Ceyhun Pehlivan

Ceyhun Pehlivan

Managing Associate, Madrid

"I am a leading European lawyer and advise global companies on their complex technology, data privacy, IP, and commercial law matters. I am a legal business partner and enabler. I help companies find practical solutions for their unique legal challenges."

Overview

Professional experience

Education and qualifications

Published works

Overview

Ceyhun is a leading attorney-at-law in Spain and co-leads the firm’s Telecommunications, Media and Technology (TMT) and IP practice group in the Madrid office as a managing associate. He has extensive experience advising both domestic and multinational clients on a wide range of matters, including new technologies, data protection (GDPR), privacy, e-commerce, complex information technology, licensing and outsourcing contracts, Big Data, blockchain and Fintech, intellectual property, as well as other commercial matters. His unique profile is based on his outstanding sectorial and international experience.

Ceyhun has also extensive experience in cybersecurity matters, including crisis management, including investigations by regulators and data protection authorities, and internal investigations. He dealt with a dozen of highly confidential domestic and international data breaches and cybersecurity incidents.

He has been recently recognized as a “Rising Star” and one of the “Top 10 Cybersecurity Lawyers in Spain” by Iberian Lawyer, and he is one of the 10 finalists at the Expansión Best Young Lawyer award in 2020. He also has been recently listed in The Best Lawyers in Spain.

Ceyhun is a full-time Adjunct Professor of Law at IE Law School, recognized as one of the top law schools in Europe, where he teaches privacy, data protection, and cyber-security in both postgraduate and undergraduate degrees.

He is also the Editor-in-Chief of the Global Privacy Law Review (Wolters Kluwer), an academic and professional law journal specialised in global privacy, data protection, and cybersecurity matters.

Work highlights
  • A number of domestic and international clients on highly confidential data breaches, cybersecurity incidents, investigations by regulators and data protection authorities, internal investigations, and crisis management
  • A leading global Spanish bank on a large data analytics project, including various data protection issues and GDPR compliance
  • A number of the world’s largest companies on domestic and international data protection and information governance projects, including the implementation of GDPR compliance programs
  • A leading health-technology company on the implementation and review of binding corporate rules
  • A leading global investment banking firm on a number of data protection matters
  • A Nasdaq-listed biopharmaceutical company on a complex drug development agreement
  • A leading global pharmaceutical company on a complex manufacturing and supply agreement

Professional experience

Ceyhun has been recognized as a “Rising Star” and one of the “Top 10 Cybersecurity Lawyers in Spain” by Iberian Lawyer, and he is one of the 10 finalists at the Expansión Best Young Lawyer award in 2020. He also has been recently listed in The Best Lawyers in Spain.

In his previous experience, Ceyhun was the lead in-house legal counsel in charge of the data protection and privacy practice of Philips, a leading health technology company, in its headquarters in the Netherlands. In this role, Ceyhun was responsible for, among others, the implementation of the General Data Protection Regulation (GDPR) and ePrivacy laws in the corporate group worldwide. He also advised on setting up and updating global privacy compliance programs (Binding Corporate Rules).

Ceyhun served as a member of the board of directors of the International Pharmaceutical & Medical Device Privacy Consortium (IPMPC), the leading entity comprised of chief privacy officers and other data privacy and security professionals from a number of research-based, global pharmaceutical companies and medical device manufacturers.

He was also a member of the GDPR Working Group of the National Health Information Sharing and Analysis Center (NH-ISAC), a global trusted community of critical infrastructure owners and operators within the Healthcare and Public Health sector (HPH).

In the past, Ceyhun also worked for other global leading law firms in Spain and Switzerland, advising multinational companies as outside counsel covering a wide range of sectors such as technology, health, pharmaceutical, financial industries.

Ceyhun is a full-time Adjunct Professor of Law at IE Law School, recognized as one of the top law schools in Europe, where he teaches privacy, data protection, and cyber-security in both postgraduate and undergraduate degrees.

 He is also the Editor-in-Chief of the Global Privacy Law Review (Wolters Kluwer), an academic and professional law journal specialised in global privacy, data protection, and cybersecurity matters.

He is also the co-chair of the International Association of Privacy Professionals (IAPP) (KnowledgeNet) in Spain.

 

Education and qualifications

Ceyhun holds a Law Degree and a Master’s in Business Law (LL.M.) from the University of Geneva in Switzerland. He also obtained a qualifying Spanish law degree from the Ministry of Education in Spain. He also has a Master of Finance from the University Carlos III of Madrid.

Ceyhun also studied several post-graduate programmes in universities such as Harvard Law School in USA (fully-funded), University of Bologna in Italy, Birla Institute of Management Technology in India, Duke-Geneva Institute in Transnational Law in Switzerland, and Complutense University of Madrid in Spain.

Published works

Ceyhun has been widely published in legal journals, including, among others, the following publications:

  • “Two-Year Anniversary of the GDPR: Where do we stand?”, Global Privacy Law Review, Vol. 1, Issue 2, 2020
  • “Blockchain and Data Protection, a compatible couple?” (co-authored with Inés Isidro), Global Privacy Law Review, Vol. 1 Issue 1, 2020
  • “Global Privacy News” (ed.), Global Privacy Law Review, Vol. 1, Issue 1, 2020
  • “Editorial Note: Foreword”, Global Privacy Law Review Vol. 1 Issue 1, 2020
  • “Blockchain y Protección de datos, ¿una pareja compatible?” (co-authored with Inés Isidro), Nuevas Tecnologías, 2020
  • "EU Commission signs agreement with industry on cybersecurity" and "EU proposes stricter rules on Bitcoin and prepaid cards", (Vv.Aa.) Computer Law & Security Review, Volume 32, Issue 5, 2016