Anne Renard
Lexing Alain Bensoussan Avocats
Recognized since 2023
Paris, France
Information Technology Law
Professional activity ·
Lawyer, Member of the Paris Bar (admitted in 2011); ·
Lexing Alain Bensoussan Avocats, Head of the Compliance and Certification department;
DPO recommended to lawyers by the CNB (French National Bar Council).
Education
Certificat d’Aptitude à la Profession d’Avocat (Bar Exam) (2011);
Master 2 in Technical Innovation Law (2010);
Master 1 in Business Law (2009).
Experience
Data Protection Compliance:
o managing French and international projects and devising strategy for compliance with applicable personal data protection laws in both the private and public sectors;
o assisting in the deployment of data protection governance (procedures, policies, committees, codes of ethics, data protection policies);
o acting as the external Data Protection Officer (DPO) for both public and private sector organizations and providing legal assistance to internal DPOs;
o carrying out or assisting in carrying out data protection impact assessments and prior consultations of the competent supervisory authorities (in particular France’s data protection authority, the CNIL);
o managing data subjects’ requests to exercise their rights (such as right of access, right to portability, right to object); o auditing the legal compliance of entities and their information system with the applicable personal data protection laws and assisting in achieving compliance;
o carrying out formalities with the CNIL;
o providing assistance for audits carried out by the CNIL;
o drafting responses to formal letters sent by the CNIL;
o managing litigation proceedings before the CNIL.
Advisory in Corporate Compliance:
o implementing internal compliance procedures (internal controls, codes of conduct, ethics policies, whistleblowing and reporting procedures);
o conducting risk audits;
o conducting governance audits;
o conducting advertising compliance audits;
o providing legal assistance for setting up a communication campaign;
o drafting policies for use of IT and electronic communication resources.
Trainings
Anne Renard designs and provides tailor-made training courses for both private and public companies and entities
Recent training courses include:
· Webinar Wolters Kluwer Lamy Formation « Comment élaborer le registre des activités de traitement de son Cabinet d'Avocats ? » (Law Firm: How do you design your record of processing activities?), 5 July 2019;
· E-learning training module for lawyers to assist small businesses and associations in complying with personal data protection laws, Conseil National des barreaux, Febraury 2019;
· Webinar Wolters Kluwer Lamy Formation « Le RGPD appliqué aux cabinets d’avocats » (The GDPR as applied to law firms), 24 October 2018;
· Campus 2018, atelier sur le thème : « Le RGPD applicable à l’avocat (mise en conformité des cabinets) » » (The GDPR as applied to law firms: law firm compliance), Barreau de Paris, à l’EFB et à la Maison de la Chimie, 2/6 July 2018;
· Webinar, Wolters Kluwer Lamy Formation, thème de l’intervention : « Mise en conformité RGPD pour les cabinets d’avocats » (GDPR Compliance for Law Firms), 3 May 2018;
· Webinar, Wolters Kluwer Lamy Formation, thème de l’intervention : « Mise en conformité RGPD pour les cabinets d’avocats » (GPPR Compliance for Law Firms), 14 March 2018;
· Maison du Barreau, thème de l’intervention : « Data Protection Officer : le CIL 2.0 ? » (Data Protection Officer: the CIL 2.0?), 13 March 2018;
· Maison du Barreau, thème de l’intervention : « Le RGPD applicable au 25 mai 2018 : quels enjeux pour les cabinets d’avocats et leurs clients » (The GDPR applicable on 25 May 2018: What's at stake for law firms and their clients), 7 March 2018;
· EFB, thème de l’intervention : « Le RGPD applicable au 25 mai 2018 : quels enjeux pour les cabinets d’avocats et leurs clients » (The GDPR applicable on 25 May 2018: What's at stake for law firms and their clients), 5 March 2018
Teaching
Lecturer at:
Université Paris-Dauphine, Diplôme universitaire DPO;
Ecole de formation des barreaux du ressort de la cour d’appel de Paris (EFB), Formation initiale, Droit de la protection des données personnelles ;
Neoma Business School, Master en Marketing and Data Analytics.
