Dr. JörgHladjk

Partner

Brussels + 32.2.645.15.30

Jörg Hladjk's practice has focused on European cybersecurity and data protection matters for more than 15 years. Jörg leads the Cybersecurity, Privacy & Data Protection Practice in Brussels. The practice is top-ranked in The Legal 500 EMEA, and Jörg has been recognized as a leading practitioner by The International Who's Who of Data Privacy & Protection Lawyers since 2012.

Jörg advises multinational clients across all industry sectors, with an emphasis on automotive, IT, energy, and life science. His work covers implementing the EU General Data Protection Regulation (GDPR) and obtaining approvals for Binding Corporate Rules, ePrivacy compliance, data breach preparedness, and incident response under the EU Cybersecurity Directive, as well as contentious data protection matters. Jörg also has a significant track record advising on data protection issues in cross-border M&A transactions.

Jörg's notable recent representations include advising a major U.S-based software company on its offering of cybersecurity tools for the EU, a global automotive supplier on its GDPR implementation program, a multinational company on its strategy for connected cars, and a medical device company on its mobile app technology. Other representative clients include: Astellas Pharma, Garmin International, Procter & Gamble, Toyota, Goldman Sachs, IBM, ICANN, and Wells Fargo.

Jörg is chair of the advisory board of the industry association Trust in Digital Life (TDL) and was co-chair of the IAPP Brussels KnowledgeNet Chapter. He has authored more than 40 legal articles and has coauthored leading EU commentaries, including GDPR (Ehmann/Selmayr, 1st/2nd editions). He sat on the IAPP Publications Advisory Board from 2018 to 2020. Since July 2021, Jörg is co-issue leader for cybersecurity at AmCham EU.

Experience

  • STERIS acquires Cantel Medical for $3.6 billionJones Day advised STERIS plc in its acquisition of Cantel Medical Corp, a global provider of infection prevention products and services primarily to endoscopy and dental customers, for $3.6 billion.
  • Sumitovant Biopharma acquires remaining stake in Urovant SciencesJones Day advised Sumitovant Biopharma in its acquisition of all of the outstanding shares of Urovant Sciences Ltd. not already owned by Sumitovant at a price of $16.25 per share in cash.
  • International chemicals producer conducts internal auditJones Day is advising an international chemicals producer in conducting a multi-national internal antitrust audit.
  • Sumitomo Dainippon Pharma acquires late stage biopharma companies and forms alliance with Roivant Sciences Ltd. worth $3 billionJones Day advised Sumitomo Dainippon Pharma Co., Ltd. ("Sumitomo") in an acquisition of late stage biopharma companies and formation of alliance with Roivant Sciences Ltd.
  • ICON acquires Symphony Clinical ResearchJones Day advised ICON plc as health care, clinical trial regulatory, and data privacy diligence counsel in its acquisition of Symphony Clinical Research, a leading provider of at-home patient and site support services.
  • Fortune 500 manufacturing company investigates cyberattacks targeting payment card data on eCommerce siteJones Day directed the investigation into cyberattacks targeting payment card data on an eCommerce site of a Fortune 500 company's recently-acquired subsidiary.
  • Arsenal Capital Partners acquires HistoGeneX and Caprion BiosciencesJones Day advised Arsenal Capital Partners on major investments in HistoGeneX and Caprion Biosciences and the subsequent combination of the two businesses.
  • Evidera acquires MedimixJones Day advised Evidera, a business unit of Pharmaceutical Product Development, LLC, in its acquisition of Medimix International, a global technology company providing real-world evidence (RWE) insights and information to the pharmaceutical, diagnostic, and medical device industries.
  • Garmin® acquires Tacx, the leading manufacturer of indoor bike trainersJones Day advised Garmin Ltd. in its acquisition of the Tacx group, a Dutch family business that designs and manufactures high end indoor bike trainers, tools and accessories, as well as indoor training software and applications.
  • SAP acquires Qualtrics for $8 billionJones Day advised SAP in its $8 billion acquisition of Qualtrics International Inc., the global pioneer in the experience management software category.
  • Procter & Gamble acquires consumer health business of Merck KGaAJones Day advised The Procter & Gamble Company (“P&G”) in its €3.375 billion ($4.2 billion) acquisition of the worldwide consumer health business of Merck KGaA.
  • Advantage Solutions acquires Jun GroupJones Day advised Advantage Solutions on its acquisition of Jun Group, an industry-leading mobile video advertising company.
  • Financial services company conducts internal investigation into potential FCPA violationsJones Day assisted a financial services company in conducting an internal investigation into potential FCPA violations.
  • Global information technology company implements EU General Data Protection Regulation (GDPR)Jones Day is advising a global information technology company regarding its implementation of the EU General Data Protection Regulation (GDPR).
  • Global supplier of automotive systems implements pan-EU data protection compliance programJones Day is advised a global supplier of automotive systems on the strategy and implementation of a pan-EU data protection compliance program.
  • U.S. software company launches cybersecurity toolsJones Day is advising a U.S-based software company on its offering of cybersecurity tools for the EU and on related compliance questions.
  • Randstad acquires Monster for $429 millionJones Day advised Randstad Holding nv (AMS: RAND), a leading human resources services provider, in the acquisition of Monster Worldwide, Inc. (NYSE: MWW).
  • Speaking Engagements

