Personal Data Protection, GDPR Compliance, Cybersecurity, Crisis Management


Assistance and representation services for: Provision excl. VAT excluding costs and disbursements
Analysis and qualification of IT project, legal design 2200
Drafting of the IT security charter, adaptation of the employment contract 3500
Drafting of privacy charter 1500
Drafting of internet legal notices relating to cookies 2200
Analysis and qualification of a web project 2200
Drafting of a hosting, outsourcing contract 2900
Security assurance plan drafting 3900
Contractual action against the co-contractor 4900
Prosecution / defense in the context of an action relating to the protection of personal data 4900
Complaint before the prosecutor or dean of the investigating judges, computer crimes 1200
Computer disaster assessment coordination 1200
Internal investigation for the purpose of establishing the processing register and collecting documentation (IT and freedoms audit) 6500
Analysis of treatments and operational recommendations 3500
Impact analysis and CNIL support 3500
Writing crisis management procedure 2200
Computer risk insurance policy review 2200


Le droit des données personnelles, avec la loi informatique et libertés en 1978, puis le RGPD en 2016, protège les personnes contre le fichage immodéré par les organisations, pouvant mener à des abus, à des indiscrétions et à des décisions inadaptées.

L’avocat en droit informatique vous assiste

  • dans la rédaction de vos contrats informatiques,
  • dans la rédaction des procédures internes liées à l’usage de l’outil informatique,
  • dans l’audit des contrats liés à la mise en place du système informatique, des données traitées, en vue d’une mise en conformité par rapport aux normes de protection des données personnelles et de sécurité informatique,

Avec le droit de la protection des données personnelles, l’accent est mis sur l’un des enjeux majeurs de l’informatique : la liberté individuelle. Dès les débuts de l’informatique le législateur français a vu dans cet outil à la fois un formidable outil de développement mais aussi un outil de surveillance de masse facilement attentatoire à la vie privée et aux libertés fondamentales.

Le cabinet intervient sur ces thématiques en particulier pour accompagner les entreprises dans leur mise en confomité RGPD, pour une meilleure protection des données personnelles, et en cybersécurité informatique, en particulier afin de mettre en place les outils juridiques utiles à la gestion de crise.


The successes of cybergendarmes stimulate us and invite us to consider the lawyer specializing in the law of new technologies, computing and communication.

A specialist lawyer is a lawyer whose specialization is assigned by the National Bar Council according to verified criteria of experience and continuing education, professional responsibility, in line with the requirements and recommendations set by the national authorities in terms of protection. personal data (in France: CNIL) and cybersecurity (ANSSI).

In Paris, there are 68 lawyers in this specialty (directory data October 2021:

A lawyer specializing in new technologies follows in particular the topics of personal data protection law (GDPR regulations), computer security (cybersecurity), both in terms of supporting companies in their compliance approach as victims of data breaches, in their compensatory and penal remedies, in the defense of their reputation.

In compliance support, the lawyer supports the company in the following stages:

– Implementation of the personal data processing register; this step can be carried out online by the legal department, the IT department or the Data Protection Officer (DPD or DPO), or with the support of the law firm which may intervene as part of an additional investigation to verify several aspects of the register;

– Legal analysis of the processing register and the legal and operational context of this processing; the lawyer analyzes the situation as a whole, on the basis of the documentation provided by the company, to qualify the roles and responsibilities in application of the GDPR regulations and CNIL recommendations and to propose the procedures and instruments to be put in place to move towards compliance; this may involve, on a more technical level, monitoring by a certification support agency; as a legal approach, he may propose, for example, the updating of IT and insurance contracts, the security insurance plan, intra-group agreements on the transfer of personal data, the IT charter, the communication charter, the employment contract, the general and sales conditions, the review of the crisis management procedure, the continuation of an impact analysis (data protection impact assessment or "DPIA"), the appointment of a protection delegate personal data;

– On a more technical level, he will also intervene in support of the IT department or the certification agency, to determine or verify the legal framework, ISO standards and ANSSI recommendations applicable to IT security and crisis management measures ( cybersecurity) put in place or to be put in place, since this security requirement contributes to the protection of personal data, and is highly regulated both at the level of European Union law and at national level.