Dr. Undine von Diemar's practice focuses on data protection matters involving international data transfers, incident response, global compliance projects, and internal investigations. Undine leads Jones Day's European Cybersecurity, Privacy & Data Protection Practice and regularly advises on data protection legal issues in M&A transactions and represents clients in proceedings before data protection authorities and courts. Undine has been selected as one of nine leading names for data protection in Germany by The Legal 500 where clients praise her as an "invaluable expert in data protection matters on national and global level" with "first-class work results."
Undine has strong experience in the IT sector, including negotiating high-profile technology transactions related to cloud computing, big data, artificial intelligence, and supercomputer technologies. She also has experience advising on privacy issues related to the life science field.
Highlights of Undine's most recent work include: compliance projects: led more than 30 GDPR implementation projects for international clients, including ICANN, Cardinal Health, and Rosewood; incident response: leading response to cyberattacks and data breaches for international companies, including notifying authorities and contacts with intelligence services; M&A: advised on privacy requirements in high-profile transactions (including SAP's acquisition of Gigya, Concur, and hybris); privacy litigation: represented ICANN in proceedings against registrars concerning the implementation of GDPR requirements; internal investigations: advised on privacy requirements in internal investigations, including handling information requests from foreign authorities and international organizations; and technology transactions: advised Cylance (cloud provider for artificial intelligence-based IT security products) on joint venture, customer and vendor agreements, and the related privacy framework.
Essilor acquires Brille24
Jones Day advised Essilor in the acquisition of 100 percent of Brille24 GmbH, one of the leading online retailers of optical products in Germany.
SAP acquires Qualtrics for $8 billion
Jones Day advised SAP in its $8 billion acquisition of Qualtrics International Inc., the global pioneer in the experience management software category.
EMERAM Capital Partners invests in Meona
Jones Day represented EMERAM Capital Partners GmbH in connection with its investment in Meona GmbH, a Germany-based innovative clinical software leader.
SAP acquires Gigya
Jones Day advised SAP SE in its acquisition of Gigya, Inc., a market leader for customer identity and access management.
Cardinal Health acquires leading patient product portfolio from Medtronic for $6.1 billion
Jones Day advised Cardinal Health on the acquisition of Medtronic's Patient Care, Deep Vein Thrombosis and Nutritional Insufficiency businesses for $6.1 billion in cash.
Reynolds American acquired by British American Tobacco Plc in deal valued at $49 billion
Jones Day advised Reynolds American Inc. ("RAI") regarding the acquisition by British American Tobacco, p.l.c. ("BAT") of 57.8 percent of the outstanding shares of RAI not owned by BAT and its affiliates in a transaction valued at $49 billion.
Newell Brands sells Winter Sports businesses to Kohlberg & Company for $240 million
Jones Day advised Newell Brands Inc. (NYSE: NWL) in the sale of its Winter Sports businesses to private equity firm Kohlberg & Company for $240 million, subject to adjustment.
OEConnection Holdings acquires Clifford Thames Group
Jones Day advised OEConnection Holdings, LLC in connection with its acquisition of Clifford Thames Group, a leader in automotive data creation and management with operations in Europe, the U.S., India, and Australia.
Automotive supplier seeks advice on ethics hotline and data privacy
Jones Day advised an automotive supplier on its ethics hotline in Europe, and on data privacy and works council participation issues.
Global information technology company implements EU General Data Protection Regulation (GDPR)
Jones Day is advising a global information technology company regarding its implementation of the EU General Data Protection Regulation (GDPR).
U.S. software company launches cybersecurity tools
Jones Day is advising a U.S-based software company on its offering of cybersecurity tools for the EU and on related compliance questions.
Essilor acquires MyOptique Group
Jones Day advised Essilor International S.A., a company listed on the Euronext Paris Stock Exchange, on the acquisition of MyOptique Group Limited ("MyOptique").
Software company conducts internal investigation into global data breach
Jones Day is advising a software company in connection with an internal investigation relating to a global data breach.
BNP Paribas acquires certain assets and liabilities from RBS relating to its structured retail investor products and equity derivatives business
Jones Day advised BNP Paribas on its acquisition of certain assets and liabilities from Royal Bank of Scotland PLC relating to the structured retail investor products and equity derivatives businesses.