    • September 22, 2021
      Moderator, Session 5. The GDPR vs. Brazil's General Data Protection Law, Jones Day's Fifth Annual Latin America Data Protection, Privacy & Cybersecurity Symposium
    • June 24, 2021
      Speaker, Cybersecurity Incidents – EU Legal Framework and Data Breach Response, BJA Webinar on Cybersecurity – how to prepare your company for a Cyber Crisis
    • March 26, 2021
      Speaker, Obligation to document data breaches and Post-breach management measures: contract management and liability issues, Online Seminar "Responding to personal data breaches in the Post-GDPR", Academy of European Law (ERA)
    • January 13, 2021
      Jones Day - Cybersecurity and Privacy Update: A Roundtable Discussion of Key Developments and Hot Topics (Update on Schrems II Developments)
    • October 8, 2020
      Session 2: Practical GDPR – Challenges in real life/lessons learned, Legal Council
    • November 11, 2019
      How to close the deal: Data protection risks and solutions for M&A transactions, Roundtable Topic Discussion, IAPP Europe Data Protection Congress 2019
    • October 23, 2019
      Big Data and GDPR, IDACON Data Protection Congress
    • June 18, 2019
      GDPR - a catalyst for digital transformation? European Association for Identity and Security (EEMA) Annual Conference 2019
    • June 6, 2019
      The GDPR One Year On: A Look at the Lessons From Implementation and the Next Steps for Compliance and Enforcement
    • May 23, 2019
      Eighth Annual European Labor & Employment Conference
    • April 30, 2019
      Panelist, Cybersecurity and Data Governance: Threat Landscape, Legal Regime, and Policy Challenges, Seminar: Cybersecurity, Data Protection, and the Rule of Law - Evolving Policy and Legal Risks in a Global Digital Economy, Jones Day and Peking University Law School
    • April 10, 2019
      Data Localization and Privacy Regulations - Cybersecurity Risk Management Council
    • January 2019
      Implications of the US Cloud Act and Other Developments Regarding Data Protection in Context of the USA, GDD Winter Workshop
    • November 29, 2018
      International Data Breach Notification: How to Get it Right, Roundtable Topic Discussion, IAPP Europe Data Protection Congress 2018
    • October 25-26, 2018
      Data Protection and Open Banking: Experiences and Expectations
    • October 5, 2018
      Marketing under GDPR: Challenges, experiences and solutions, IAPP Brussels KnowledgeNet Chapter
    • October 1, 2018
      Wearables in the context of data protection regulations (Risks & Challenges), FIFA Football Technology & Data Summit 2018
    • February 28, 2018
      Antitrust and Data Portability Rights, EMEA Conferences: GDPR and Antitrust
    • January 2018
      The European Union's General Data Protection Regulation (GDPR), Jones Day MCLE University
    • January 2018
      The ePrivacy Regulation, Jones Day MCLE University
    • January 2018
      The European Union's General Data Protection Regulation (GDPR), Jones Day MCLE University
    • October 23, 2017
      How to Prepare for the GDPR for Japanese Companies
    • October 17, 2017
      The EU-U.S. Privacy Shield in context of the developments in the USA, Annual IDACON Conference
    • September 14, 2017
      Introduction to the GDPR - Top 10 Implementation Issues for Companies
    • July 12, 2017
      The Upcoming ePrivacy Regulation: Status and Assessment of the Commission’s Proposal, IAPP Knowledge Net
    • April 25, 2017
