Fabrice Naftalski, CIPP/E, CIPM

Headshot

EY Société D'Avocats

Partner, Attorney at Law, Global Head of Data Protection

As EY Global Head of Data Protection Law Practice, Fabrice Naftalski, Partner and Attorney at Ernst & Young Société d’Avocats in Paris, works on contractual and regulatory projects in connection with the use of Information Technology and also on transactions dealing with intangibles. He assists its clients at European and international levels in the development and implementation of data protection compliance programs (including data transfer strategy, data governance benchmark, inventory of data files, compliance audit and privacy impact assessment, development of personal data management procedures (including Binding Corporate Rules and other tools to secure transfers), performance of transfer impact assessment (TIA), GDPR roadmap, preparation and implementation…).

Fabrice graduated from English and North American Business Law University Panthéon/Sorbonne in Paris) (DEA) and held Paris Bar speciality in Information Technology & Telecom law. Former member of IAPP Europe Advisory Board (International Association of Privacy Professionals) from 2010 to 2012 and IAPP Faculty Member, Fabrice is also Ernst & Young France Data Privacy Officer, CIPP/E & CIPM holder and europrivacy expert for GDPR certification.

 

Contributions by Fabrice Naftalski

  • EU Data Act, Data Governance Act & AI Act: How It Impacts US & Non-EU Companies
    Moderator at IAPP Global Privacy Summit 2024
  • Is Co-regulation the Future of Privacy? Multi-jurisdictional & Multi-stakeholder
    Moderator at IAPP Global Privacy Summit 2023
  • RGPD, données de santé, Ségur de la santé : bénéfices de la certification
    Moderator at IAPP Data Protection Intensive: France 2023
  • Data Privacy Awareness in Complex Multi-Jurisdictions Organizations/Groups
    Moderator at IAPP Data Protection Intensive: France 2023
  • First EU GDPR Certification: Time (& Journey) to Move Forward!
    Speaker at IAPP Europe Data Protection Congress 2022
  • Cross-border Transfers Strategy to Non-adequate Countries: Tricks and Solutions
    Speaker at IAPP Europe Data Protection Congress 2022
  • Maintenir sous contrôle les risques relatifs aux fournisseurs
    Speaker at IAPP Data Protection Intensive: France 2022
  • DPO & CDO — Tips for Partnering (from "Liaisons Dangereuses" to "Honeymoon")
    Moderator at IAPP Europe Data Protection Congress 2021
  • ‘Schrems II’, Government Access & Accountability Challenges: What Next?
    Moderator at IAPP Europe Data Protection Congress 2021
  • Fournisseurs : contrat, audit et mise en œuvre
    Speaker at IAPP Data Protection Intensive: France 2020
  • Notion of Risk for Data Subjects in DPIA and Data Breach
    Speaker at IAPP Europe Data Protection Congress 2019
  • When the GDPR Meets Chinese Data Protection Compliance
    Speaker at IAPP Asia Privacy Forum 2019