Skip to content

Operational Experience at an Executive Level

White Label Consultancy was founded in 2019 in Oslo and has since inception been led by a team with operational experience at an executive level. 

The motivation of the WLC founders continues to be to protect corporates from digital risks such as privacy breaches and cybercrime. The founders struggled to receive actionable advice from external consultants while implementing GDPR programs in the corporations they worked for. This motived them to deliver consultancy they felt was missing from the market. 

Digital challenges have grown multifaceted due to a proliferation of advanced data processing technologies and the complex cross-functional national data processing in larger organisations. On top of the increased technical complexity, a surge in new legislative requirements means market demand is ever increasing. 

The first White Label Consultancy client was a large Scandinavian technology company and since then, WLC has been experiencing a rapid growth as well as sectoral and geographical expansion. WLC has offices in four different jurisdictions, clients in fifteen countries from industries including pharma, telecom, logistics, manufacturing, hospitality, public administration, law firms, event management, retail, and more. 

WLC is flexibly organised so that sudden increases in demand can be catered to by recruiting the best possible candidates from a network across Europe. In 2022 André Årnes, the Chief Security Officer of Telenor Group and professor in Cyber Security at the Norwegian Technical University joined White Label Consultancy to head the Cyber Security capacity.

1 +
+ 75
Privacy audits
+ 100
WLC Privacy Professionals // Map of Geographical Experience // White Label Consultancy

Trusted by clients from industries such as pharma, telecom, logistics, manufacturing, hospitality, public administration, law firms, event management, retail, and more. Operating in multiple geographies including all countries within the European Union.

Our Team

Our path is what makes us


Nicholai Pfeiffer

Managing Partner

Nicholai has 20+ years of experience in the technology and telecommunications industries. He has a successful track record of managing global legal & privacy teams as well as complex large-scale projects. 

Prior to joining WLC, he served 5 years as Group Privacy Officer of Telenor Group, where he successfully led one of largest GDPR-projects in Scandinavia. Nicholai has extensive experience with implementation of privacy management programs in global organisations.

In addition to the wide range of top-level roles within the telecom industry, he has served in the office of Danish Telecom regulator. 

Nicholai holds a Master of Law degree from the University of Copenhagen.

Dr. Magdalena Góralczyk

Partner, Head of Data Protection

Before joining WLC, Magdalena served as the Global Lead Privacy Counsel for Nokia. Prior to that she was Vice President for Privacy in a global telecom.

She has advised international organisations on legal developments globally, among others on implementation of privacy controls for ad-tech, vendor management efforts, free data flow regulations. In addition, she has led several BCR projects.

Her work in EU funded research includes consulting on consent provisions in the drafting phase of GDPR.

Her data protection experience is rooted in her PhD on the concept of anonymity and identity and previous experience in academia.

Andre Arnes

André Årnes

Partner, Head of Cyber Security

André joined WLC as a Partner in January 2022, after having served 7 years as the Global CSO of Telenor Group.

He has 20+ years of experience within security leadership, Cyber  Security, and digital forensics.

His previous work experience covers working as CIO in Telenor Global Shared Services, a Senior Principal Consultant for Security Architecture with Oracle, and as a Special Investigator the for Norwegian National Criminal Investigation Service.

André is also a part-time Professor at the Norwegian Technical University (NTNU) Department of Information Security and Communication Technology.

Prof. Dr. Marcelo Corrales Compagnucci

Special Counsel, Data Protection

Marcelo is Attorney-at-Law specializing in disruptive technologies, privacy and data protection law. His past activities have included working as a consultant and lawyer for law firms and IT companies. Marcelo has also vast experience in EU funded research projects. He is currently Associate Professor of IT Law at the University of Copenhagen in Denmark. He has a Doctor of Laws (LL.D.) degree from Kyushu University in Japan. He also holds a Master of Laws (LL.M.) in international economics and business law from Kyushu University, and an LL.M. in law and information technology and an LL.M. in European intellectual property law, both from the University of Stockholm in Sweden. He has several publications in the field of IT Law.


