• IT & privacy

The quality and accessibility of information via your IT solutions are key factors in your organisation’s core business operations. This means that resolving IT problems requires close cooperation between your technical experts, external service providers and your business. It is also essential for the board to pay attention to IT and privacy. Fragmented legislation and regulations – in combination with the dynamics of IT issues – make IT law complicated, since it is at the cutting edge of contract law, liability law, intellectual property law and criminal law. The most important provisions are given in various parts of the Dutch Civil Code such as Books 3, 6 and 7. And there are all kinds of independent laws too, some of which are based on EU Directives, such as the Personal Data Protection Act, the Public Procurement Act 2012 and the Copyright Act.

Purchasing and installing IT systems

All kinds of factors are involved when drawing up and completing final negotiations on IT contracts: liability, guarantees, licences, intellectual property rights and a proper exit scheme. The factors that are important for you will partly depend on whether you store your company information on your own server, in a dedicated data centre or in the cloud. In all cases, it is essential to record service levels for the implementation, maintenance and management of IT systems properly and clearly, and make sure they are enforceable too.


When outsourcing, you may encounter factors other than the normal ones in IT contracts such as personnel transfers, hardware transfers, data migration, SLAs, benchmarking, compliance, complicated exit schemes and privacy such as personal data transfer outside the EU. All these matters are legally relevant and require expert advice and assistance from an IT lawyer.


Information is becoming increasingly important for your organisation’s everyday business critical processes. But at the same time, legislation and regulations relating to privacy have increased tremendously, which is partly due to the EU. The fact that certain information is available and can be processed does not always mean that you are actually allowed to use it, nor may you link up data from various sources without good reason.

Cyber security and data leaks

You can prevent disruption of crucial business operations resulting from abuse or breakdowns in the IT solutions at your company by drawing up an action plan to cover any cyber security attacks on your organisation. It is essential that you know what to do if a data leak occurs and personal data becomes public.


When installing a website or an app, you should make sure that this complies with all the statutory obligations such as the obligation to disclose information, as well as that the general conditions of sale and delivery and/or conditions for use are declared to be applicable in the correct manner. Online transactions are subject to special statutory obligations with respect to the returning of products for example.

IT conflicts

IT projects often do not proceed as smoothly as you might expect. This can result in premature termination of collaboration and liability proceedings, either before the regular court or in arbitration. But alternative scenarios are often possible. So make sure you are properly advised on all possible scenarios before coming to a decision.

Legal assistance concerning IT and privacy

When confronted with a maze of laws and regulations, it is reassuring for you to be able to rely on the knowledge and expertise of Ploum’s IT and privacy team. We have been actively involved in IT law ever since our firm was established in 1995, and we can advise and assist you in resolving all kinds of IT problems at strategic level. For example, we can help you evaluate, draw up and conduct negotiations on different types of IT contracts. We can also advise you on the impact of new legislation on privacy, cyber security and e-commerce. Our highly-experienced IT lawyers are members of the following specialist associations: VIRA (Association of Informatics Lawyers), NVvIR (Netherlands Association for Information Technology and Law) and VPR (Privacy Law Association). We are also a member of PON (Platform Outsourcing Nederland). Our team comprises three very experienced IT lawyers, plus a number of younger staff and trainees who are interested in IT.

Would you like to find out more?

If you have any questions on IT law and/or privacy law, please don’t hesitate to contact our IT and privacy team.