Digital law attorney
Law at the service of innovation.
INFLUXIO is a law firm specializing in digital law and new technologies, based in Paris and Brussels. We advise on digital assets (software, platforms, databases), online content regulation, and compliance (AI, Blockchain, GDPR).
served
rating
appearances
Alexandre Bigot-Joly
Partner
Music law, influence, media, communications & criminal law. Lecturer at CELSA, ISCOM and ESP.
Raphaël Molina
Partner
Intellectual property, business law, criminal law & influencer law. Contributor to the 2023 influencer legislation.
Maria Berrada
Partner
Intellectual property, AI, Web3, GDPR, digital criminal law & eSports. Legal counsel for the French Video Game Federation.
Our services
How we can help you.
Practical examples
GDPR compliance for a B2C marketplace
An e-commerce platform processing data from 200,000 users underwent complete compliance: processing registry, privacy policy, subcontractor contracts, and team training.
Defense of a startup after a data breach
Following a cyberattack, a fintech suffered a breach affecting 15,000 accounts. The CNIL notification, crisis communication, and defense in the investigation were managed, resulting in only a warning.
Client reviews
What our clients say about us.
“Great responsiveness from all team members, with solutions found quickly and efficiently.”
Christ C.
“We entrusted INFLUXIO with a complex case. Their technical expertise, strategic vision and the quality of their legal briefs were decisive.”
Mia-Line C.
Contact
Contact INFLUXIO.
Would you like to schedule a meeting or get a quote?
We respond within 24 hours.
Insights
Learn more about this area.
What is a digital law and new technologies attorney?
Personal data storage, software development, digital platform operation: all activities exposed to specific legal obligations. A digital and new technologies attorney secures your digital tools, governs your contractual relationships, and helps you stay compliant with current regulations.
- ✓Protect your digital assets: websites, software, data, trademarks
- ✓Govern your IT contracts: T&Cs, SaaS, development, licensing, assignment contracts
- ✓Manage disputes related to cybersecurity, counterfeiting, or online reputation
- ✓Ensure compliance with GDPR and other regulations (AI, Web3...)
Legal advice: personalized support for your digital projects.
- Support for legal structuring of projects (MVP, scale, internationalization)
- Identification of legal obligations by activity type
- Contract audit and personalized recommendations
- Advice on critical clauses (liability, IP, data…)
Contract drafting and negotiation: IT contracts, licenses, T&Cs.
- Drafting of T&Cs, license contracts, IT subcontracting contracts
- IT contract drafting, software development, hosting, API
- Specific clauses: intellectual property, confidentiality, security, performance
Litigation: representation before courts in digital disputes.
We support you at all stages of the proceedings: from pre-litigation to court filings and case monitoring before the courts.
- Representation in GDPR, CNIL, counterfeiting, e-reputation disputes
- Amicable or judicial strategy depending on the situation
Why trust INFLUXIO Attorneys for digital law and new technologies?
In a constantly evolving digital environment, rigorous legal oversight is indispensable. An imprecise clause, neglected compliance, or poorly structured contract can compromise a project's legal security. INFLUXIO offers support specifically designed for tech companies: clear, responsive, and directly applicable to your operational challenges.
Sharp expertise in digital law.
GDPR, cybersecurity, blockchain, Web3, SaaS, AI… We work on complex and sensitive topics that we master daily. We integrate regulatory developments (DSA, DMA, AI Act, etc.) into our analyses, adapting them to your tools, markets, and business priorities.
Experienced and specialized attorney team.
Our firm is composed of experienced profiles in digital law and new technologies, capable of effectively interacting with technical stakeholders: CTO, DPO, product managers, legal departments. Our role: translating business issues into clear, executable, and reassuring legal solutions.
Personalized approach and tailored support.
Whether it's an MVP-stage project, fundraising, or European-scale structuring, we adapt our recommendations to your context, sector, and pace of evolution. A contract to validate, a cease-and-desist received, a security incident detected: we intervene with a quick, clear, and immediately actionable response.
Our legal expertise in digital law and new technologies.
GDPR and personal data protection.
The General Data Protection Regulation (GDPR) imposes a strict framework for processing personal data. We help you build solid compliance without hindering innovation.
