Charles-Albert Helleputte

Cybersecurity and Data Privacy

• Represented a major insurance group in its integration of EU operations from a cybersecurity and data privacy point of view.*
• Assisted a regulated institution in the management, follow up and remediation of a data breach. The representation includes dealing with cross-border regulatory context.*
• Counselled a chemical manufacturer in the privacy aspects of the deployment of a whistleblowing hotline solution.*
• Advised on a pro bono basis the Red Cross EU Office, the European Council on Refugees and Exiles, Medair, and the International Lesbian, Gay, Trans & Intersex Association in the review of their data mapping, legal basis for processing, privacy notices, privacy policies and in their vendor remediation exercise.*
• Represented clients in the cybersecurity and data privacy aspects of due diligence, SPA negotiation and integration.*
• Counselled a Chinese financial institution in relation to the technical standards, organizational measures and incident reporting under the PSD2 and the interplay with GDPR and national laws implementing the NIS Directive.*
• Assisted US B2B marketing companies, email service providers, payment services providers, actor of the entertainment industry in assessing the impact of GDPR on their operations.*
• Represented a hospitality client in the management of a high-profile data breach taking place at the level of its booking platform.*
• Counselled an international financial service institution in designing and implementing a cloud-based SaaS monitoring tool aiming to protect the integrity of its systems and networks.*
• Advised the United Nations regarding international legal issues related to e-evidence and processing of personal data for law enforcement purposes.*
• Represented an Italian brand of shoes and clothing in its GDPR readiness exercise and in navigating the changes of the CCTV legislation post GDPR in multiple countries.*
• Assisted a global company providing payment solutions for e-commerce app in assessing its role (data controller/data processor) and related requirements under GDPR.*
• Advised clients in a number of industries such as financial, marketing, insurance, in the drafting and negotiation of Art. 28 GDPR data processing agreements, representing both controllers and processors.*
• Represented a leading supplier of automotive parts in dealing with the data privacy aspects of its global HR management and operations. The representation includes the assessment of the role of various group entities and in analyzing appropriate data transfer mechanisms to support the exchange of data necessary for staff appraisal.*
• Developed a structured approach to GDPR compliance for several trade associations in multiple EU countries.*
• Contributed to the HTNG Working Group on GDPR. The outcome is a White Paper and Self-Assessment Tool adopted in March 2018. The White Paper describes key considerations of GDPR for the hospitality industry. The Assessment Tool aims to help professionals in the industry to evaluate their company's ability to comply with the new regulation. Over 50 companies (from hotel brands, to software companies) participated in HTNG's GDPR for Hospitality Workgroup.*
• Part of the team who represented Nestlé S.A. its agreement to acquire privately-held Atrium Innovations, a Montreal-based global leader in nutritional health products, from a group of investors for $2.3 billion.*
• Represented a US financial group active in the credit card business in its negotiations with a payment network in France. The representation includes negotiations with the French DPA.*
• Represented booking platforms in their challenge in front of the Working Party No. 29 of a new standard developed by the travel industry.*
• Assisted a European actor in infusion therapy and clinical nutrition in dealing with the Belgian aspects of the acquisition of a US-headquartered group active in transfusion technology products for blood collection, separation and processing.*

Transactions 

• Represented a French bank in its $800 million ICO monetization transaction with a Brazilian credit institution.*
• Represented a French-listed company and its subsidiaries in the context of a $600 million term loan with a pool of Asian lenders used to refinance existing indebtedness.*
• Advised the Brussels branch of the Bank of China (Luxembourg) SA on a €31 million bridge loan facility.*
• Assisted a client in the hospitality sector in the negotiation of the disposal of one of its assets to public authorities, as part of the redeployment of the Heysel plateau (Neo project).*
• Part of a four-office, five-practice team who advised a French investment fund in the acquisition of a 85 hotels portfolio belonging to a major hospitality actor and other real estate investment funds.*
• Represented an international bank in a $370 million margin financing for a Brazilian credit institution.*
• Represented Solvay SA and its affiliates in the $220 million acquisition of the global Ryton polyphenylene sulfide (PPS) business of Chevron Phillips Chemical Company LP.*
• Represented a French bank in the refinancing of an hotel portfolio a private equity fund owned in Belgium.*
• Assisted a global healthcare company to restructure its Belgian activities, in particular, to structure and negotiate an acceleration of the immovable lease on the former European HQ of an acquired business.*
• Advised a group in the hospitality sector in its acquisition and financing of a five hotels portfolio in Belgium.*
• Represented the Belgian subsidiary of a European toy group, headquartered in France in a combined equivalent €160 million acquisition, revolving and CAPEX facilities agreements.*
• Represented the Belgian subsidiary of a European property management group to access combined €485 million facilities agreements.*
• Assisted a Belgian software company in the negotiation of the assignment of a VAT leasing and related aspects on a 7,000 square meter building where it will relocate its headquarters.*
• Assisting one of the largest Brazilian chemical companies in the tax structuring and contractual implementation of the Only Representative activities (in the context of the REACH regulation).*
• Advised a French telecommunications group in the corporate and tax aspects of the restructuring of €3 billion facility arrangement.*
• Advised and assisted the Belgian branch of a Japanese credit institution in launching a new Swap activity in more than twenty countries.*
• €208 million securitization of consumer credit loan receivables for a Dutch bank with branches in Belgium and Germany.*
• Pan-European structuring and organization of operations of a $500 million feeder fund.*

