NETHERLANDS Law and Practice Contributed by: Herald Jongen, Maarten de Boorder, Samuel Garcia Nelen and Jelmer Kalisvaart, Greenberg Traurig, LLP
trade secrets) while still providing enough information for bidders to make informed decisions. 9.3 Data Privacy Data privacy restrictions in the Netherlands, primar- ily governed by the General Data Protection Regula- tion (GDPR), can limit the scope of due diligence in technology company transactions. These restrictions apply to the handling, sharing and transferring of per- sonal data during the due diligence process. Important data privacy restrictions impacting due dili- gence include the following. • GDPR compliance – the GDPR, which applies across the EU and thus in the Netherlands, impos- es strict requirements on how personal data is handled. Companies must ensure that personal data shared during due diligence is: (a) minimised – only data necessary for the assessment should be shared (data minimisa- tion principle); (b) anonymised or pseudonymised – where pos- sible, personal data should be anonymised or pseudonymised to protect the privacy of individuals, especially sensitive information like employee, customer or user data; and (c) lawful – there must be a legal basis for sharing personal data, such as the legitimate interests of completing the transaction, but this must be balanced against the privacy rights of data subjects. • Due diligence limitations – in the context of tech- nology M&A, the following restrictions often apply: (a) employee data – sharing identifiable employee information (eg, payroll or personal details) can be restricted, unless necessary for assessing liabilities or integration risks; (b) customer data – access to customer databas- es, especially if they include sensitive informa- tion, is limited and often requires anonymisa- tion or consent before sharing; and (c) intellectual property or source code – if source code or technology assets contain embedded personal data (eg, user data in AI training mod- els), additional precautions may be required before disclosing these assets.
• Data processing agreements (DPA): If personal data must be transferred during due diligence, a DPA between the selling and buying parties may be necessary to outline the terms of processing and ensure GDPR compliance. This contract would include provisions on security measures, data pro- tection obligations and how the data can be used. • Cross-border data transfers: If the buyer is out- side the EEA, the GDPR restricts the transfer of personal data to countries that do not provide an adequate level of data protection. In such cases, specific safeguards like standard contractual clauses (SCCs) must be in place to legally transfer data during the due diligence process. In case of a public offer, the offer memorandum must be filed for approval with the AFM within 12 weeks following the initial announcement. The review and approval process generally takes three to four weeks. Within six business days after obtaining the AFM’s approval of the offer memorandum, the bidder must either launch the offer or publicly renounce its deci- sion to launch an offer. The offer is launched by making the offer memoran- dum publicly available, typically by publishing the offer memorandum on the website of the offeror and/or the target. The tender period may not commence earlier than on the first business day following the day that the offer is launched and no later than the ninth busi- ness day after the date on which the AFM has given 10. Disclosure 10.1 Making a Bid Public If a bidder offers securities as consideration they will generally be required to make an approved prospectus available. This obligation also applies to the admission of such securities to trading on a regulated market, such as Euronext Amsterdam. The Prospectus Regu- lation provides for certain exemptions with respect to the prospectus obligation. For example, the obligation to publish a prospectus does not apply to securities offered in connection with a takeover by means of an exchange offer, or offered or allotted in connection its approval of the offer memorandum. 10.2 Prospectus Requirements
203 CHAMBERS.COM
Powered by FlippingBook