Thibaut D’hulst focuses on intellectual property law, new technologies, data protection, pharmaceutical law and competition law.

Thibaut regularly advises clients on all aspects of intellectual property law. His experience ranges from advising on strategies to protect trademarks, databases and other intellectual property to litigation, including patent validity and enforcement cases. He also regularly assists clients in new technology projects in relation to compliance with intellectual property, data protection and/or pharmaceutical laws. 

In addition, Thibaut is a certified Data Protection Officer and assists clients in complying with EU and Belgian data protection rules by conducting data protection audits, drafting company policies, information clauses and processor agreements on data protection, filing notifications, assisting clients in procedures before data protection authorities and advising on the international transfer of personal data.

In the field of competition law, Thibaut’s experience includes compliance training, assisting clients during and after dawn raids, advising on data protection aspects of competition procedures and on litigation concerning damages proceedings.


Dutch, English, French, German


  • Chambers Europe - Data Protection (Associates to watch)


  • Queen Mary, University of London, LL.M. in Intellectual Property Law, 2006

  • University of Leuven, Postgraduate degree in Business Economics, 2005

  • University of Leuven, Master of Laws, 2004

  • University of Namur, Bachelor of Law, 2001

Bar Admission


Publications and insights

Sign up for updates
    • 12/04/2019
    • Articles

    European Commission Publishes Guidance on Interplay between Clinical Trials Regulation and General Data Protection Regulation

    The European Commission published on 10 April 2019 a Question & Answer document on the interplay between General Data Protection Regulation 2016/679 (the GDPR), which entered into force on 25 May 2018, and Clinical Trials Regulation 536/2014 (the CTR), which is currently expected to enter into force in 2020. The Q&A document provides clarifications in areas where the interplay between both sets of rules, which apply simultaneously, is complicated. It recalls that under the GDPR, it will be for data controllers to demonstrate that personal data are processed in accordance with the GDPR. Satisfying this obligation implies respecting the data protection principles, providing adequate information to clinical trial participants, appointing a Data Protection Officer (if required), maintaining records of processing activities and facilitating the exercise of individual’s rights, along with meeting other requirements. The controller should also determine the legal basis for the various processing activities. In this task lies a common misunderstanding which the Q&A document seeks to rectify: the informed consent required under the CTR serves as an ethical standard and procedural obligation, and this should not be confused with consent as a legal basis for the processing of personal data under the GDPR. As regards the legal basis under the GDPR, the Q&A document explains that various processing operations involving the use of clinical trial data, which include operations related to research as well as operations that are required for the protection of health, may rely on a different legal basis. Requesting consent from the participants (in addition to the consent required under the CTR) may be one option, but the Q&A document also offers alternative options, depending on the situation at hand. It will be for the controller to assess and implement the most adequate legal basis. In that regard, if clinical trial data are used for further research outside the scope of the protocol (secondary use), another legal basis may be required. The Q&A document also assesses the impact of the entry into application of the GDPR on ongoing clinical trials which are governed by Clinical Trials Directive 2001/20/EC. In particular, the European Commission indicates that additional information may have to be provided to the clinical trial participants. In principle, the legal basis that was valid under national data protection rules implementing Directive 2001/20/EC prior to the GDPR remains applicable. However, if the processing of clinical trial participant data relies on the participant’s consent, it must be assessed whether such consent satisfies the stricter requirements of the GDPR. If this is not the case, a renewed consent may prove necessary. The full text of the Q&A document can be found here and is also attached.

    Read more
    • 13/02/2019
    • News

    Thibaut D’hulst and Darach Connolly quoted by Politico on the recent German Bundeskartellampt decision on Facebook

    Van Bael & Bellis counsel Thibaut D’hulst and associate Darach Connolly were quoted by Politico on the recent Facebook decision by the German competition authority – the Bundeskartellampt – which links data protection and competition law in a novel decision.

    Read more

Subscribe to our updates

Please select the practice areas you are interested in: *