Goldman Sachs and Highgate Hotels acquires K+K Hotels Group
Jones Day advised a consortium led by Goldman Sachs and Highgate Hotels, a leading hospitality investment and management company, in its acquisition, acquisition financing, and debt restructuring of the K+K Hotels group, which owns a portfolio of ten boutique hotels located in London, Paris, Barcelona, Munich, Vienna, Prague, Budapest, and Bucharest.
NEP Group acquires Mediatec Group
Jones Day advised NEP Group, Inc. in its acquisition of Mediatec Group, one of Europe’s largest corporations in delivering integrated technical solutions for event and television productions with activities across Europe (including Sweden, Finland, Norway, Denmark, Germany, Switzerland, Austria, the UK, and Spain).
SAP acquires leading global provider of travel and expense management solutions Concur Technologies for $8.3 billion
Jones Day represented SAP SE (NYSE:SAP) in its agreement to acquire Concur Technologies, Inc. (NASDAQ:CNQR) at an enterprise value of approximately $8.3 billion.
OHB AG obtains €250 million unsecured revolving credit facility
Jones Day represented OHB AG, an aerospace and technology company, in its €250 million (US$341 million) unsecured revolving credit facility agreement.
Nordson acquires Kreyenborg Group's polymer processing companies
Jones Day advised Nordson Corporation in its acquisition of Kreyenborg GmbH and BKG Bruckmann & Kreyenborg Granuliertechnik GmbH companies.
SAP acquires enterprise multichannel e-commerce company hybris
Jones Day advised SAP AG in connection with its acquisition of hybris AG.
Le Comité européen de la protection des données apporte des clarifications sur le champ d'application territorial du RGPD
- April 2018GDPR: Understanding the New Landscape, Corporate Counsel Business Journal
- October 2016Intra-Group Data Transfers under the Privacy Shield – Peculiarities and Solutions for the Practice (Konzerninterner Datentransfer unter dem Privacy Shield – Besonderheiten und Lösungsansätze für die Praxis), Magazine of the German Association of Data Protection Officers ("BvD News")
- June 30, 2016Recent Developments concerning Data in the EU: Publication by EMA of Commercially Confidential Information (Clinical Data) and New Rules for the International Transfer of Personal Data.
- January 2016Internationaler Datentransfer unter der Datenschutzgrundverordnung - Was kommt da auf uns zu?" ("International Data Transfers under the General Data Protection Regulation - What we can expect to face then?") in the January issue of the magazine of the German Federal Association of Data Protection Officers (Berufsverband der Datenschutzbeauftragten Deutschlands - BvD)
- August 2015Data protection challenges for telemedicine in the EU and US, eHealth law&policy
- August 2015Data Protection Challenges for Telemedicine in the EU and US
- August 2015eHealth Law & Policy Data protection challenges for telemedicine in the EU and US, eHealth Law & Policy
- September 2014Datentransfer im Konzern - Bick auf die Entwicklungen in Europa und in den USA (Data transfer within a group of companies - With a view on developments in Europe and the US), BvD-News - Das Fachmagazin für den Datenschutz (BvD-News - Journal on data protection)
- Erwartet (Expected) in 2014Verfahren und Zugriff auf Daten (Proceedings and Access to Data), in: Borges/Meents (Hrsg./editors), Handbuch Cloud Computing (Handbook Cloud Computing)
- October 2013The U.S., European and Asian Countries Propose New Laws and Regulations on Cybersecurity, Bloomberg BNA Privacy and Security Law Report
- October 2011Risiken in der Datenwolke (Risks in the Data Cloud), Der Handel
- April 2011Clearing the Clouds, Intellectual Property Magazine
- April 2011Cloud Computing in der Biotech Industrie (Cloud Computing in the Biotech Industry), Venture Capital Magazin
- 2011Datenschutzrechtliche Anforderungen an die Inanspruchnahme von Cloud Computing Services (Data Protection Law Requirements for Using Cloud Computing Services), Handbook “International Know-how protection”
- January 2010Cloud Computing – Abschied von der Softwarelizenz (Cloud Computing – Goodbye Software License), IP Manager
- 2010Rechtliche Absicherung - Fundament einer starken B-to-B-Marke (Legal Protection – Basis of a Strong B-to-B Trademark), Contribution (together with W. Büchner) to the handbook "B-to-B brand management" ("B-to-B- Markenführung")
- May 2008Marken und Patente sind Geld wert; IP-Rechte können stärker als Finanzierungsgrundlage dienen (Trademarks and patents are of Considerable Financial Value; IP Rights Can Serve More Often as the Basis for Financing), Lebensmittelzeitung
- April 2008IP-Rechte in der Unternehmensfinanzierung (IP Rights as Means of Corporate Financing), Kredit & Rating Praxis
- 2004Gatoring – eine rechtlich zulässige Form der Werbung im Internet? (Gatoring - a Legally Allowed Form of Internet Advertisement?), Wettbewerb in Recht und Praxis (WRP), p. 1237-1245
- 2002Die digitale Kopie zum privaten Gebrauch (Digital Copying for Private Use), Doctoral thesis, Muenster et al.
