BonelliErede‘s data protection and privacy offering covers notification applications, investigations and proceedings before Italy’s personal data protection authorities, and the data and privacy protection side to outsourcing agreements and joint ventures. Other areas are IoT-related data exploitation, projects involving data transfers abroad, and analysing data flows and compliance programmes. Tommaso Faelli leads the digital innovation group. Ivan Rotunno and Giulia Rivarola di Roccella specialise in privacy law, cybersecurity and data innovation; Anna La Mura advises on privacy and data protection; and Giulia Tenaglia assists with projects involving data management.
Data privacy and data protection in Italy
BonelliErede
Practice head(s):
Tommaso Faelli
Other key lawyers:
Ivan Rotunno; Giulia Rivarola di Roccella; Anna La Mura; Giulia Tenaglia
Testimonials
‘The firm is able to create very strong collaborative relationships with clients.’
‘Clients appreciate the expertise, experience and professionalism in privacy and data protection matters, as well as wider strategic issues.’
‘Clients find genuine relationships with the firm’s partner and team – very personal care.’
‘Excellent team with all-round attention to detail and a commercial, pragmatic approach.’
‘The practice gives practical, no-nonsense advice.’
‘The team, guided by Tommaso Faelli, works cohesively – all members are helpful and efficient when handling cases or queries.’
‘Tommaso Faelli is best in class and adept at spotting the woods for the trees!’
‘Tommaso Faelli pays great attention to detail and has a very thorough approach. He has strong empathy qualities.’
DLA Piper
Part of the firm’s IP and tech department, DLA Piper’s Milan-based data privacy and protection group has notable expertise in data-driven projects, managing cyberattacks, and navigating privacy-related disputes. It recently also assisted several major clients with the establishment of AI compliance programmes. Heading up the group, Giulio Coraggio‘s notable track record includes advising cryptocurrency providers on the exploitation of blockchain-related data; Giulia Zappaterra is a privacy, data protection and cybersecurity expert; and Cristina Criscuoli specialises in privacy and data protection matters in the life sciences and financial sectors.
Practice head(s):
Giulio Coraggio
Other key lawyers:
Giulia Zappaterra; Cristina Criscuoli
Testimonials
‘Modern approach and reputation for legal tech issues.’
‘Focus on innovation.’
Key clients
UniCredit
Red Bull
TeamSystem
AON
Rai Pubblicità
Disney
BASF
L’Oréal
Pfizer
Generali
NTT Data
Binance
Amplifon
ENI
Moncler
Boston Consulting Group
Haier
Iliad
Lidl
ENI
Lavazza
Work highlights
- Assisted Red Bull with establishing its global AI compliance programme.
- Assisted Bolston Consulting Group with the development of a groundbreaking AI system, including ensuring data protection compliance.
- Assisted Bending Spoons, an Italian unicorn in the tech sector, with navigating the privacy intricacies surrounding a generative AI system it developed.
Hogan Lovells International LLP
The data privacy and cybersecurity team at Hogan Lovells International LLP is sought out by Italian and international clients to assist with anti-fraud data processing, data breach responses, and privacy in the fintech, insurance and finance sectors. Other notable areas include data sharing with public administrations, data assessments, DPO assistance, e-privacy, GDPR compliance, international data transfers, and privacy and data security-related investigations. Heading the group, Massimiliano Masnada is a highly-rated privacy and data protection specialist, while Giulia Mariuz‘s experience covers data protection impact assessments and data breaches.
Practice head(s):
Massimiliano Masnada
Other key lawyers:
Giulia Mariuz; Valerio Natale
Testimonials
‘The team has a strong track record in advising clients on complex cases.’
‘Has local insights but understands the global context, and actively promotes diversity and inclusion.’
‘Effective communication skills – practical and strategic problem-solving approach.’
‘The team is business-oriented, cross-border, able to understand the needs of companies, and provides legal advice in a simple and effective manner.’
‘Massimiliano Masnada and Giulia Mariuz are outstanding.’
‘Massimiliano Masnada and Giulia Mariuz are able to find solutions to complex manners in a practical way, also thanks to their experience with big tech companies and their continuous collaboration with the firm’s privacy lawyers from other jurisdictions.’
