GDPR Compliance & Due Diligence for M&A Transactions

(218 Ratings)

Produced on: October 15, 2018

Course Format On Demand Audio

Taught by


Course Description

Time 91 minutes
Difficulty Advanced

With the implementation of the European Union’s General Data Protection Regulation (GDPR) on May 25, thousands of companies doing business in the EU are now confronting onerous new compliance obligations and a heightened awareness of data privacy and security law issues. In the transactional sphere, data protection considerations are taking an increasingly prominent role in M&A deals as counterparties evaluate each other’s compliance posture to assess potential financial and reputational risks. These developments have had a disproportionate impact in the M&A context, where previously data protection concerns have taken a back seat to other legal considerations.

In this presentation, BakerHostetler partner Melinda McLellan and associate Seth Engel will address key privacy and data security law issues that impact M&A transactions, from diligence to closing.

Learning Objectives:

  1. Identify recent trends in M&A practice and the how data protection considerations have changed the game
  2. Analyze the new EU GDPR’s impact on the legal and regulatory landscape
  3. Ask the right questions early in the M&A process to evaluate a target company’s compliance posture
  4. Get practical suggestions and best practices when handling data privacy issues in an M&A transaction


Melinda L. McLellan


Melinda McLellan is a seasoned privacy and cybersecurity specialist currently focused on the regulation of emerging technologies and cross-border data protection law. As co-leader of BakerHostetler's EU General Data Protection Regulation (GDPR) initiative, Melinda works with multinational clients to identify, evaluate and manage the myriad compliance obligations associated with corporate privacy and information security practices. Her broader practice includes advising on a wide variety of complex privacy and data management issues, including biometrics, securing the Internet of Things, implementation of blockchain technologies, cybersecurity threats to the financial services and energy sectors, autonomous vehicles, genetic privacy, artificial intelligence, Big Data, managing information security incidents, and negotiating complex tech transactions.

Select Experience:

  • Advises on compliance with international data transfer restrictions and data localization requirements, including through the implementation of cross-border transfer mechanisms such as the EU-U.S. Privacy Shield framework, standard contractual clauses, intercompany agreements and binding corporate rules.Advises clients on the development and implementation of enterprise-wide privacy and information security programs, including by creating employee privacy training modules and drafting company codes of conduct, policies, standards, procedures and guidelines related to the protection of personal data.
  • Manages complex technology transactions on both the vendor side and the customer side, drafting and negotiating multiparty contracts and outsourcing agreements from the RFP through follow-up compliance assessments. 
  • Counsels clients on the legal implications of various data collection and analytics technologies, including facial recognition software, geolocation tracking and web-based tools used for behavioral and other targeted marketing purposes.

Seth Engel


Seth advises clients on cross border transactions, U.S. securities offerings and international dispute resolution. Having practiced in both France and New York, he works hand in hand with public and private companies in Asia, Europe and the United States to advise on strategic transactions and disputes, including advising boards of directors and special committees. He also represents clients in international arbitrations.

Seth previously taught at the Sorbonne in Paris and acted as Assistant Counsel in multiple pre-trial cases at the International Criminal Court in The Hague. He is admitted to the bar in New York and Paris. He attended Georgetown University Law Center and has a Master’s degree from the Sorbonne and from the Institut de Sciences Politiques de Paris.


Rosemary G.

Presenters were excellent!

Alexandra D.

So good that i will listen to it again

Ian M.

I like the two presenter approach especially like this where there is some back and forth. Very good materials were also included.

Andrew H.

Great CLE

Stephen A.

Very good presentation.

Beth C.

Easier to understand GDPR!

Harrison H.

lively presentation. Could have been dry but it popped. Nicely done.

Stuart P.

very well researched and presented

Thomas D.

Topnotch presenters!

Maeve T.


Load More


$ 89 Business, Corporate, & Securities Law and Privacy & Cybersecurity In Stock


Get Unlimited Access to Lawline Courses

Unlimited CLE Subscription gives you access to take almost any course from our catalog and earn as much CLE credit as you need.