LAWYER PROFILE
Michael Gorm Madsen

Michael Gorm Madsen

Europe 2026

Chambers ranking badge
Chambers ranking badge

Ranked in 1 practice area

About

Provided by Bird & Bird

Europe

Practice Areas

Commercial, Life Sciences and Healthcare, Privacy and Data Protection, Retail and Consumer, Technology & Communications

Career

I'm a partner and head of our skilled and dedicated Privacy and Data Protection group in Denmark, advising on a wide range of data protection and e-privacy matters.

The need for data protection advice has expanded dramatically with the introduction of the EU Data Protection Regulation (GDPR). The GDPR is a very complex set of rules, not only to understand, but also to apply. That calls for a pragmatic approach yet still deeply rooted in a profound knowledge of the law. Our job is to understand our clients' business and to help our clients find the right solutions for them. Therefore, I am particularly satisfied that our client feedback often mentions our readiness to understand the clients' need, our sense of pragmatic solutions and our availability.

My passion for data protection law began, like many other matters in life, as a coincidence. In 2000, an international law firm asked me to write a chapter to a book on the implementation of the Data Protection Directive in Denmark. From that point on, I was hooked by the complexity of data protection rules and the challenges they pose to an ever changing world facing new technological development and possibilities.

Together with my team, I have vast experience in assisting our clients with all aspects of privacy and data protection, from full blown GDPR compliance projects, including awareness and client training, identification of lawful basis, complying with transparency requirements, establishing the appropriate level of procedures, policies and safety measures, to the daily challenges, including subject access requests, data breaches, negotiation of data processor agreements, cross border transfers of personal data, audits and authority enquiries, and taking part in clients business elaborations sitting in the midst of a service or product developing team with the task of ensuring privacy by design.

As GDPR applies to every kind of business and organisation, I have assisted and gained insight into a wide range of client sectors including retail, biotech and medical device, adtech, gaming, health sector, fintech, software and platform service providers, insurance and brokers, utility providers, industry associations, unions, public bodies and non-profitable organisations and more.

Being a part of Bird & Bird's international team of skilled privacy and data protection lawyers provides a unique tool enabling seamless coordination of cross border advice and projects and I have coordinated as well as contributed to multi-jurisdictional projects.

Since 2013, I have been a Certified Information Privacy Professional (CIPP/E).

Having a commercial law background, I also advise on commercial contracts, consumer law and marketing law.

Work Highlights

- Rolling out a global Danish retailers' data protection program in 25 EU and EEA countries: including data mapping and providing country specific gap analysis. Our Copenhagen Data protection team coordinated advice from Bird & Bird's international network of lawyers to include advice on local variations. As part of the project we held a number of internationally accessible webinars and local workshops in all countries. The project further involved the international roll out of localised GDPR implementation documentation.

- Assisting a public authority agency in a GDPR compliance project: including identifying data processing activities and verifying the relevant lawful basis, identifying data processor relations and preparing gap-analysis including advice on the implementation step required to obtain full GDPR compliance. During the project, we also advised on several privacy related issues on the agency's marketing activities, the use of photos and video recordings, the processing of personal data on website and e-marketing.

- Assisting a modern waste-management and energy company in a full GDPR compliance project. The project included assistance on map data processing activities in relation to consumers, users of services, and employees. Based on an extensive mapping of data flow and processing activities our Copenhagen data protection team prepared a gap analysis verifying lawful basis for processing and identified steps to be taken to become fully GDPR compliant. Furthermore, we assisted in the implementation process and have drafted required GDPR documentation. At the end of the project, the client decided to appoint Bird & Bird as their formal Data Protection Officer.

Chambers Review

Provided by Chambers

Chambers European Guide

Data Protection - Denmark

Band 2
Band 2

Individual Editorial

Michael Gorm Madsen leads Bird & Bird's privacy and data protection practice in Denmark. He advises charities, fintech entities, energy companies and IT organisations on the full gamut of compliance advice, privacy notices and processing agreements.

Strengths

Provided by Chambers

  • Michael is always taking responsibility, being responsive and showing interest in fully understanding our issues and vision.

    Data ProtectionChambers European Guide
  • Michael is both a great advisor and sparring partner, and he excels in obtaining an in-depth understanding of the organisation that he is working with.

    Data ProtectionChambers European Guide
  • Michael is always helpful and consistently provides prompt and concise responses.

    Data ProtectionChambers European Guide
  • He is so helpful and very good in communicating difficult matters within data protection law in a language I understand.

    Data ProtectionChambers European Guide

Ranked Individuals at Bird & Bird (143)

Belgium

Czech Republic

Denmark

What success is built on

Chambers is the leading data and intelligence partner for the legal sector.

Explore thought leadership