*Matters handled at prior firm.

• "Data as a (New) Core Company Asset to Protect: Who's Who?," UCLouvain Cybersecurity Month Seminars, October 29, 2020

• "A Fireside Chat with Commissioner Didier Reynders on Europe's Digital Future - Where Does Privacy Stand?," IAPP Brussels KnowledgeNet Chapter Meeting, Brussels, Belgium, October 27, 2020
• "Cybersecurity as a key European Policy: Right or Wrong?," Louvain-La-Neuve University Online Courses, October 22, 2020
• "Workshop: Cybersecurity & Pharma: Patient Data, Public Perception & Preventing Attacks," EU Pharma Law Academy, September 24, 2020

• "GDPR Second Year Anniversary Quiz," International Association of Privacy Professionals, May 25, 2020

• "Is Certification the Future of Privacy? Yes, No, Maybe?," International Association of Privacy Professionals Brussels KnowledgeNet Chapter, February 3, 2020

• "Celebrate Data Privacy Day 2020," International Association of Privacy Professionals Brussels KnowledgeNet Chapter, January 28, 2020

• "University of Louvain Debate: Would You Trade Privacy Rights Against Data Security? Is There A (Healthy) Cyber Balance?," University of Louvain, Louvain, Belgium, October 31, 2019

• "WWW (or What we Want for your Website)," European Pro Bono Alliance, October 25, 2019

• "Cybersecurity & Pharma: Patient Data, Public Perception & Preventing Attacks," European Pharma Law Academy, Cambridge, United Kingdom, September 9-12, 2019

• "GDPR After GDPR Day: Which Rating Does it Deserve?," Data Protection Forum Association of Consumer Credit Information Suppliers, Brussels, Belgium, March 13, 2019

• "The Impact of GDPR on Clinical Trials," Patient Engagement Through Education (EUPATI) Webinar, October 29, 2018

• "GDPR & Data Breaches Management: 5 Lessons Learned," European Conference of Hotel Technology Next Generation (HTNG), Lisbon, Portugal, October 23-24, 2018

• "Public Affairs Post-GDPR: What You Need to Know," Public Affairs Council Webinar, June 12, 2018

• "GDPR Workshop – GDPR is There: Are you Ready?," European Council of Optometry and Optics Annual General Assembly, Pula, Croatia, May 30, 2018

• "GDPR Workshop – GDPR is Coming: Are you Ready?," European Council of Optometry and Optics, May 11, 2018

• "General Data Protection Regulation and NGOs: Are you Ready?," Advocates for International Development, April 24, 2018

• "GDPR Breakfast Session," United Network of Interventional Corporate Events Organizers, March 30, 2018

• "Skills Development Program," European Public Affairs Consultancies' Association (EPACA), March 26, 2018

• "General Data Protection Regulation," Association of Mutual Insurers and Insurance Cooperatives in Europe (AMICE), Brussels, Belgium, March 21, 2018

• "Legal Perspectives," Humentum Legal Roundtable Covering Trending Cyber & Data Issues, Washington, DC, March 8, 2018

• "Hospitality: are you ready for GDPR," Hospitality Technology Next Generation (HTNG) Annual European Conference, Prague, Czechia, November 8, 2017

• Client Choice Award, IP & IT, Belgium (2019)

• Member, International Association of Privacy Professionals (IAPP) and co-chair of its Brussels KnowledgeNet Chapter
• Legal Expert, ENISA, the European Union Cybersecurity Agency
• Member, American Chamber in Europe (AmCham), EU chapter