Fabrice Naftalski, CIPP/E, CIPM

Headshot

EY Société D'Avocats

Partner, Attorney at Law, Global Head of Data Protection

Fabrice Naftalski, CIPP/E & CIPM, IAPP Faculty member and former member of IAPP Europe Advisory Board, is a data protection attorney at law, and a EuroPrise legal expert to certify compliance of IT services and products to European Directive 95/46 (data protection law) and 2002/58 (privacy). Fabrice leads the EMEIA EY Law data protection/IPIT law practice.

Fabrice serves mainly clients at international level from the banking and insurance sectors, pharma/Life science, industrial groups (including innovative materials, automotive and luxury industries) and Government bodies (EU institutions, local governments …) working with various stakeholders from legal, IT, DPO, R&D, compliance, internal audit and HR. He assists clients in data protection law compliance programs and tools covering inter-alia inventory of data files, compliance audit and PIAs, drafting of notifications to the data protection regulators, personal data management procedures (including drafting and implementation of binding corporate rules and other tools to secure transfers), relations with national data protection regulators (e.g. in PIAs context or in case of investigation from DPAs), whistleblowing policies and codes of conduct.

He is also a regular lecturer on information technology law within ESSEC Business School, CNAM and French Universities.

 

Contributions by Fabrice Naftalski

  • Maintenir sous contrôle les risques relatifs aux fournisseurs
    Speaker at IAPP Data Protection Intensive: France 2022
  • DPO & CDO — Tips for Partnering (from "Liaisons Dangereuses" to "Honeymoon")
    Moderator at IAPP Europe Data Protection Congress 2021
  • ‘Schrems II’, Government Access & Accountability Challenges: What Next?
    Moderator at IAPP Europe Data Protection Congress 2021
  • Fournisseurs : contrat, audit et mise en œuvre
    Speaker at IAPP Data Protection Intensive: France 2020
  • Notion of Risk for Data Subjects in DPIA and Data Breach
    Speaker at IAPP Europe Data Protection Congress 2019
  • When the GDPR Meets Chinese Data Protection Compliance
    Speaker at IAPP Asia Privacy Forum 2019
  • Fournisseurs : Sous-traiter, auditer et se débrouiller
    Speaker at IAPP Data Protection Intensive France 2019
  • Is Certification the Third Life of BCRs?
    Speaker at IAPP Europe Data Protection Congress 2018
  • GDPR Readiness: Regulators and Business Views for Discussion and Benchmarking
    Speaker at IAPP Europe Data Protection Congress 2017