- November 14, 2018The EU General Data Protection Regulation, Lecture at the Jones Day Course at Beijing University
- September 19, 2018Accomodating data subjects when they exercise their rights, IAPP Data Protection Intensive: Deutschland 2018
- September 18, 2018Keynote speaker, IAPP Data Protection Intensive: Deutschland 2018
- September 18, 2018The DPO’s place in the organization, IAPP Data Protection Intensive: Deutschland 2018
- July 24, 2018Data Breaches and Cyber Attacks – What you should and should not do, IAPP KnowledgeNet
- May 16, 2018Life Science Seminar, Digital Health: The Life Sciences Industry Meets the Internet of Things & eHealth
- May 15, 2018Life Science Seminar, GDPR: Hot topics for the life science industry
- January 2018Cybersecurity: Managing Evolving Risks, Jones Day MCLE University
- January 2018The ePrivacy Regulation, Jones Day MCLE University
- January 2018The European Union's General Data Protection Regulation (GDPR), Jones Day MCLE University
- June 12, 2017Fully Connected, Fully Liable? Cybersecurity: Risks and Pitfalls (Be Prepared and Watch Your Smartphones - Live Hacking Demonstration!)
- May 31, 2017HR Data Processing Under the GDPR - How Companies Need to Prepare IAPP KnowledgeNet
- April 25, 2017GDPR Workshop: Best Practices for Implementing the EU General Data Protection Regulation, Jones Day Seminar
- April 24, 2017GDPR Workshop: Best Practices for Implementing the EU General Data Protection Regulation, Jones Day Seminar
- November 28, 2016Advanced Training for Data Protection Officers on "International Data Transfer: EU Standard Contractual Clauses and Privacy Shield", German Federal Association of Data Protection Officers (Berufsverband der Datenschutzbeauftragten Deutschlands (BvD) e.V.)
- October 5, 2016IT and Data Protection, VAB Seminar: Foreign Banks in Germany - New Challenges and New Chances
- September 28, 2016EU Privacy Laws and Implications for Implementing Health & Safety Programs, European Union Health, Safety & Environment Forum
- July 1, 2016Recent Developments Concerning Privacy in the EU: How to Prepare for the Upcoming General Data Protection Regulation and What is the Current Status of Rules for the International Transfer of Personal Data
- June 30, 2016Recent Developments concerning Data in the EU, EMA of Commercially Confidential Information (Clinical Data) and New Rules for the International Transfer of Personal Data
- May 3, 2016EU/U.S. Privacy Shield and International Data Transfers: Insights from the Regulator, IAPP KnowledgeNet
- April 29, 2016International Data Transfers (Internationale Datentransfers), Practice Days Data Protection (Praxistage Datenschutz)
- April 14, 2016Everything new - the update on data protection (Alles neu - das Update zum Datenschutz), Jones Day Banking & Finance Seminar
- December 1, 2015The new General Data Protection Regulation: Anticipating Compliance Roundtable, moderator
- October 14 and 15, 2015Advanced Training for Data Protection Officers on "International Data Transfer", German Federal Association of Data Protection Officers (Referentin der Fortbildungsveranstaltung des Berufsverbands der Datenschutzbeauftragten Deutschlands (BvD) e.V. zu "Internationaler Datentransfer")
- September 23, 2015"Data Protection - Current challenges for Banks" (Datenschutz - Aktuelle Herausforderungen für Banken), Practice seminar of the Association of Foreign Banks in Germany (Praxisseminar des Verbands der Auslandsbanken in Deutschland e.V.): Presentation on "Final spurt for the General Data Protection Regulation" (Endspurt für die Datenschutzgrundverordnung)
- May 21, 2015Global Cybersecurity Perspectives, panelist, Cybersecurity Law Institute, Georgetown University Law Center
- May 12, 2015Munich IAPP KnowledgeNet: Big Data in the Health Care Industry
- February 24, 2015Atlanta IAPP KnowledgeNet: EU Privacy Update
- December 3, 2014Taskforce AG Expert Dialog: Presentation on "The new IT security requirements for companies" (Die neuen IT-Sicherheitsanforderungen für Unternehmen")
- November 13, 2014Jones Day Banking & Finance Seminar "New IT Security Act - What is important for banks?" (Neues IT-Sicherheitsgesetz vorgestellt – was ist wichtig für Banken?)
