Andrea Otaola

Data, Privacy and Security Associate at King & Spalding

Speaker

Andrea is an EU qualified lawyer that advises clients on complex legal and regulatory challenges at the intersection of technology, privacy, and cybersecurity. With dual admission in Spain and Belgium, she brings a multinational perspective to data compliance strategies, working with clients across sectors including telecommunications, tech, and financial services. Andrea is also a Certified Information Privacy Professional (CIPP/E) and an AI Governance Professional (AIGP), bringing both technical depth and practical insights to fast-evolving digital frameworks.

Andrea counsels multinational enterprises on compliance with a wide range of EU digital regulations, including GDPR, NIS2, DORA, the AI Act, the Data Act, the DMA, and the DSA. Her experience includes drafting privacy and cybersecurity policies and procedures, advising on personal data breaches, managing cross-border data transfers, and developing regulatory roadmaps for digital transformation.