Key clients
Bending Spoons
GlovoApp23
Foodinho
Hype
Orthofix
PagoPA
TeamSystem
ICT Legal Consulting
Working across the firm’s Milan, Rome and Bologna offices, ICT Legal Consulting
‘s sizeable privacy and data protection practice is routinely mandated by renowned brands from the fashion, banking, finance, and automotive sectors. The group is co-led by Paolo Balboni, a privacy and cybersecurity specialist who acts as a data protection officer for multinational companies, and the ‘very thorough’ Luca Bolognini. Other key practitioners are Nicola Franchetto, Raffaella Cesareo, and Sara Pecoraro, who all advise on personal data protection matters.
Practice head(s):
Paolo Balboni; Luca Bolognini
Other key lawyers:
Nicola Franchetto; Raffaella Cesareo; Sara Pecoraro; Alberto Bettiol
Testimonials
‘Colleagues and managers alike praise their ability to grasp complex concepts quickly and implement effective solutions.’
‘Their dedication to staying up to date with current industry trends has not only enhanced their own performance but has also inspired others to strive for excellence.’
‘Their technical expertise and exceptional problem-solving skills make them an invaluable asset to client teams.’
‘Always provides extraordinary good support, explaining complex topics in a straightforward way.’
‘Reliable, approachable and very competent.’
‘Professional and experienced team.’
‘The professional experience and leadership of Luca Bolognini play a pivotal role.’
‘Luca Bolognini is very thorough and applies a good commercial approach to his cases.’
Key clients
AC Milan
AINDO
Alpitour
Amplifon
Amundi
Athora Italia
Banca Nazionale del Lavoro
Barilla International
BCC Assicurazioni
Bertazzoni
EP Produzione
Eridania Italia
Fabbri Holding Industriale
FCA Services
Forno D’Asolo
Grandi Navi Veloci
Groelandia
Gruppo Fabbri Vignola
Guess Italia
Guess Europe
Micys Company
Missoni
MSC Cruises
Multi-Color Corporation
NEOS
Octo Group
Prima Assicurazioni
Quanture
Samsung Electronics Italia
Schellman & Company
SDA Express Courier
Shopfully PTY
Terna
Tiscali Italia
Tod’s
Virgin Active Italia
Work highlights
- Assisting Stellantis with privacy and data protection matters.
- Acting for Guess Europe as its European Data Protection Officer in relation to outsourcing.
- Advising Samsung Electronics Italia on privacy, data protection and data security matters.
PANETTA Studio Legale | PANETTA Law Firm
According to clients, PANETTA Studio Legale | PANETTA Law Firm fields the ‘number one data privacy, cyber and AI team in Italy’. Acting for medium-sized and large multinational companies, the firm’s privacy and data protection practice focuses on the telecoms, internet and renewable energy sectors. Founder Rocco Panetta is a renowned privacy and data protection specialist; Lorenzo Cristofaro regularly acts as a DPO; and Tommaso Mauro is an expert in personal data protection and big data. Another name to note is Federico Sartore, who has ‘a laser focus on achieving commercial outcomes’.
Practice head(s):
Rocco Panetta
Other key lawyers:
Lorenzo Cristofaro; Tommaso Mauro; Federico Sartore
Testimonials
‘Number one data privacy, cyber and AI team in Italy.’
‘Total technical knowledge and real-world experience. Panetta knows it all.’
‘Highly-specialised boutique firm with a very high-level ability to provide support and guidance on technology and data regulation matters.’
‘Very knowledgeable, accessible, responsive and affordable.’
‘Rocco Panetta – market leader in the data privacy, cyber and AI world in Italy.’
‘Rocco Panetta – knowledgeable, practical and hard-working.’
‘Federico Sartore – up-and-coming star at Panetta and in the data privacy, cyber and AI world generally.’
‘Federico Sartore is hyper-knowledgeable but combines this with a laser focus on achieving commercial outcomes. A joy to work with.’
Key clients
Accyourate
ACEA ATO 2
Allyfe
OpenAI
ANCIC
Areti
Bottega Veneta
Brioni
Bwin
ITA Airlines
CIA
CNPADC
COFIRO
CONAD
Conservatorio Santa Cecilia
CSRPBI
Da Te
DataTools4Heart
Deliveroo
Dexai
Citiwire
DMA
EDITH
Enel
Eurobet
European Datawarehouse
GCC
GCS Point
GiGroup
Glickon
GUCCI
Hilti
Hupry
Idealista
IF Experience
Illimity
Inpeco
Inveo
IWS
Kering Eyewear
Kering Italia
La Trottola
Labnormal
Leasplan
Logista
Lottomatica – IGT
ByteDance
Nextome
Luka
OVS
Procter & Gamble
Parlamento UE
Piave Digital
Progint s.r.l.
