Operational Experience
at an Executive Level
Our team is full of drive and creative talent, ready to assist you in navigating with both strategic and operational challenges, as well as digital risks you face while running a modern organisation. At White Label, we offer a comprehensive and practical approach to data protection, AI, and cybersecurity projects.
Our objective is to understand your business and be the experts you can rely on to enable the use of data that supports your organisation.
We know that every project is different and that priorities can change. We can manage entire engagements from our offices, integrate our cybersecurity and data protection experts with your global teams, or allow you to leverage our highly skilled consultant resources when you require additional capacity or expertise. We can provide support at any point during the project lifecycle, from strategy to delivery, ongoing product management, and maintenance of data processing activities.
Our Team
Our Path is What Makes Us
Nicholai Pfeiffer
Managing Partner
Nicholai has 20+ years of experience in the technology and telecommunications industries. He has a successful track record of managing global legal & privacy teams and complex large-scale projects. Before joining WLC, he served 5 years as Group Privacy Officer of Telenor Group, where he successfully led one of the largest GDPR projects in Scandinavia. Nicholai has extensive experience implementing privacy management programs in global organisations. In addition to the wide range of top-level roles within the telecom industry, he has served in the office of the Danish Telecom regulator. Nicholai holds a Master of Law degree from the University of Copenhagen.
Magdalena Góralczyk
Partner, Head of Data Protection
Before joining WLC, Magdalena served as the Global Lead Privacy Counsel for Nokia. Prior to that she was Vice President for Privacy in a global telecom. She has advised international organisations on legal developments globally, among others, on the implementation of privacy controls for ad tech, vendor management efforts, and free data flow regulations. In addition, she has led several BCR projects. Her work in EU-funded research includes consulting on consent provisions in the drafting phase of GDPR. Her data protection experience is rooted in her PhD on the concept of anonymity and identity and previous experience in academia.
André Årnes
Partner, Head of Cybersecurity
André joined WLC as a Partner in January 2022, after having served 7 years as the Global CSO of Telenor Group. He has 20+ years of experience within security leadership, cybersecurity, and digital forensics. His previous work experience covers working as CIO in Telenor Global Shared Services, Senior Principal Consultant for Security Architecture with Oracle, and Special Investigator for the Norwegian National Criminal Investigation Service. André is also a part-time Professor at the Norwegian Technical University (NTNU) Department of Information Security and Communication Technology.
Prior to WLC, Kevin has 28+ years of experience in IT and information security, from consulting, management, implementation, and operations to shared services. He is well versed with the telecommunications sector during his stint at Telenor Group, held multiple roles in global shared services and business unit operations, with strict security requirements. Other sector experiences include manufacturing, public services, financial services, and eCommerce. His consulting credentials include complex project and technology executions from SAP to Microsoft’s Digital Workplace solutions within Asia, the EU, and the Nordics. As the architect of WLC’s Cybersecurity Maturity Execution (CME) Framework, he works with global, regional, and local security standards such as ISO/IEC 27001, and NIST Cybersecurity Framework. NIS2 Directive, CIS Controls, etc. Kevin is a certified ISO/IEC 27001 Lead Implementer (B.S.I.) and INSEAD Strategy Execution Programme Certificate (Distinction).
Alisa joins WLC from Sopra Steria, where she has been section manager for cybersecurity and Splunk, and she has broad experience across multiple roles within cybersecurity at strategic and leadership levels. She has strong analytical and communication skills and is highly focused on bridging gaps between teams and subject areas. She brings a holistic perspective and an action-oriented approach. She has gained extensive and global experience from Telenor Group, where she was the project manager for one of the largest global strategic cybersecurity projects and acted as the Business Security Officer for the Telenor Group Units. Alisa takes a particular interest in the intersection between security, technology, and policy and has represented Telenor at the United Nations’ Open-Ended-Working-Group on Security, and initiated and led several internal activities on cybersecurity regulation.
Merlyn is an experienced privacy professional dedicated to providing clients across various industries with robust data protection solutions. With a strong background in privacy and data protection gained at an international law firm, Merlyn offers valuable expertise in regulatory compliance, data security, governance, and breach response.
At WLC, Merlyn’s insights and extensive knowledge of data protection regulations, including the GDPR, UAE, DIFC, ADGM, and Saudi Arabia Data Protection Law, play a pivotal role in assisting clients in achieving compliance and implementing best practices. As a Certified Privacy Professional (CIPP/E) recognized by the International Association of Privacy Professionals (IAPP), Merlyn is equipped to guide clients through the complexities of data protection and privacy regulations with precision and clarity.
Shemy is an attorney-at-law (non-practicing) and Certified Privacy Professional (CIPP/E) with +7 years of professional experience in the field of new technologies, data protection & privacy, and e-commerce. He is a skillful, solution-oriented advisor and a technology enthusiast. His track record includes advising entities, i.e., deploying AI tools, IoT solutions, or SaaS/PaaS platforms reinforced by cloud computing. He also regularly supports companies in privacy implementations, audits and data processing & sharing contracts negotiations. In 2023, he was deemed a recommended lawyer in the IT & Telecommunications sector in an international ranking for top lawyers and law firms – Legal500.