- October 28, 2014Advanced Training for Data Protection Officers on "International Data Transfer", German Federal Association of Data Protection Officers (Referentin der Fortbildungsveranstaltung des Berufsverbands der Datenschutzbeauftragten Deutschlands (BvD) e.V. zu "Internationaler Datentransfer")
- August 5, 2014Big Data Across the Atlantic - U.S. and E.U. Perspectives, Practising Law Institute
- March 13, 2014International Data Security and Privacy Protection, panelist, 18th Annual Corporate Counsel Institute
- October 16, 2013Advanced Training for Data Protection Officers on "International Data Transfer", German Federal Association of Data Protection Officers (Referentin der Fortbildungsveranstaltung des Berufsverbands der Datenschutzbeauftragten Deutschlands (BvD) e.V. zu "Internationaler Datentransfer")
- September 17, 2013Is privacy ruining the game? "Dos and Don'ts" for banks in the social web (Spielverderber Datenschutz? "Dos and Don'ts" für Banken im Social Web), IBM event "Bank & Future"
- September 2, 2013Lecture on International Data Transfer (Vorlesung Internationaler Datentransfer), Summer Law School of the Ruhr-University Bochum and Jones Day
- June 27, 2013Data Protection in the Social Web: Are Business Opportunities Hampered by Data Protection Laws? (Datenschutz im Social Web: Behindert das Datenschutzrecht Geschäftschancen?), PASS business talk: Social Web for Companies
- September 20-22, 2012International Federation of Computer Law Associations (IFCLA) 2012 Conference Bar Camp "Cloud Computing", moderator
- March 23, 2012Legal issues relating to Cloud Computing (Rechtsfragen des Cloud Computing), Munich Network Seminar
- May 19, 2011Cloud Computing Workshop, Client Compliance Day
- October 21, 2010Presentation on data protection issues and participation in the expert panel on IT security and data protection, Salesforce.com Cloudforce
- September 28, 2010Cloud Computing Workshop: Die Wolken lichten sich (the clouds are clearing), Client Seminar
- April 16, 2010Cloud Computing Workshop: Die Wolken lichten sich (the clouds are clearing), Munich Network Seminar
- 2007-2008Various lectures regarding the use of IP rights as means of financing; inter alia, doing a roadshow in five major German cities together with cooperation partners PATEV and Brand Rating (leading valuation firms for patents and trademarks)
- University of Michigan (LL.M. 2005; German Academic Exchange Service [DAAD] and The Rotary Foundation scholarships recipient); University of Potsdam (Doctorate degree 2002; Wolf-Rüdiger-Bub-Award [law faculty award of Potsdam University]; Friedrich-Ebert-Foundation scholarship recipient); Second State Examination (Niedersachsen, 2004); First State Examination (Berlin-Brandenburg, 1999); University of Potsdam and Humboldt University of Berlin (Law studies, 1994-1999; Friedrich-Ebert-Foundation scholarship recipient)
- Federal Republic of Germany
Chambers Europe (2014-2019): "continues to rise in the rankings due to her excellent work" in data protection
JUVE (2012-2019): recommended for IT law
Handelsblatt (2015-2019): among the best IT lawyers in Germany
Acritas "Star Lawyer" (2019)
- German and English