ProMed
Prysmian
Quanterix
Richard Ginori
Sevendata
Social Media Emotions
Santander
ERCEA
The Lex Fellowship
TheMall
TikTok
Udinese
Value Relations
WH
Work highlights
- Defending OpenAI (the owner of ChatGPT) against a restriction on the processing of Italian user data, which was imposed by the Italian Garante.
- Acting as data protection office for several brands of the Kering group.
- Advising TikTok (and its parent company ByteDance) on privacy matters.
Portolano Cavallo
Portolano Cavallo‘s data privacy and protection team acts in high-stakes disputes and breaches, as well as advising on launches of new initiatives to exploit data, and M&A and employment-related data protection issues. Many of the firm’s current clients are from emerging sectors such as life sciences, healthcare, telecoms, and e-commerce. Internet and data protection specialist Laura Liguori
leads the group from Rome. In Milan, Giulio Novellini‘s workload covers GDPR compliance programmes, data breach preparedness, and incident responses, and Eleonora Curreli‘s wide-ranging practice covers privacy, cyber security, and data protection.
Practice head(s):
Laura Liguori
Other key lawyers:
Giulio Novellini; Eleonora Curreli
Testimonials
‘Clients greatly appreciate working with Portolano Cavallo because they are not only excellent professionals in those areas of the law that are crucial for companies, but they really take care of their clients by sending out alerts (e.g. regarding new laws or deadlines), and making themselves available for calls even on very short notice if needed.’
‘Written legal advice that is very clear and straight to the point.’
‘Practice is unique for its competence and values that lead to the accomplishment of clients’ aims.’
‘Great competence, and people with enthusiasm, business acumen, and the ability to work in teams.’
‘A great team that is always available when clients need support, and communications with them always go smoothly.’
‘The team is pro-equal opportunities, and it is clear that technology and ethical and sustainable principles guide both the technologies and pragmatic operations of the practice.’
‘Working with these partners is a real pleasure.’
‘Laura Liguori has mastered data protection law – great at listening, business oriented, and always takes into account all aspects before making suggestions, thus making it easier for clients to make good decisions.’
Chiomenti
The data protection and cybersecurity practice at Chiomenti is experienced in GDPR matters, the Italian Data Privacy Code, cyber incident management, and major data breaches and transfers. Heading the group, Pierluigi Perri‘s track record includes assisting with GDPR-related migration, defining corporate data strategy, and acting as a data protection officer for large entities. The team further showcases Marilena Hyeraci, an expert in data protection issues, responding to suspected security breaches, and personal data disclosures to Italy’s authorities, and Ersilia Lazzara, who assists with personal data processing and data breaches.
Practice head(s):
Pierluigi Perri
Other key lawyers:
Marilena Hyeraci; Ersilia Lazzara
Key clients
Ita Airways
Airbnb
Alfonsino
Ania
Aviation & Tourism International
Carel Industries
Duferco Participations Holding
Fondazione Milano Cortina
Investindustrial Investment Holding
JT International Italia
Meta Platforms Ireland Limited
Prometeia
Royal Trust
SPV Linea M4
Sit Group
Vertiv Group Corp
Whistleblowing Solutions
Work highlights
- Advising CONAI on developing an environmental fee payment system with technological components.
- Advising Fondazione Milano Cortina (in charge of the organisation and management of the Olympic Games in Italy in 2026) on cross-border data protection legislation, in relation to the processing of a huge amount of personal data.
- Advising Snam on cybersecurity matters, as part of a multidisciplinary analysis involving corporate governance issues.
Dentons
Well known for its TMT credentials, Dentons‘ data privacy and cybersecurity practice focuses on AI, IoT, cybersecurity and digital media matters. Mandates range from strategic data governance, personal data transfers, privacy by design and international compliance, to AI data analytics, privacy litigation and major cybersecurity and data incidents. Co-heading the firm’s Europe IP, data and tech offering, AI specialist Giangiacomo Olivi routinely advises on data protection and privacy matters, along with GDPR compliance, while Chiara Bocchi‘s recent workload includes coordinating outsourcing, e-commerce and commercial matters that involve data governance matters.
