Mergers & Acquisitions In Europe: Diligence is Due When Disclosing Personal Data

Business acquisitions typically involve the up-front review of target-related information, sometimes by several potential buyers. The information reviewed during such ‘due diligence’ exercise may include customer data and employee files, which are likely to constitute ‘personal data’ under EU data privacy rules. The need for effective compliance with EU data privacy rules in the context of business transfers is often neglected, exposing both sellers and potential buyers to possible private claims and/or public sanctions. Wim Nauwelaerts takes a look at how EU data privacy law impacts on the preparatory stage of mergers and acquisitions.

This content is restricted to current SCL members. If you are a member but are not signed in, please sign in by clicking here

If you are not a member, please consider joining SCL Click here for joining information.

Please wait...