Diljá Helgadóttir focuses on all aspects of EU competition law, as well as EU regulatory law.

Prior to joining Van Bael & Bellis, Diljá worked at the Ministry of Foreign Affairs in Iceland as an advisor in free trade negotiations with third countries. Diljá also gained experience at leading law firms in both Reykjavik and Hamburg.


Icelandic, English, Danish, Norwegian


  • Duke University School of Law, USA, Merit Scholar, LL.M. International Business Law, 2020
  • Reykjavik University, Master of Laws, summa cum laude, 2019
  • Bucerius Law School, Germany, International and Comparative Business Law, 2017
  • Reykjavik University, Bachelor of Laws, magna cum laude, 2017


Diljá has published several peer-reviewed articles and delivered lectures in EU law and the law of obligations, in particular mortgage law.

Peer-reviewed publications:

‘Few words about the liability of a bankruptcy estate towards shareholders and other related parties’ publication’ Úlfljótur, The Legal Journal of University of Iceland, June 2020.

‘The Interaction Between Directive 2015/2366 (EU) on Payment Services (PSD2) and Regulation (EU) 2016/679 on General Data Protection (GDPR) Concerning Third Party Players’ Trinity College Law Review, March 2020.

‘Bankruptcy estate claims for unlawful allocation of funds from a company’ The Legal Journal of RU (Tímarit Lögréttu), October 2019.

‘Breakthrough in the payment service market legislation: Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services.’ Legal Journal of RU (Tímarit Lögréttu), October 2019. Co-author: Dr. Margret Einarsdottir.

‘Extension of time limitations after the end of bankruptcy’ Úlfljótur, The Legal Journal of University of Iceland, June 2019.

‘Validity of guarantees and deficiencies in credit assessment’ Legal Journal of RU (Tímarit Lögréttu), December 2019. Co-author: Stefan Andrew Svensson.

Other publications:

‘The conflict concerning data sharing under PSD2 and obtaining consent to share such data under GDPR’ Oxford Business Law Blog, 2020.

‘Foreign direct investment in the EU and Iceland’s position’ Morgunbladid Newspaper, 2020.

‘Electronic shareholder meetings in the era of COVID-19’ Morgunbladid Newspaper, 2020.

‘Initial Negotiations when Negotiating a Merger and Acquisition Deal’ Vísir, 2019.

‘Nomination committees in the public sector’ The Icelandic Business Journal, 2020.

‘A milestone in the payment services market: PSD2 incorporated into the EEA Agreement.’ The Icelandic Business Journal, 2019.

‘Recovery Rights of the Icelandic Government’s Guarantee Fund’ The Icelandic Business Journal, 2019.


Publications and insights

Sign up for updates
    • 04/02/2021
    • Articles

    Brexit Implications for Data Protection in 8 Questions | Q&A Update under Brexit Trade Deal

    On 24 December 2020, the UK and the EU agreed a Trade and Cooperation Agreement regulating relations between both parties after Brexit. The TCA covers several topics, including data protection. Meanwhile, Brexit continues to raise many legal questions and uncertainties, not least as regards protecting personal data that flows between the UK and the rest of Europe. Do organisations in the UK still have to comply with the General Data Protection Regulation (GDPR)? Can they still transfer personal data to the European Economic Area (EEA)? Do they need to appoint a representative in the EU? And what happens with the “one-stop-shop”? Based on eight frequently asked questions, we provide an overview of issues to consider and steps to take to be compliant with data protection rules in the EEA and the UK. Please read our updated Q&A on the topic.

    Read more
    • 26/01/2021
    • Articles

    EDPB adopts Guidelines on examples regarding data breach notification

    On 18 January 2020, the European Data Protection Board (EDPB) published new guidance on how to handle data breaches in the form of “Examples regarding Data Breach Notification” (Guidelines 01/2021 on Examples regarding Data Breach Notification – the Guidelines). The Guidelines discuss 18 examples of data breaches, explaining in each case whether the breach must be notified to supervisory authorities and/or to the data subjects concerned. In addition, the Guidelines contain useful recommendations on preventive measures and solutions to mitigate the impact of data breaches. The Guidelines follow earlier general guidance on the topic from the Article 29 Working Party (WP29). The Guidelines complement the WP29 guidance and provide more practical advice based on the common experiences of the national supervisory authorities of the EEA countries since the GDPR entered into force. Please click below to read our note on the new guidelines published by the EDPB.

    Read more
    • 01/12/2020
    • Articles

    Commission Tables Data Governance Act

    On 25 November 2020, the European Commission proposed a Regulation on data governance (Data Governance Act) to better exploit the potential of ever-growing data in a trustworthy European framework. The proposal is the first of a set of measures announced in the 2020 European strategy for data (available here). According to the Commission, the proposed Regulation offers a new form of data governance and establishes an alternative model to the data-handling practices of the big technology platforms. The model is based on the neutrality and transparency of data intermediaries as organisers of data sharing or pooling. Please click the link below for a short article on this proposal.

    Read more

Subscribe to our updates

Please select the practice areas you are interested in: *