Practice head(s):
Giangiacomo Olivi
Other key lawyers:
Chiara Bocchi
Testimonials
‘First-class people and knowledge of the best practices and similar cases.’
‘Deep knowledge, commitment and resilience.’
‘Great teamwork and energy – passion for work.’
Key clients
Accenture
Amazon Prime Video
Angelini Pharma Holding
Assicurazioni Generali Group
Audicom
Banco BPM
Barilla
Bianchi Bikes Group
Borsa ItalianaEuronext Group
Brunello Cucinelli
Coca Cola
Coima
Condé Nast
DeA Capital Real Estate
Deepki
Eni
Enpam
Esselunga
European Investment Bank
Eutelsat
Fedoweb
FIOL
Format Espresso
Gamestop
GEDI Gruppo Editoriale
Hisense
Intesa Sanpaolo
Jackleg Media
Kering
L’Oréal
Luxottica
Miroglio
Mondadori Group
NTT Data
Oath
Paramount
PEPCO
Pure IP
QVC
ITT Technologies
UniCredit
UnipolTech
Verizon
Vodafone
Warner Bros
Whirlpool
Work highlights
- Assisting Brunello Cucinelli with an international project entailing the global mapping of the personal data flows and data processing activities carried out by affiliates around the world.
- Assisting the European Investment Bank with reviewing the data privacy implications for its investment in Azerbaijan.
- Assisting Audicom with the launch of new integrated audience measurement services, which includes the usage of extensive databases.
Gianni & Origoni
The privacy team at Gianni & Origoni covers investigations, compliance, drafting specific data protection and privacy agreements, and structuring ad hoc data protection compliance systems. The group also assists with data protection auditing, in addition to representing clients facing enforcement actions conducted by the Italian Data Protection Authority. The department is co-led by privacy and cybersecurity law expert Stefano Mele; Daniele Vecchi, an adviser on commercial transaction-related data protection issues; and Melissa Marchese, who acts for domestic and multinational companies on ordinary and extraordinary data protection management, including IT aspects.
Practice head(s):
Stefano Mele; Daniele Vecchi; Melissa Marchese
Other key lawyers:
Flavia Bavetta; Laura Camardelli; Francesco Cerciello; Tommaso Chiericati Salvioni
Testimonials
‘Deep knowledge of the relevant regulations – continuous commitment to listening and understanding clients’ needs.’
‘Always ready to provide prompt answers.’
‘What makes the individuals different is their passion, knowledge and satisfaction of clients’ expectations.’
‘Unique when considering the availability and kindness shown, especially during very challenging moments.’
‘Each individual is very professional, skilled and available at any moment of the working day.’
Key clients
Arqit
Associazione Bancaria Italiana
Baywa.re
Coca Cola HBB
Costa Crociere
Enav
GLS
InfoCert
Leonardo
Meta
Open Fiber
Saipem
Techint
Work highlights
- Advising Safilo on the data protection aspects of the transfer of the business units associated with the Longarone plant to eyewear sector companies Thélios and Innovatek.
- Assisted Enav with managing the procurement process to ensure compliance with the National Cybersecurity Perimeter Law.
- Assisting a telecoms company with the assessment of several compliance requirements, in relation to strategic technological assets and national security.
Orsingher Ortu – Avvocati Associati
The broad practice at Orsingher Ortu – Avvocati Associati ranges from drafting corporate policies, data processing agreements and information notices, to providing legal support to data protection officers. The group also covers cybersecurity matters, data breach management, proceedings before ordinary courts and the Italian Data Protection Authority, outsourcing-related data protection issues and compliance with data protection legislation. Heading up the team, Fabrizio Sanna is a data privacy and protection expert; Marta Minonne assists internet and communications sector operators with data protection matters; and Domenico Colella is an outsourcing project specialist.
