Protection Regulation (three-part series)
    • November 28, 2016
      Advanced Training for Data Protection Officers on "International Data Transfer: EU Standard Contractual Clauses and Privacy Shield", German Federal Association of Data Protection Officers (Berufsverband der Datenschutzbeauftragten Deutschlands (BvD) e.V.)
    • October 14, 2016
      What to Do in Case of a Cyber-Incident or Data Breach: How to Prepare for, and Avoid, a Crisis, Jones Day Seminar
    • October 14, 2016
      Crisis Management: Prepare for the Unexpected
    • September 13, 2016
      Binding Corporate Rules under the EU General Data Protection Regulation (GDPR), IAPP Knowledge Net
    • August 2, 2016
      A Briefing on the EU-U.S. Privacy Shield
    • July 11, 2016
      Overview and business impact of the EU GDPR – How can companies prepare for compliance?, Japanese Chamber of Commerce, Data Protection Seminar
    • June 16, 2016
      Trust in the Digital World - The EU General Data Protection Regulation - How can companies prepare for compliance?
    • October 14 and 15, 2015
      Advanced Training for Data Protection Officers on "International Data Transfer", German Federal Association of Data Protection Officers (Referentin der Fortbildungsveranstaltung des Berufsverbands der Datenschutzbeauftragten Deutschlands (BvD) e.V. zu "Internationaler Datentransfer")
    • April 23, 2015
      Status und Vergleich der grenzüberschreitenden Datenschutzkonzepte: APEC Cross Border Privacy Rules und EU Binding Corporate Rules, 8. GDD-Fachtagung Datenschutz International 2015
    • December 3, 2014
      Can the EU legal framework promote trust? Challenges towards trusting the network and the Cloud, NetWorld2020 GA 2014: The future of telecommunication networks
    • November 18, 2014
      Internet of Things, Data Protection and Security: What are the Legal Challenges, and How Do We Overcome Them?, IAPP Europe Data Protection Congress 2014
    • November 12, 2014
      Enforcement action risks for organizations of multinational reach. Understanding regulation and global enforcement trends and the impact for General Counsel and Data Protection Officers, The Future of Data Protection Conference
    • May 12, 2014
      The EU Cybersecurity strategy – overview and business impact, European Data Protection Days (EDPD)
    • April 28, 2014
      APEC Privacy Framework – Geschäftsaktivitäten im asiatisch-pazifischen Wirtschaftsraum, 7. GDD-Fachtagung Datenschutz International 2014
    • April 28, 2014
      APEC Privacy Framework – Geschäftsaktivitäten im asiatisch-pazifischen Wirtschaftsraum, 7. GDD-Fachtagung Datenschutz International 2014
    • April 28, 2014
      Technologien für mobiles, kontaktloses Bezahlen (NFC), 15. Jahresfachkonferenz, Datenschutz und Datensicherheit (DuD 2013)
    • June 3, 2013
      Successfully Navigating Hazardous Waters: The 3rd Joint ABA/DAV Conference on Transatlantic Deals and Disputes, Data Privacy for M&A Lawyers

    Before sending, please note:

    Information on www.jonesday.com is for general use and is not legal advice. The mailing of this email is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.