Close

Andrea is an associate in the firm's Brussels office with a focus on EU data privacy, cybersecurity and digital regulation. She advises multinational clients on regulatory compliance, including NIS2, DORA, the AI Act. Andrea is also a Certified Information Privacy Professional (CIPP/E), bringing both technical depth and practical insights to fast-evolving digital frameworks.

Andrea is an EU qualified lawyer that advises clients on complex legal and regulatory challenges at the intersection of technology, privacy, and cybersecurity. With dual admission in Spain and Belgium, she brings a multinational perspective to data compliance strategies, working with clients across sectors including telecommunications, tech, and financial services.

Andrea counsels multinational enterprises on compliance with a wide range of EU digital regulations, including GDPR, NIS2, DORA, the AI Act, the Data Act, the DMA, and the DSA. Her experience includes drafting privacy and cybersecurity policies and procedures, advising on personal data breaches, managing cross-border data transfers, and developing regulatory roadmaps for digital transformation.

She has represented clients before European data protection and cybersecurity authorities and led internal training workshops for global organizations. Prior to joining the firm, Andrea worked as an associate in an international law firm in Brussels and completed her legal internships both as in-house trainee of an international telecommunications company and as a trainee in an international law firm in Spain.

Back to Page

People

People

Andrea
Otaola

Associate
Data, Privacy and Security

Brussels: +32 2 898 0240
aotaola@kslaw.com

Related Capabilities
Government Matters Technology Transactions Artificial Intelligence (AI) and Machine Learning Technology

Andrea is an associate in the firm's Brussels office with a focus on EU data privacy, cybersecurity and digital regulation. She advises multinational clients on regulatory compliance, including NIS2, DORA, the AI Act. Andrea is also a Certified Information Privacy Professional (CIPP/E), bringing both technical depth and practical insights to fast-evolving digital frameworks.

Andrea is an EU qualified lawyer that advises clients on complex legal and regulatory challenges at the intersection of technology, privacy, and cybersecurity. With dual admission in Spain and Belgium, she brings a multinational perspective to data compliance strategies, working with clients across sectors including telecommunications, tech, and financial services.

Andrea counsels multinational enterprises on compliance with a wide range of EU digital regulations, including GDPR, NIS2, DORA, the AI Act, the Data Act, the DMA, and the DSA. Her experience includes drafting privacy and cybersecurity policies and procedures, advising on personal data breaches, managing cross-border data transfers, and developing regulatory roadmaps for digital transformation.

She has represented clients before European data protection and cybersecurity authorities and led internal training workshops for global organizations. Prior to joining the firm, Andrea worked as an associate in an international law firm in Brussels and completed her legal internships both as in-house trainee of an international telecommunications company and as a trainee in an international law firm in Spain.

Full Bio
Email Andrea

Credentials

Master in International Business Law, Università Commerciale Luigi Bocconi

Master of Laws, ESADE Business and Law School – Universidad Ramon Llull

LL.B., University of Deusto, Spain

Brussels

Madrid

International Association of Privacy Professionals, Member

Insights

Client Alert

November 24, 2025
The Digital Omnibus Proposal: Simplifying the EU Digital Rulebook by adding more rules?

Article · Source: Law360

October 23, 2025
EU Act Establishes Data Sharing Rules, But Hurdles Remain

Client Alert

September 5, 2025
Framework Intact, For Now: EU-US Data Flows Dodge Another Bullet

View all

Insights

Client Alert

November 24, 2025
The Digital Omnibus Proposal: Simplifying the EU Digital Rulebook by adding more rules?

Article · Source: Law360

October 23, 2025
EU Act Establishes Data Sharing Rules, But Hurdles Remain

Client Alert

September 5, 2025
Framework Intact, For Now: EU-US Data Flows Dodge Another Bullet

View all

Credentials

Master in International Business Law, Università Commerciale Luigi Bocconi

Master of Laws, ESADE Business and Law School – Universidad Ramon Llull

LL.B., University of Deusto, Spain

Brussels

Madrid

International Association of Privacy Professionals, Member