Practice head(s):
Fabrizio Sanna
Other key lawyers:
Marta Minonne; Domenico Colella
Key clients
Ferrari
The Walt Disney Company
Amazon
Yahoo
TBWA
ITV Global Entertainment
Farfetch
Prysmian
Tagetik
Cirsa
Borsa Italiana
FC Internazionale Milano
M-I Stadio
Mercer
Douglas
Egon Zehnder
ItaliaOnline
Antares Vision
FT System
INAZ
MHS
Celonis
Biorek
Tootor
HBG Connex
Good Move
IXMedia
Banca Aidexa
Catalina
Fielmann
Ford Trucks
Neo Apotek
Persado
Fondazione Teatro alla Scala
Gefran
Colibrì (ManoMano)
Oleotecnica
Sanrio
Caffè Borbone
Twentieth Century Fox
SKY
Olimpia
Steinway
Profound Medical
Vox Group
Fondazione Giangiacomo Feltrinelli
Nomura
Eero
ARS Group
Work highlights
- Successfully acted for Yahoo in proceedings before the Tribunal of Milan, following a decision issued by the Italian Supreme Court on a landmark case against the Italian Data Protection Authority on data protection law, de-indexing obligations, and removal of cache copies from the search engine’s natural results.
- Acted for Olimpia in proceedings commenced by the Italian Data Protection Authority to assess the client’s compliance with data protection laws.
- Acting for FC Internazionale Milano on data protection matters.
Osborne Clarke
Osborne Clarke‘s team advises on a range of data protection, security, cyber, and privacy issues. Examples include the implications of EU legislation, international data transfers, day-to-day compliance matters, and handling requests from Italy’s Data Protection Authority and other data protection regulators. Data protection practice head Gianluigi Marino, an adviser to major international companies on privacy and personal data processing, also leads the Italian tech, media and communications team; IP and data protection expert Marialaura Boni ‘pays attention to detail’; and Antonio Racano also advises on data protection issues.
Practice head(s):
Gianluigi Marino
Other key lawyers:
Marialaura Boni; Antonio Racano
Testimonials
‘Osborne Clarke’s data protection team constantly informs its clients about any relevant legal news, and is always able to assist clients with all data protection issues.’
‘Extreme competence and professionalism.’
‘The team is well organised, proactive and hands-on. They always keep themselves updated on new legal and regulatory developments and make sure to inform clients about any important updates.’
Key clients
Binda Italia
Costim
Dplay Entertainment
Engie Italia
Essity
GB Foods
Grifols Italia
Havas Group
Immobiliare.it
Italian Valley
Mail Boxes Etc
Mowi Italia
Novamont
NTT DATA Italia
Prysmian
Renantis
Satispay
Sony Music Entertainment Italy
Uber Technologies
Uber
Warner Bros Entertainment
Work highlights
- Assisting energy company Engie with numerous data protection issues.
- Advising Mail Boxes Etc (MBE) across Italy and other key European jurisdictions to ensure data protection compliance for its franchising network, marketing initiatives, websites, and training activities.
- Advising Chorus Life and Costim on data flows, personal data processing, and the drafting of data processing agreements, in relation to a smart city project in Bergamo (Chorus Life).
ADVANT Nctm
Fielding consumer, telecoms, pharma and medical sector experts, ADVANT Nctm advises on compliance with personal data protection regulations, information notices for personal data processing, data processing agreements and the transfer of data outside the EU. Paolo Gallarati heads the data protection practice group, which includes ‘very efficient lawyer’ Giulio Uras, who advises on personal data protection.
Practice head(s):
Paolo Gallarati
Other key lawyers:
Giulio Uras
Testimonials
‘They are highly skilled and approach every issue or task in a very practical way.’
‘The client has the feeling that they are in the right hands when critical matters happen.’
‘They are friendly, skilled, and clear in the approach and explanation of matters.’
‘Above all, they are competent in how they approach the task from the perspective of the client.’
‘NCTM’s comprehensive advisory and assistance services for Italian and international regulatory matters are second to none.’
‘The team excels in handling complex regulatory tasks and providing effective support and advice to corporate clients on regulatory matters.’
‘Giulio Uras is a very efficient lawyer.’
‘Giulio Uras provides clear advice and is thorough in the completion of tasks and instructions from the client.’
Key clients
Vodafone
SEIF – Società Editoriale Il Fatto
Vivienne Westwood
Pirelli
AstraZeneca
Beazley
Nexi
LaPresse
Italo
Pandora
Casio
Inpeco
ZTE Corporation
Work highlights
- Advising SEIF – Società Editoriale Il Fatto on data protection and digital services.
- Advising Vivienne Westwood on data protection.