Meredith Primrose Jones is a legal and cybersecurity professional with a Master of Laws in International Security Law from the Australian National University. Before joining WLC, Meredith worked at top Australian universities as a Researcher and a Lecturer of Law. Areas of law Meredith taught across included cyber law, privacy, artificial intelligence, and technology law. Whilst focused on cybersecurity, Meredith’s research has been published in the fields of cyber and hybrid warfare. She actively contributes to reports relating to warfare, cybersecurity, and hybrid threats and remains closely affiliated with the Centre for Cybersecurity Research and Innovation at RMIT University in Melbourne. Meredith has also had experience in writing government submissions relating to cybersecurity practices and high-level reports detailing recommendations for improved cybersecurity capacity building and legislative reform.
Cassandra graduated from BI Norwegian Business School with a Bachelor of Business Administration, specialising in Finance in Oslo, Norway. She later graduated with an LLM in Law and Legal Practice from BPP University in London, England. Cassandra has supported companies as their Data Protection Officer. She has experience supporting clients around the globe with various activities, including developing and reviewing comprehensive privacy documentation, breach management, mapping data privacy compliance and legislation, and implementing new privacy programmes.
Lucrezia is a Data Protection Consultant with a solid European and International Law background. She holds an LL.B. in European Law from Maastricht University and an LL.M. in Public International Law, with specialisation in Peace and Security, from Oslo University. Currently, she is pursuing a second LL.M. in Information and Communication Technology Law from Oslo University, focusing on robot regulation, artificial intelligence, and cybersecurity, to deepen her expertise in these areas. Joining WLC in 2023, Lucrezia has been actively involved in assisting clients across various jurisdictions with their data protection compliance needs. Moreover, she contributes significantly to the successful execution of research projects undertaken by WLC.
Arina is a legal consultant with an academic background, holding a PhD focused on data protection. She has several years of practice specialising in managing EU data protection compliance projects both for start-ups and established group companies. She also completed a traineeship in the Secretariat of the European Data Protection Board.
Norman previously worked in an Estonian law firm specialising in privacy and data protection, and he volunteers at an international NGO that advocates for data privacy. Norman holds a Bachelor’s degree in law (Bachelor of Arts in Social Sciences (law), officially equivalent to LL.B) (cum laude) from Tallinn University of Technology and a Master’s degree in law (LL.M.) from the University of Oslo.
Kristine is a lawyer and a Certified Information Privacy Professional for Europe and the US (CIPP/E and CIPP/US). She is a member of the International Association of Privacy Professionals (IAPP) and the International Bar Association (IBA). She holds a Master of Laws specialising in Data Protection, Intellectual Property, and Artificial Intelligence from Technische Universität Dresden in Germany and was a recipient of the DAAD Konrad Zuse School of Embedded and Composite A.I. (SECAI) scholarship for her research on the EU AI Act and automated decision making. Before joining WLC, she had over 6 years of experience as a corporate lawyer handling corporate reorganisation, data privacy advisory, M&A, and IPO due diligence.
Monika is a lawyer with experience gained in law firms and as in-house counsel, advising on privacy, information security, IP/IT and business law. She specializes in drafting and reviewing data protection and information security procedures, data processing agreements, conducting DPIAs, and incident management. As an experienced practitioner and a graduate of certified DPO courses, she has extensive knowledge of privacy issues in new technologies, particularly in software development using distributed ledger and generative AI (LLM) technologies in organizations. Monika focuses on providing business-friendly solutions and is passionate about new technologies and language learning.
Michał is a seasoned Project Manager with a proven track record of successfully delivering projects. He brings a wealth of experience in mobile and web application development, adeptly managing teams and resources to ensure projects meet their objectives. Michał’s expertise lies in overseeing the full project lifecycle, from inception to deployment, ensuring quality and efficiency at every stage. His strategic vision and hands-on approach have consistently led to the successful completion of innovative and high-impact digital solutions.
Stefan is a dynamic and results-driven professional with a rich background in customer sales, product management, and business operations. After many successful years at Hungarian Telekom as a Customer Sales Specialist, Stefan transitioned to a Product Manager role at a Microsoft partner in Budapest. His journey continued as a Customer Success Manager at an IT and Marketing startup, where he played a pivotal role in the company’s rapid global growth. His exceptional contributions led to his promotion to Operations Manager, where he expertly managed processes and operational aspects across various departments. Stefan has studied economics and is fluent in English, Hungarian, and Romanian, combining his background with practical experience to drive business success.
Jacek is a seasoned Finance Controller with over 20 years of experience in the field. Before joining WLC, he held key positions at various multinational corporations, where he managed finance and procurement functions across diverse sectors, encompassing both production and service-oriented enterprises.
Throughout his career, Jacek has demonstrated proficiency in financial reporting, planning, and analysis, among other aspects of corporate finance. He earned his master’s degree from the Leipzig School of Management in Germany.