Romain has extensive experience in data privacy and data protection law, and lectures on these subjects in Master of Law classes at the University of Paris-I Panthéon-Sorbonne, the University of Paris-II Panthéon-Assas and the University of Paris V Descartes. He advises on the full range of data protection and data security for clients in life sciences, automotive, insurance, e-commerce, leisure, social networks and even the public sector, especially in the context of smart cities projects. Romain is the EU head of the Firm’s Global Privacy & Cybersecurity Practice Group.
His experience extends to cross-border transfers of data, joint data controllers and/or data processor agreements, the formulation of privacy and/or cookies policies, and the use of personal data for marketing purposes, including through profiling techniques, notably in a Big Data context. Romain has also conducted numerous international data protection audits in order to ensure compliance with both EU and domestic data protection requirements, more specifically those resulting from the General Data Protection Regulation (GDPR). He assists clients on data breaches and on data subjects’ rights issues.
Romain Perray is also a regular contributor to leading legal publications such as LexisNexis and Lamy Editions for which he is the author of two significant manuals on, respectively, data protection and video monitoring issues.
Advised a multinational car manufacturer on its Global GDPR compliance program
Advised a multi-jurisdictions B2C web platform in the course of investigations by the French Data Protection Authority
Advised a multinational on the development and implementation of anonymization and pseudonymisation techniques in order to release special categories of data sets
Advised a multinational on several contractual negotiations raising data capacities issues as data controller (joint or distinct) as well as data processor
Advised a multinational on several data breaches
Assisted biotech companies on several contractual negotiations with CROs and IT providers raising data capacities issues as data controller (joint or distinct) as well as data processor
Advised a national professional association on the role of its members under GDPR and its impact on the sharing of personal data with public authorities
Legal 500 EMEA 2021
The Best Lawyers in France, 2022
University of Paris II Panthéon-Assas, DEA in Public Law
University of Paris II Panthéon-Assas, Maîtrise in Comparative Law
Institute of Political Sciences of Rennes, Major in Public Service
University of the Western Cape, South Africa, LLM Program
Do not send any information or documents that you want to have treated as secret or confidential. Providing information to McDermott via email links on this website or other introductory email communications will not create an attorney-client relationship; will not preclude McDermott from representing any other person or firm in any matter; and will not obligate McDermott to keep confidential the information you provide. McDermott cannot enter into an attorney-client relationship with you until McDermott has determined that doing so will not create a conflict of interest and until you and McDermott have entered into a written agreement or engagement letter that sets forth the terms of our relationship.