- Advising Pirelli on data protection.
Studio Professionale Associato a Baker & McKenzie
Part of the firm’s IT and communications practice, Studio Professionale Associato a Baker & McKenzie‘s privacy and data security team is able to leverage the firm’s network for multi-jurisdictional data matters. Examples include data breaches and investigations, along with compliance and risk issues. Heading the group from Milan, Francesca Gaudino, who ‘knows her subject very well’, assists multinational clients with the full range of data protection and security matters.
Practice head(s):
Francesca Gaudino
Testimonials
‘The team responds promptly and accurately to clients’ requests, providing high-level, specialised and technical support.’
‘The professionals offer practical solutions to the issues presented to them.’
‘The presence of professionals with many years of high-level technical expertise in this practice allows for a comprehensive and exhaustive approach to any query. Also noteworthy is their valuable contribution in terms of training on data protection topics.’
LCA Studio Legale
Acting for Italian and multinational companies, including fashion companies, LCA Studio Legale‘s 11-strong team covers day-to-day data-related advice, privacy by design support, and assistance during cyber incidents. It also advises on data transfers, data-sharing agreements and management, the introduction of new data-driven technologies and services, and interactions with regulators. The department is co-led by Gianluca De Cristofaro, who has notable data protection experience, and the ‘extraordinary’ Giulio Vecchi. Elsa Gentile joined the team from ADVANT Nctm in February 2025.
Practice head(s):
Gianluca De Cristofaro; Giulio Vecchi
Testimonials
‘Skilled, well known on the market.’
‘Large and growing team. Professionals who are available and realistic.’
‘LCA is specialised in data protection law, and has excellent experience and knowledge of the main issues of this area.’
‘Giulio Vecchi is extraordinary in providing good-quality advice and up-to-date indications according to best-in-class market standards.’
‘Giulio Vecchi and the team are highly experienced, responsive and pragmatic.’
Key clients
BBVA
Blue SGR
Brum Brum
Coccinelle
Continental
DB Schenker
Doc Generici
Enfinity Global Italy
Exa Infrastructure
Furla
Fondo Strategico Italiano
Gerald Charles
Habacus
H- Farm
Koelliker
Janssen
La Rinascente
Martinelli Ginetto
Microsoft
Newton
Nintendo
Pica
Pikdare
Polynt
Qomodo
Ranger Italy
Saes Getters
Shado
Vyiare Medical
We Are Social
Work highlights
- Serving as data protection officer to Furla, including advising on the data aspects of the implementation of a major digital acceleration project.
- Assisting Coccinelle with the management of new data-sharing processes for its distribution channel throughout Europe and globally, including possible personal data transfers.
- Acting for La Rinascente in relation to a proceeding before the Italian Data Protection Authority, and on the data protection impact assessment of its new Rinascente Card loyalty programme.
Legance - Avvocati Associati
Legance - Avvocati Associati‘s team is particularly experienced in GDPR, the Italian Privacy Act, cybersecurity legislation, the management and implementation of data protection schemes, AI, and the implications of the Data Act and the Data Governance Act. The Rome-based team is headed up by Andrea Fedi, whose experience covers compliance, privacy, and anti-bribery. Providing key support, the ‘trustworthy and skilled’ Lucio Scudiero is a data law and cybersecurity specialist.
Practice head(s):
Andrea Fedi
Other key lawyers:
Lucio Scudiero
Testimonials
‘A team that is always available to resolve issues consistently and pragmatically.’
‘Lucio Scudiero is trustworthy and skilled – able to go deep and follow through on his suggestions, while considering a wide range of implications, also thanks to his ability to access other specialisations inside Legance.’
Key clients
Leonardo
Bracco
Enav
Grimaldi Group
Aon
MBDA
Ital Gas Storage
BPER Banca
Fondazione LIRH
Gruppo Hausmann & Co
Arpinge
Work highlights
- Advising Leonardo on GDPR matters.
- Advising Grimaldi Group on the organisation of its data protection governance.
LEXIA
LEXIA
acts for IT service providers, software houses, content creators, and tech and fintech platforms on DPO activities, privacy governance structures, GDPR compliance, data transfers, and data breach prevention and incident response. Promoted to partner in March 2024, Aurora Agostini advises on day-to-day GDPR compliance, data breaches, big data projects, international data transfers, data processing agreements, and M&A transactions involving data protection issues. Giulietta Minucci is a blockchain expert.
