Assisted a multinational organization primarily active in B2B to develop its AI governance framework and come up with an AI roadmap to foster the deployment of Responsible AI. *
Assisted a leading manufacturer of construction and mining equipment in assessing the exposure of the EU AI Act on its AI uses across a range of Products. *
Developed AI clauses in the context of the procurement of AI systems and the compliance with ethical AI principles and the EU AI Act. *
Participated in the First AI Grand Challenge organized by the University of St. Gallen (Switzerland) on the EU AI Act in 2023. *
Assisted a cryptocurrency player in the cybersecurity and privacy compliance aspects of its global operations and online platforms taking EU GDPR as a benchmark. *
Assisted a podcast platform in dealing with information requirements under the GDPR and the ePrivacy Directive, including drafting the website’s privacy notice and cookies notice. *
Worked on the development and setup of an API used to facilitate acceptance by merchants of cryptocurrency as means of payment on their platforms. *
From a privacy compliance point of view, the indirect collection of data and complexity of the supply chain made the representation particularly innovative. *
Participated in the deployment of a cryptocurrency designed as digital cash on phones by reviewing privacy settings and disclosure language. *
Counselled various clients with global operations in assessing the impact of the EU developments around personal data transfers post-Schrems II decision and in implementing supplementary measures for data transfers. A data transfer tool we developed was used for assessing and documenting the steps undertaken to authorize the data transfers to take place on the basis of standard contractual clauses. *
Contributed (in a personal capacity) to the INTERLINK consortium, a Horizon 2020 project, aiming at developing a new collaborative governance model between administrations and private partners, including citizens. INTERLINK will provide a set of digital building blocks, called “Interlinkers”, with the view to implement the defined governance model and standardize the basic functionalities needed to enable private actors to cooperate in the delivery of a service. *
Assisted a global insurance brokers group of companies in ensuring their readiness for uninterrupted personal data flows at the end of the Brexit transition period, taking into account the upcoming revision of standard contractual clauses and the post-Schrems II situation. *
Assisted a client in developing a line of defense and arguments to challenge the request from a non-EEA-based enforcement to access the personal data of some of its EU-based customers, while preserving a good level of cooperation and constructive dialogue. *
Counselled an international financial service institution in assessing roles of parties under GDPR and consequent compliance steps (including applicable contractual settings) in relation to the development of an e-wallet API. The representation included a determination of the likely GDPR nexus arising from the specifics of the EMV SRC “Click to Pay” standards. *
Represented ILGA Europe on a pro bono basis in the privacy and cybersecurity aspects of the Hub, a resource-sharing tool for LGBTI activists in Europe and Central Asia. *
Represented a major insurance group in its integration of EU operations from a cybersecurity and data privacy point of view. *
Assisted a regulated institution in the management, follow-up and remediation of a data breach. The representation includes dealing with the cross-border regulatory context. *
Counselled a chemical manufacturer in the privacy aspects of the deployment of a whistleblowing hotline solution. *
Advised, on a pro bono basis, the Red Cross EU Office, the European Council on Refugees and Exiles, Medair and the International Lesbian, Gay, Trans & Intersex Association in the review of their data mapping, legal basis for processing, privacy notices and privacy policies, and in their vendor remediation exercise. *
Represented clients in the cybersecurity and data privacy aspects of due diligence, SPA negotiation and integration. *
Counselled a Chinese financial institution in relation to the technical standards, organizational measures and incident reporting under the PSD2 and the interplay with GDPR and national laws implementing the NIS Directive. *
Assisted US B2B marketing companies, email service providers, payment services providers and an actor in the entertainment industry in assessing the impact of GDPR on their operations. *
Represented a hospitality client in the management of a high-profile data breach of its booking platform. *
Counselled an international financial service institution in designing and implementing a cloud-based SaaS monitoring tool aiming to protect the integrity of its systems and networks. *
Advised the United Nations regarding international legal issues related to e-evidence and processing of personal data for law enforcement purposes. *
Represented an Italian brand of shoes and clothing in its GDPR readiness exercise and in navigating the changes of the CCTV legislation post-GDPR in multiple countries. *
Assisted a global company providing payment solutions for an e-commerce app in assessing its role (data controller/data processor) and related requirements under GDPR. *
Advised clients in a number of industries, such as financial, marketing and insurance, in the drafting and negotiation of Art. 28 GDPR data processing agreements, representing both controllers and processors. *
Represented a leading supplier of automotive parts in dealing with the data privacy aspects of its global HR management and operations. The representation includes the assessment of the role of various group entities and analyzing appropriate data transfer mechanisms to support the exchange of data necessary for staff appraisal. *
Developed a structured approach to GDPR compliance for several trade associations in multiple EU countries. *
Contributed to the HTNG Working Group on GDPR. The outcome is a White Paper and Self-Assessment Tool adopted in March 2018. The White Paper describes key considerations of GDPR for the hospitality industry. The assessment tool aims to help professionals in the industry to evaluate their company’s ability to comply with the new regulation. Over 50 companies (from hotel brands, to software companies) participated in HTNG’s GDPR for Hospitality Workgroup. *
Part of the team who represented Nestlé S.A. in its agreement to acquire privately held Atrium Innovations, a Montreal-based global leader in nutritional health products, from a group of investors for US$2.3 billion. *
Represented a US financial group active in the credit card business in its negotiations with a payment network in France. The representation includes negotiations with the French DPA. *
Represented booking platforms in their challenge in front of the Working Party No. 29 of a new standard developed by the travel industry. *
Assisted a European actor in infusion therapy and clinical nutrition in dealing with the Belgian aspects of the acquisition of a US-headquartered group active in transfusion technology products for blood collection, separation and processing. *
*Denotes previous firm experience.
back
