It was through my many negotiations of IT contracts, particularly XaaS, that I came to specialize in data protection.
A holder since 2018 of the certifications issued by IAPP CIPP/E and CIPM, I was lucky enough to work as a “contractor” for two and a half years in data protection for a multinational weighing over USD 20 billion in sales per year at the time of the GDPR’s adoption.

I was thus able to take part in the GDPR “task force” and familiarized myself with the issues, priorities and setting up of the processes and tools required within large companies. Working alongside the IS/IT and risk management teams as legal lead counsel, while favouring a pragmatic approach, the compliance exercise was brought to a close with an audit successfully passed.

Since then, I have been regularly consulted under the Federal Data Protection Act and the GDPR by companies of all sizes on setting up compliance programs, drawing up the necessary contractual documentation and adopting incident response plans.

I favour a pragmatic approach based on an assessment of the risks deemed acceptable, focusing on the essential elements to be put in place to minimize costs.

See our “Services” section for details.