Articles ·
« Guide cybersécurité à destination des collectivités locales », site alain-bensoussan.com, 22 july 2022 ;
« Commande publique : la Cnil se penche sur la responsabilité des acteurs », site alain-bensoussan.com, 28 june 2022 ;
« Mise en demeure de 22 communes n’ayant pas désigné de DPO », site alain-bensoussan.com, 17 june 2022 ;
« Mairies : se préparer et réagir en cas d’incident de sécurité » (Mayors: How you should prepare and react in case of security incident), alain-bensoussan.com, 21 April 2020;
« Sécurité numérique des mairies : l’essentiel de la réglementation » (Digital security for mayors : key legal principles), alain-bensoussan.com, 16 March 2020;
« Obligations en matière d’analyse d’impact pour les mairies » (Mayors: Know your DPIA obligations), alain-bensoussan.com, 14 November 2019 ;
« RGPD dans les mairies : quels impacts ? » (GDPR for mayors: what are the impacts?), alain-bensoussan.com, 14 October 2019;
« Guide de la Cnil pour la mise en conformité des mairies au RGPD (A CNIL guide to mayors for GDPR compliance), alain-bensoussan.com, 30 September 2019;
« L’impact du RGPD sur les cabinets d’avocats » (The impacts of GDPR on law firms), site lexbase.fr, 19 July 2018;
« Dispositif d’alerte professionnelle et analyse d’impact RGPD » (Whisteblowing and DPIA under the GDPR), alain-bensoussan.com, 27 March 2018;
« Le régime de protection des lanceurs d’alerte issu de la loi Sapin 2 » (The protection of whisleblowers under the Sapin 2 Act), co-authored with Bénédicte Querenet-Hahn, Cahiers de droit de l’entreprise, éd. LexisNexis, n°1 January-February 2018;
« RGPD : les cabinets d’avocats sont-ils prêts ? » (GDPR: Are law firms ready?), interview of Anne Renard, www.lja.fr, 8 February 2018;
« RGPD : Les professions du droit et du chiffre sont-elles prêtes ? » (» (GDPR: Are legal and accounting professionals ready?), Interviewée par Caroline Dupuy, Droit et patrimoine, n°277, 1er février 2018 ;
- Lawyer Page: https://www.alain-bensoussan.com/avocat/anne-renard/
- 58, boulevard Gouvion-Saint-Cyr
Paris 75017
France
- English
- French
14 The Best Lawyers in France™ awards
- Information Technology Law
Describe one of your most interesting or memorable cases in the past year.
In 2021, the firm became the outsourced DPO of the following cities: Gennevilliers, Puteaux, Rosny sous-bois, Saint-Ouen, Bussy Saint-Georges, Aulnay-sous-Bois, Gennevilliers, Villejuif, Villeneuve la Garenne, La Courneuve, La Garenne Colombes, Rosny sous-Bois, Saint-Ouen, Villepinte.
It is also the outsourced DPO of the Conseil régional île de France
There are a number of provisions that are specifically relevant for the public sector. Municipalities, local authorities and public agencies must act in a proactive way in order to secure permanent compliance.
Furthermore, each of them must be able to demonstrate at any moment that it carries out its processing of personal data in accordance with the requirements of the GDPR.
Local authorities process a lot of personal data, whether it is to manage the public services (civil status, school registrations, electoral lists, etc.), human resources or security of their premises (access control by badge, video surveillance). For this reason, the GDPR introduces a duty for public authorities or bodies to appoint a data protection officer (DPO), whether internally if they have the necessary resources or externally.
Each controller shall maintain a record of processing activities under its responsibility. In addition, where a type of processing is likely to create a high risk for the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an impact assessment (AIPD). This is the case, for example, for professional alert systems or certain application processes that determine if you're eligible or not to social housing.
In order to support local authorities in their compliance with the GDPR, the CNIL has published a "GDPR awareness guide for local authorities". The sharpness of GDPR enforcement in the public sector is a trend that will only grow stronger with the digital transformation of public policy.
In this context, compliance with data protection rules is a factor of transparency and trust with regard to citizens and agents, who are increasingly sensitive to the protection of their data
Your browser is not fully compatible with our automatic printer friendly formatting.
Please use the print button to print this profile page.