I have more than ten years experience advising on data protection law, both as an external and internal counsel, giving me an in-depth knowledge of the challenges organisations face in their compliance work.

For the past ten years, I have acquired in-depth experience with data protection law and today I advise on all aspects of the collection, processing and disclosure of personal data. My experience includes advice on transfer of personal data to third countries, processing of personal data in employment context, including monitoring of employees, and advice in relation to security breaches.

I have formulated and implemented GDPR projects at a large number of public as well as private organisations and I have been responsible for the international roll-out of major Danish GDPR projects. During my time with Bird & Bird, I have also been on secondment with the Danish hearing aid manufacturer Widex in order to assist them with their GDPR project.

Before joining Bird & Bird I was employed in a medium-sized IT company, where I was responsible for implementing GDPR. I have also been employed with one of Denmark's largest law firms and as part of my employment I was on secondment at ATP (a mandatory pension scheme in Denmark) as a data protection specialist.

My secondments and experience as an in-house lawyer have provided me with a valuable commercial understanding of how organisations handle their personal data challenges, including as part of major compliance projects, and in my legal advice my focus is always on being pragmatic and creating value.

In addition to data protection law, I have broad experience with marketing and consumer law, including advice on unsolicited marketing.

  • Large Danish retail company: I was responsible for rolling out the client's Danish GDPR project to its international partners, a total of 40 local partners in 25 countries. It was important for the client that the project disturbed business at the local partners as little as possible and consequently Bird & Bird was elected the role as project leader. As part of the project we assisted with drafting extensive questionnaires on the local partner's processing activities and preparing analysis to each partner based on the partner's responses. We also coordinated local workshops and advice from Bird & Bird's international network of lawyers on national variations to GDPR. As part of the project we held a number of internationally accessible webinars and drafted several leaflets to the partners to prepare them for GDPR and the project as such.
  • Widex A/S: Secondment with the main purpose to assist the company with its compliance project including in relation to providing advice on legal basis and the allocation of roles in relation to sale and repair of hearing aids as well as providing advice on privacy by design and privacy by default in relation to the client's development of new services. The secondment has offered a unique possibility to work closely with the various departments at the client, including the R&D department.
  • Foundation founded by the Danish Ministry of Industry, Business and Financial Affairs: Responsible for a full GDPR project for the client, including its 4 subsidiaries. All subsidiaries are characterised by processing large amounts of personal data as part of their work with conducting large public events and arrangements. The project included assistance to map the client's data processing activities and preparing of a gap analysis. Further we assisted with the implementation process and have drafted required GDPR documentation eg records of processing, privacy notices, data processor agreements etc. At the end of the project the client decided to appoint Bird & Bird as their formal Data Protection Officer (DPO).
  • Waste-management and energy company: Responsible for a full GDPR project for the client, including its 7 subsidiaries. The project included assistance to map the client's data processing activities, including the extensive data disclosures in the group, and preparing of a gap analysis. Further we assisted with the implementation process and have drafted required GDPR documentation eg records of processing, privacy notices, data processor agreements etc. At the end of the project the client decided to appoint Bird & Bird as their formal Data Protection Officer (DPO).
  • Pilot service provider of the Danish state: Responsible for a full GDPR project for the client. The project included assistance to map the client's data processing activities and preparing of a gap analysis taking into account the specific legislation applicable to the client.
Education
  • University of Copenhagen, LLM, Law
  • University of Copenhagen, LLB, Law
  • McGill University
Admissions
  • The Danish Bar & Law Society in 2010