We protect your IT/web projects, as well as all your creations, information and data, which are, now more than ever, essential business assets.
The quality of the management of your data, those of your customers and partners, as well as those of your IT tools impacts both your reputation and your profitability!
This is evidenced by the numerous hackings and data leaks and their consequences for both the people concerned and the companies affected by these events.
Legal security for projects, risk prevention, improvement of processes and implementation of best practices in terms of data protection: IT charters, confidentiality policies, confidentiality agreements, specificities related to the activity (professional and banking secrecy, stock exchange regulations, defence secrecy, etc.), adaptation of internal regulations and employment contracts, etc.
The proper dissemination of internal procedures and rules and the raising of awareness among both collaborators and partners is crucial: a large number of security breaches could be avoided if appropriate precautions were taken by all data users (collaborators, sub-contractors, partners, etc.).
It is therefore imperative to be very clear about the nature of the data shared, to draw attention to its sensitivity, to enforce the confidentiality and security of the data collected and to sanction in the event of non-compliance with the conditions layed out.
A single weak link in the chain of users, in terms of confidentiality and/or security, is all it takes for all the efforts of your CIO and all your investments in physical and logical security to go to waste!
Programmes for compliance and maintenance of compliance with the European General Data Protection Regulation (GDPR) and the French Data Protection Act: audits, diagnostics, proposal and implementation of solutions and procedures capable of meeting the requirements of the regulations governing the use of digital tools and personal data, in France and internationally.
We ensure the relationship with the CNIL.
We put in place the necessary contractual clauses for cross-border data flows, for example to your subsidiaries, sister companies, SaaS services and hosting providers around the world (BCR, Privacy Shield, EU model clauses, etc.).
In addition, the firm may be appointed as DPO (Data Protection Officer).
For your investment projects, we also carry out the GDPR due diligence of your target: an essential precaution in terms of decision support, target evaluation and the construction of acquisition agreements and guarantees.
We also help you prepare for a CNIL inspection through exercises and inspection simulations. Objectives: to assess your maturity in terms of both content (level of compliance) and form (conducting the inspection: having the right reflexes when dealing with inspectors).
Since companies are liable in the event of non-compliance, the penalties applicable in the event of non-compliance have been considerably increased since 25 May 2018 to a fine amounting to 4% of the company's overall turnover: a sum likely to affect their viability.
We ensure the legal security of your IT projects by making sure that your partners subscribe to appropriate commitments through various contracts such as :
Our experience as in-house lawyers enables us to work hand in hand with technical experts (CISOs, engineers, project managers, etc.) and support services (legal, quality, finance departments) so that the legal action plan is based on the same understanding of the project and its characteristics, throughout its execution.
We assist you in French and English, both in drafting and negotiation.