Data Protection and Privacy Law

Our expertise in Data protection 

Data protection laws impose numerous obligations and constraints on legal entities (companies, associations, local authorities, public entities, etc.), which may lead to criminal penalties in case of non-compliance. The CNIL (French Data Protection Authority) conducts a large number of inspections for which these entities must be prepared.

FERAL-SCHUHL/SAINTE-MARIE’s lawyers regularly advise companies in data protection law, particularly in sensitive industry sectors (banking, insurance, health, pharmaceutical industry, etc.). We can provide a full range of services, and, among others:

– carrying out data protection compliance audits;preparing formalities and putting in place appropriate processes as part of a compliance operation;
– drafting personal data transfer agreements or “binding corporate rules” (BCRs) in an international context;
– drafting IT guidelines;
– advising security and archiving policies;
– assisting our clients during CNIL dawn raids;
– advising on and drafting  professional alert (”whistleblowing”) procedures and IT guidelines;
– organizing data protection trainings;
– providing assistance and training to Data Protection Officers (CIL).

As a privileged correspondent of the French Data Protection Authority (CNIL), the FERAL-SCHUHL/SAINTE-MARIE law firm is regularly instructed to present sensitive data processing authorizations or defend Clients’ interests, especially when they are the subject of complaints.


In 2013, the FERAL-SCHUHL / SAINTE-MARIE law firm obtained the CNIL “Personal Data Processing Audit” label by virtue of a resolution of the French Data Protection and Liberties Commission (CNIL).


This label distinguishes FERAL-SCHUHL/SAINTE-MARIE’s practice in terms of personal data processing compliance audit. This label “is an indicator of our confidence in the products and procedures having received the label” (

By deliberation on March 24th, 2016, the CNIL renewed the Label of the law firm FERAL-SCHUHL / SAINTE-MARIE.

Our CNIL Audit Procedure aims at verifying if the processing of personal data by companies and public bodies complies with the applicable regulations (French “Informatics and liberties” law dated 6 January 1978 ; European Directive dated 24 October 1995). As part of this procedure we provide the necessary recommendations to ensure legal compliance of personal data processing operations and we assist companies and public entities with their formalities with the CNIL*.

Please contact our lawyers at the following address for any further information:


  • Corporate Insiders 2017

    FERAL-SCHUHL / SAINTE-MARIE has been selected by Corporate Insiders as the winner of their 2017 Legal Awards in Data Protection and Privacy category.


    FERAL-SCHUHL / SAINTE-MARIE has received an award from Corporate Livewire and has been selected as “Law Firm of the Year” for the Data Protection and Privacy categories.

  • Global 100 - Technology Law Firm of the Year in France

    FERAL-SCHUHL / SAINTE MARIE has received an award from Global 100 and was selected as “Technology Law Firm of the Year in France” for 2016.