Kevin K.K. Khoo

Senior Consultant, Cyber Security

Kevin is an experience Cyber Security professional. In his previous roles he has been directly involved in defining IT-architecture to meet organisational requirements regarding Cyber Security, development, and operations. He has led and deployed Secure End-user Computing Platforms in various organisations and for remote workers. In addition, he has led the implementation of Microsoft’s Office 365 platform including data migration, architecture and implementation in several organisations. Kevin holds an ISO27001 diploma and has supported organisations in preparing for Cyber Security certification.

Federico Marengo

Senior Consultant, Data Protection

Federico is a data protection consultant that worked for TNP Consultants and Data Business Services. He is a privacy enthusiast who has established himself as a thought-leader on the application of data protection in advanced and complex data privacy domains, such as Artificial Intelligence and Cloud Computing. Federico has an LL.M. (University of Manchester), and is a PhD candidate (Bocconi University, Milano). As a PhD researcher, his research deals with the potential and challenges of the General Data Protection Regulation to protect data subjects against the adverse effects of Artificial Intelligence. He is also a teaching assistant in two courses at Bocconi University.
He is the author of “Data Protection Law in Charts. A Visual Guide to the General Data Protection Regulation“, e-book released in 2021.

Dusan Pavlovic

Senior Consultant, Data Protection

Dusan Pavlovic is a seasoned privacy professional with experience in private corporations and public-funded research and development projects (Horizon 2020 and United Nations). He works as a Senior Data protection Consultant at White Label Consultancy. Before joining White Label Consultancy Dusan was working in the online gambling industry. Also, he focused on data protection and regulatory aspects of online gambling while he was doing his research in academia. Dusan holds a Ph.D. from Tilburg University, and a Ph.D. from the University of Bologna, as well as an LL.M. from Leibniz University, Hanover. Also, he has conducted legal research as a research fellow for the University of Nevada.
Dusan is a member of IAPP and holds CIPP/E and CIPM.

Philip Tavares

Senior Consultant, Vendor Management

Philip has  over 25 years of international experience in the telecommunications / ICT sector. He has steadily built and managed multiple organizations, achieving consistent results and value-creation. Furthermore, his knowledge of procurement, supply-chain management, third party risk management, and partner management, is extensive. 

Prior to WLC Philip served the Telenor Group 11 years. Trusted by his peers and handpicked to take charge of global procurement transformation programs, he is known for his capacity to execute.  He held multiple Vice-President roles in group procurement and was central in establishing the Telenor Procurement Company.  He served Ericsson 13 years in global executive positions in Business Development, Sales Management, and Strategic Product Management.  



Prof. Dr. Tihomir Katulic

Special Counsel, Data Protection

Tihomir is an information technology lawyer and data protection expert with experience as a consultant for business organisations, public administration institutions and law firms. He is a member of the European Data Protection Board External Pool of Experts and the chair of the Croatian Chapter of the International Association of Privacy Professionals, where he also serves with the IAPP Education Board.

Currently working as an Associate Professor of IT Law at the University of Zagreb, Tihomir chairs the National Panel of Experts of the Croatian State Intellectual Property Office, is an arbiter for the Croatian Domain Name Service Arbitration Body.

Diana Rosu

Consultant, Data Protection

Diana previously worked as a Privacy & Data Protection Junior Consultant in a consulting firm in Romania and she volunteers in an international NGO that advocates for privacy. 

She holds a degree in European law (LL.M) and a Bachelor’s in law (LL.B) from AL. I. Cuza University of Iasi, and she has followed privacy related courses at the University of Turku.


Cassandra Stead


Cassandra graduated from BI Norwegian Business School with a Bachelor of Business Administration, specialising in Finance in Oslo, Norway. 

Cassandra has worked for White Label Consultancy since 2020.

Stefan Buzas

Business Operations Manager

Stefan previously worked as a Product Manager at one of Microsoft’s partners in Budapest. Later, he joined an IT and Marketing startup company as a Customer Success Manager. He highly contributed to the company’s rapid growth, which attracted clients from all over the world. He got promoted to the Operations Manager position, taking care of all the processes and operational aspects throughout the different departments within the company.

He studied economics, English, and music.