RGPD – Cybersecurity
The firm has developed an extensive expertise in matters of personal data protection, initially for the banking, financial and Fintech sectors. On the basis of this experience, the firm now assists private and public operators in regard to their compliance and privacy disputes and in the event of audits or proceedings by the authorities:
- Mapping of processing and risks
- Internal and subcontractor compliance audits
- Impact studies
- Compliance programmes
- Drafting of services agreements
- Preventive measures against the risks of cyber-attacks
- Assistance in the course of CNIL’s inspections and sanction procedures
Examples include:
- Assisting an organisation victim of a ransomware attack.
- Assisting a bank victim of data exfiltration by one of its service providers.
- Legal characterization of the relationships and roles, from an RGPD point of view, in various complex financial schemes (acquisition of payment orders by chained PSPs, multi-party contracts involving many ISPs as well as their own service providers in an investment services scheme benefiting institutional clients but also retail clients, etc.).
- Assisting a major web operator in regard to data outsourcing in order to take into account the regulatory constraints specific to the RGPD as well as the rules specifically applicable to the category of professionals targeted by this operator.
- Drafting of services agreements (RGPD clauses).