Stephanie Faber heads the Data Privacy & Cybersecurity Practice and the Intellectual Property & Technology Practice in the Paris office. She specialises in international business law, with more than 20 years of experience. Her legal practice encompasses business transactions and operations, as well regulatory and compliance work.
In relation to the Data Privacy & Cybersecurity Practice, Stephanie advises on:
GDPR gap assessment and compliance programs
Data breach management and notification
Database creation, international transfers (Privacy Shield, BCR and Model clauses), cloud, HR data (including employee monitoring), marketing usage, health data, financial-related services, etc.
Whistleblowing (including new mandatory requirement effective 1 January 2018)
Relations and registrations with the French data protection authority, the CNIL
The Intellectual Property & Technology Practice of the Paris office encompasses advising on, drafting and negotiating contracts in the following areas:
Commercial contracts, including distribution agreements, services and supply agreements, advertising agreements, logistic agreements, general conditions of sales and sponsoring agreements
Joint ventures, transfer of businesses, assets or licenses
French regulations applying to commercial businesses, including e-commerce such as consumer protection, competition, advertising, product liability, abrupt termination of ongoing commercial relationships, distance sales, on or offline gaming and lotteries, and use of French language
IT, media and telecom contracts and outsourcing
Communication and media regulations
French anticorruption regulation (including compliance programs required since 2017), UKBA and FCPA
Relationship with regulators such as the DGCCRF (in charge of consumer protection and competition in France) and the CSC (Commission of Safety for Consumers), as well as the ARCEP (French regulator of the electronic communications and postal sectors)
Her commercial practice also includes conflicts and pre-litigation situations.
Stephanie also provides vocational and client training on regulatory or contractual matters. She is a speaker at the Law School of University of Paris II Panthéon-Assas for its “Diplôme d'université de la protection des données – Data Protection Officer (DPO)” (Data protection – DPO university degree) aimed at training future DPOs under the new European General Data Protection Regulation (GDPR). The degree is open to professionals who already have a first experience.
Stephanie is a member of IAPP, French Privacy associations AFCDP and ADPO and ICC’s Commissions on Digital Economy and Corporate Responsibility and Anti-corruption.
Stephanie regularly writes articles in French and in English, on both the firm’s blogs and with specialised press. She has also spoken at various conferences in the UK, France, Brussels and the Middle East.
Articles in the National Law Review database by Stéphanie Faber