      GDPR Workshop: Best Practices for Implementing the EU General Data Protection Regulation, Jones Day Seminar
    • April 24, 2017
      GDPR Workshop: Best Practices for Implementing the EU General Data Protection Regulation, Jones Day Seminar
    • April 5, 2017
      Le RGPD en détail – Analyse des directives des autorités de protection des données et des efforts de mise en œuvre au niveau national
    • April 2, 2017
      The EU Cybersecurity Directive—What Do the New Rules Mean for Business?, 10th Annual GDD Seminar Data Protection International
    • March 15, 2017
      Webinar Series: EU General Data Protection Regulation (three-part series)
    • November 28, 2016
      Advanced Training for Data Protection Officers on "International Data Transfer: EU Standard Contractual Clauses and Privacy Shield", German Federal Association of Data Protection Officers (Berufsverband der Datenschutzbeauftragten Deutschlands (BvD) e.V.)
    • October 14, 2016
      What to Do in Case of a Cyber-Incident or Data Breach: How to Prepare for, and Avoid, a Crisis, Jones Day Seminar
    • October 14, 2016
      Crisis Management: Prepare for the Unexpected
    • September 13, 2016
      Binding Corporate Rules under the EU General Data Protection Regulation (GDPR), IAPP Knowledge Net
    • August 2, 2016
      A Briefing on the EU-U.S. Privacy Shield
    • July 11, 2016
      Overview and business impact of the EU GDPR – How can companies prepare for compliance?, Japanese Chamber of Commerce, Data Protection Seminar
    • June 16, 2016
      Trust in the Digital World - The EU General Data Protection Regulation - How can companies prepare for compliance?
    • October 14 and 15, 2015
      Advanced Training for Data Protection Officers on "International Data Transfer", German Federal Association of Data Protection Officers (Referentin der Fortbildungsveranstaltung des Berufsverbands der Datenschutzbeauftragten Deutschlands (BvD) e.V. zu "Internationaler Datentransfer")
    • April 23, 2015
      Status und Vergleich der grenzüberschreitenden Datenschutzkonzepte: APEC Cross Border Privacy Rules und EU Binding Corporate Rules, 8. GDD-Fachtagung Datenschutz International 2015
    • December 3, 2014
      Can the EU legal framework promote trust? Challenges towards trusting the network and the Cloud, NetWorld2020 GA 2014: The future of telecommunication networks
    • November 18, 2014
      Internet of Things, Data Protection and Security: What are the Legal Challenges, and How Do We Overcome Them?, IAPP Europe Data Protection Congress 2014
    • November 12, 2014
      Enforcement action risks for organizations of multinational reach. Understanding regulation and global enforcement trends and the impact for General Counsel and Data Protection Officers, The Future of Data Protection Conference
    • May 12, 2014
      The EU Cybersecurity strategy – overview and business impact, European Data Protection Days (EDPD)
    • April 28, 2014
      APEC Privacy Framework – Geschäftsaktivitäten im asiatisch-pazifischen Wirtschaftsraum, 7. GDD-Fachtagung Datenschutz International 2014
    • April 28, 2014
      APEC Privacy Framework – Geschäftsaktivitäten im asiatisch-pazifischen Wirtschaftsraum, 7. GDD-Fachtagung Datenschutz International 2014
    • April 28, 2014
      Technologien für mobiles, kontaktloses Bezahlen (NFC), 15. Jahresfachkonferenz, Datenschutz und Datensicherheit (DuD 2013)
    • June 3, 2013
      Successfully Navigating Hazardous Waters: The 3rd Joint ABA/DAV Conference on Transatlantic Deals and Disputes, Data Privacy for M&A Lawyers