Anna Pateraki

Anna is counsel in the firm’s Brussels office.  Anna’s practice focuses on Global & European data protection matters, with emphasis on AI, cybersecurity, and new technologies.  She has extensive experience advising large, multinational clients on emerging privacy challenges across the digital landscape. 

Anna offers clients deep expertise in developing global privacy and cybersecurity compliance programs.  Her work features advising on multijurisdictional data breach response, cross-border data transfer mechanisms, direct marketing strategies, AI-powered solutions, advanced data analytics, employee monitoring compliance, incident preparedness, and cybersecurity requirements under new emerging laws.  She routinely negotiates data processing agreements and supports clients in developing comprehensive vendor management programs.  She also provides strategic guidance on managing risks associated with innovative data collection and use. 

Anna advises comprehensively on all aspects of the EU General Data Protection Regulation (GDPR) and German-related data protection issues.  She is highly experienced across a range of sectors, including retail and consumer products, technology, finance, private equity, and life sciences.

Prior to joining the firm, Anna worked for the European Data Protection Supervisor (EDPS) and the IT law departments of leading law firms in Germany. Anna has completed secondments in two of the world’s largest technology companies.

• Advised several multinational companies on Binding Corporate Rules, EU Model Contracts and other data transfer strategies.
• Advised a leading technology company on privacy issues under the EU General Data Protection Regulation.
• Advised a leading payment processing company on consumer programs, data analytics, mobile apps, direct marketing, cookies, device fingerprinting, and location-based services.
• Advised a leading payment processing company on the acquisition of analytics services, including privacy integration of the acquired services.
• Advised a major cloud provider on the acquisition of other cloud services.
• Advised a major software company on setting up a global privacy compliance program for customer and employee data.
• Advised a biotechnology company on privacy issues, including informed consent practices, for performing medical research and clinical trial studies.
• Advised multinational companies on employee monitoring, whistleblowing hotlines, and CCTV.
• Advised a major pharmaceutical company on the design and implementation of a global data breach response plan.
• Drafted global privacy notices, consent forms, data processing agreements and Privacy Impact Assessments for various technology companies.
• Negotiated data processing agreements with customers and vendors on behalf of clients.

• Recommended for Belgium: EU Regulatory – Privacy and Data Protection in Legal 500 EMEA, 2024-2025