Practice head(s):
Aurora Agostini
Other key lawyers:
Giulietta Minucci
Testimonials
‘Excellent for its quick responses and personal consultations.’
‘Enormous knowledge of the subject.’
‘Aurora Agostini is very capable and professional.’
Key clients
247 Growth
B2BinPay Italy
Merlyn Partners
OPR Services and Management
RS (Restore)
Saintpay
TPPay
Work highlights
- Assisting TPPay with ongoing GDPR matters.
- Assisting Merlyn Partners with privacy compliance for the documentation supporting a proxy fight.
- Assisting RS (Restore) with GDPR matters.
Ughi E Nunziante
Ughi E Nunziante advises Italian and multinational companies on GDPR, data protection audits, and compliance. The team also assists during inspections, as well as proceedings brought by the Authority for the Protection of Personal Data. Its sector expertise includes healthcare, tech, fashion, insurance, and non-profit. Massimiliano Pappalardo is ‘a reliable local counsel for all privacy and data protection matters in Italy’, while Agostino Clemente also has notable data protection experience.
Practice head(s):
Massimiliano Pappalardo; Agostino Clemente
Other key lawyers:
Pietro Pastorello; Timoteo Bucci
Testimonials
‘Responsive and competent.’
‘Fully in line with the highest quality standards on the market.’
‘They work perfectly in English and fully meet clients’ expectations.’
‘They are really easy to work with. There are no unpleasant surprises, and they adapt to any kind of request.’
‘Massimiliano Pappalardo is a reliable local counsel for all privacy and data protection matters in Italy.’
‘Massimiliano Pappalardo is really great. He’s a great manager, who has always maintained the quality of his teams over the years.’
‘Massimiliano Pappalardo is particularly professional and proactive.’
‘Massimiliano Pappalardo’s expertise in local regulations, along with his strong relationships with supervisory authorities, makes him an essential partner.’
Bird & Bird
Bird & Bird‘s team regularly works with the firm’s international network in relation to high-profile clients that collect and transfer large quantities of sensitive data. The group is co-led by Adriano D’Ottavio, who is experienced in managing data breaches and security incidents, and data protection and IT specialist Debora Stella.
Practice head(s):
Adriano D’Ottavio; Debora Stella
Other key lawyers:
Giovanni Galimberti; Massimiliano Mostardini
Testimonials
‘High-level expertise in the tech/privacy legal space.’
‘Adriano D’Ottavio is an excellent lawyer – he has strong knowledge of clients’ business and builds great relationships with clients.’
Key clients
Datafalls
Lastminute.com
Work highlights
- Advising Datafalls on an ongoing basis with regard to privacy and data protection matters.
- Advising Lastminute.com Group on an ongoing basis, including dealing with data transfers and data sharing within the group.
CMS
Covering the gamut of data privacy work, CMS‘ practice ranges from compliance and cyber breach responses to defence mandates involving regulators and class actions. Heading up the department from Rome, Italo de Feo advises on data protection, outsourcing, IT, internet and telecoms matters, as well as broadcasting and media regulations.
Practice head(s):
Italo De Feo
Other key lawyers:
Matia Campo; Mariangela Selvaggiuolo
Testimonials
‘Extremely competent and pragmatic.’
‘Punctual and efficient support in all privacy fields.’
‘Italo De Feo and Mariangela Selvaggiuolo are extremely professional and client-oriented.’
‘Italo De Feo and Mariangela Selvaggiuolo have a pragmatic approach and are always accountable.’
Key clients
AIG
Sportnetwork
Corriere dello Sport
Tuttosport
Rai Cinema
Open Fiber
Telepass
Angelini Pharma Group
Arsenale Group
Synlab
Aipark
BMC Family Foundation
Alchimia
Work highlights
- Advised AIG on critical cybersecurity incidents in Italy.
- Advised Arsenale on the preparation of GDPR documentation and on developing and updating its GDPR compliance programme.
- Advised Alleanza Contro il Cancro on the data protection issues arising from the creation of a national database of medical data.
Eversheds Sutherland Associazione Professionale
Eversheds Sutherland Associazione Professionale‘s team advises on compliance with data protection and cybersecurity laws. It also assists with the data protection aspects of e-commerce, human resources, life sciences, TMT, and M&A. Massimo Maioletti leads the Italian data protection and cybersecurity department, while Andrea Zincone is another experienced practitioner.
