Belgian ICT law firm providing data protection, AI governance, and regulatory compliance expertise to EU research and innovation consortia.
TIMELEX is a Brussels-based legal and regulatory consultancy specializing in ICT law, data protection, privacy, and digital governance. In EU projects, they provide the legal and compliance layer — advising on GDPR, eIDAS, trust frameworks, cybersecurity regulation, and cross-border data sharing rules. Their work spans healthcare data exchange (CUREX, KONFIDO), digital government services (TOOP, DE4A, mGov4EU), and cybersecurity governance (CyberSec4Europe, FORMOBILE). They translate complex regulatory requirements into actionable guidance for technical consortia building digital platforms and data-sharing architectures.
Central legal partner in CUREX (health data exchange), KONFIDO (eHealth interoperability), iReceptor Plus (federated health data), INCISIVE, BIGPICTURE, and REBECCA (cancer data platforms).
Legal expertise in TOOP, DE4A, mGov4EU, and ACROSS — all focused on once-only principle, Single Digital Gateway, and cross-border e-government under eIDAS.
Contributed to CyberSec4Europe (governance and certification), SecureHospitals.eu (awareness and training), FORMOBILE (mobile forensics legal chain), and RAYUELA (cybercrime and child protection).
Recent projects ONCORELIEF, INCISIVE, TEAMING.AI, and DE4A involve legal frameworks for AI deployment and blockchain-based data governance.
LIGHTest (global trust list infrastructure), mGov4EU (eIDAS mobile identity), and KONFIDO (eID for health) all required trust and identity regulation expertise.
In the early period (2015–2018), TIMELEX focused on foundational trust infrastructure (LIGHTest), eHealth interoperability law (KONFIDO, AEGLE), and the once-only principle for public administrations (TOOP, CITADEL). From 2019 onward, their work shifted decisively toward AI governance, blockchain regulation, and the Single Digital Gateway — reflecting the EU's own regulatory trajectory toward the AI Act and Digital Services Act. Their health portfolio also deepened, moving from general eHealth compliance to specific cancer data platforms (INCISIVE, BIGPICTURE, REBECCA) requiring nuanced data-sharing legal frameworks.
TIMELEX is positioning itself at the intersection of AI regulation and health data governance — exactly where the EU AI Act and European Health Data Space will create massive demand for legal expertise.
TIMELEX operates exclusively as a specialist partner, never leading consortia but joining them to fill the critical legal and regulatory compliance gap. With 495 unique partners across 38 countries, they are a high-connectivity hub — rarely working with the same consortium twice, instead spreading across diverse domains wherever legal expertise is needed. This makes them an easy, low-risk partner to bring in: they know how EU consortia work, they stay in their lane, and they deliver the compliance and ethics deliverables that technical partners typically cannot.
Exceptionally broad network of 495 unique partners across 38 countries, reflecting their role as a go-to legal specialist that diverse consortia invite for compliance coverage. Strong presence across Western and Southern Europe, with Brussels location providing natural proximity to EU institutions and policy processes.
TIMELEX occupies a rare niche: a private law firm that genuinely understands both the legal and technical dimensions of EU digital policy. While many law firms advise on GDPR in theory, TIMELEX has hands-on experience embedded in 30 R&D consortia building real systems — from federated health data platforms to cross-border identity infrastructure. For any consortium that needs a legally bulletproof architecture for data sharing, AI deployment, or digital services, TIMELEX brings battle-tested regulatory knowledge that academic legal partners often cannot match.