Practice head(s):
Massimo Maioletti
Other key lawyers:
Andrea Zincone; Edoardo Coia
Testimonials
‘Professionalism, internationalisation and deep knowledge of clients’ sectors.’
‘Willingness to provide complete support, professionalism and experience.’
Grimaldi Alliance
Grimaldi Alliance is mandated by public and private companies, as well as private equity funds, on privacy and data protection matters. Working across the firm’s Milan and London offices, Francesco Conti heads up the privacy and data protection offering. Providing key support from Rome, Laura Bellicini advises on privacy issues.
Practice head(s):
Francesco Conti
Other key lawyers:
Alessandro Polettini; Maddalena Valli; Valentina Torelli; Alessio Briganti; Cecilia Moioli
Key clients
36Brains
Colliers Global Investors Italy SGR
Centro Meridiana Bologna
Consip
D3Lab
Europa Risorse SGR
Fondazione AMD Onlus
Fondazione per il Tuo Cuore Onlus
Fondazione Smith Kline
Foruminvest Group
Forum Real Estate Management
Gnutti Transfer
Gruppo A4 Holding
Gruppo ComAp
Gruppo Farvima Medicinali
Immobiliare 2001
Iniziativa Tredici
Kleros
Lundbeck Pharmaceutical Italy
Me Group
Orion Capital Managers
Marina di Stabia – Porto di Pompei
Società Benefit Gemelli Medical Center
Softec
Tacchella
Moncler
Stone Island
DHL Group
SAGH Milan
Work highlights
- Assisting Moncler with reviewing the documentation required for worldwide e-commerce.
- Assisting Colliers Global Investors Italy with a DPO assignment and ongoing privacy advice.
- Advising companies from Gruppo Farvima Medicinali on GDPR-related privacy and data protection compliance.
Pirola Pennuto Zei & Associati
The regulatory, compliance and data protection practice at Pirola Pennuto Zei & Associati assists with the implementation of data protection safeguards. The Milan-based team is led by Roberta Di Vieto, who has extensive experience in regulatory, compliance and data protection matters. Providing key support, Mattia Salerno advises on data protection-related compliance.
Practice head(s):
Roberta Di Vieto
Other key lawyers:
Mattia Salerno
Testimonials
‘Great collaboration.’
Key clients
Clariant Group
SIAS
QSRP Platform
La Piadineria
Burger King Restaurants Italia
Stellantis Financial Services Italia
Toshiba Companies
DM – Drogerie Markt
Wind
DXC Group – Italian Companies
Easylivery
Timac Agro Italia
Intellera Consulting
PESI Italia
Work highlights
- Assisted QSR Platform with a group assessment aimed at identifying a new data strategy, and the implementation of group corporate rules for managing the processing of personal data at a European level.
- Assisted Toshiba’s Italian companies with the implementation of a data protection strategy and safeguards, which relate to a digital tool for retail clients at the European level.
- Assisted Burger King Restaurants Italia with the implementation and updating of the data protection measures for its digital platforms.
Withers Studio Legale
Withers Studio Legale‘s team advises on cross-border GDPR compliance programmes, privacy and cybersecurity training, due diligence for existing programmes, and privacy litigation and auditing. Leading the IP, tech, and privacy group, Jacopo Liguori has ‘great expertise in data protection and privacy’. Tiziana Campigli is another experienced practitioner.
Practice head(s):
Jacopo Liguori
Other key lawyers:
Tiziana Campigli; Federico Zindato; Valentina Pinna
Testimonials
‘The team’s expert professionals are a key factor to the success of the firm.’
‘Jacopo Liguori has great expertise in data protection and privacy.’
‘Jacopo Liguori is always up to date about the latest developments in technology such as AI and other useful software.’
‘Jacopo Liguori is fast in providing advice and solutions.’
Key clients
Vignamaggio
Lifestyle Design Group
Ormesa
OZ Racing
Work highlights
- Assisting Vignamaggio with the revision of privacy documentation.
- Advising Ormesa on data retention issues related to promotional materials featuring disabled individuals.
- Advising OZ Racing on daily privacy matters, including the evaluation of the privacy practices of suppliers.