- GDPR audit (CRM, cloud, SaaS, tracking…)
- Drafting of registers, DPIA, internal policies
- Contractual framework (DPA, subcontracting)
- Support in case of CNIL control or violation
- Team training and awareness
Intellectual property: trademarks, domain names, software.
Software, trademarks, databases, digital content: your intellectual property assets are value drivers, but also potential targets.
- Trademark filing and protection (INPI, EUIPO, WIPO)
- Definition and assignment of software and content rights
- Drafting of licenses, NDAs, and specific clauses
- Management of counterfeiting or unfair competition actions
E-commerce and IT contracts.
E-commerce raises complex contractual and regulatory issues.
- Drafting of T&Cs, legal notices
- Checkout compliance, returns, deliveries
- Marketplace and e-consumer obligations
- Dispute management or account lockouts
- License contracts, assignment contracts
- IT contracts
Digital law: AI, blockchain, video games, Web3.
Emerging technologies require an agile legal framework adapted to your use cases. We support startups in the Creator Economy with their legal structuring.
- Custom contracts for AI, blockchain, Web3, gaming
- Responsibilities related to algorithms and outputs
- Governance of AI training data
- Legal structuring of NFTs, marketplaces, platforms
Cybercrime: attacks, data theft, e-reputation.
In case of an incident, legal responsiveness is key. Discover our cybersecurity expertise. We intervene quickly to limit risks and activate the right levers.
- Rapid incident response (leak, ransomware, hacking)
- Coordination with CNIL and complaint filing
- Legal actions for e-reputation damage or impersonation
- Integration of security clauses in your IT contracts
- Assistance with banking watchlist listings (World-Check, Dow Jones, ComplyAdvantage)
Regulatory framework for digital law in Europe.
Digital law in Europe rests on a set of foundational texts that structure the obligations of businesses and public bodies. The GDPR (Regulation EU 2016/679) forms the cornerstone of personal data protection: it imposes transparency, data minimization, processing security, and proactive accountability obligations on any organization processing data of European residents.
The Digital Services Act (DSA, Regulation EU 2022/2065) governs the liability of online platforms regarding illegal content, imposing moderation, algorithmic transparency, and cooperation obligations with national authorities.
The Digital Markets Act (DMA, Regulation EU 2022/1925) targets gatekeepers, large digital platforms, by imposing interoperability, non-discrimination, and data portability rules to preserve fair competition.
AI Act, NIS 2 and the French Digital Republic Act.
The AI Act (Regulation EU 2024/1689) is the world's first legal framework dedicated to artificial intelligence.
It classifies AI systems by risk level (unacceptable, high, limited, minimal) and imposes graduated obligations: outright prohibition of unacceptable-risk systems, conformity assessment and technical documentation for high-risk systems, transparency obligations for limited-risk systems.
The NIS 2 Directive (Directive EU 2022/2555) significantly strengthens cybersecurity requirements: it broadens the scope of covered entities, imposes proportionate technical and organizational measures, and requires Member States to provide for penalties of at least €10 million or 2% of global turnover for essential entities, and at least €7 million or 1.4% for important entities.
Finally, the French Digital Republic Act of October 7, 2016 laid the groundwork in French law for open data, data portability, the digital right to be forgotten for minors, and platform fairness. At INFLUXIO, we integrate all of these texts into our analyses to provide comprehensive and up-to-date legal support.
Beyond the GDPR, the DSA, and the DMA, the European Union has adopted other structuring texts for digital law: the NIS2 Directive (EU 2022/2555) imposes enhanced cybersecurity obligations on a wide range of economic sectors; the DORA Regulation (EU 2022/2554) governs the digital operational resilience of the financial sector; the eIDAS 2 Regulation (EU 2024/1183) modernizes the framework for digital identity and trust services.
Useful glossary in digital law.
- DSA
- Digital Services Act (Regulation EU 2022/2065), fully applicable since 17 February 2024 ; imposes transparent moderation, notice-and-action, trader traceability (KYBC) and systemic audits for very large online platforms (VLOPs).
- DMA
- Digital Markets Act (Regulation EU 2022/1925), applicable since 2 May 2023, regulates gatekeepers and bans certain practices (self-preferencing, lock-in, data combination without consent).
- SREN Act
- French Act n° 2024-449 of 21 May 2024 securing and regulating the digital space, transposing DSA/DMA and creating new offences (online outrage, non-consensual deepfake).
FAQ
Frequently asked questions.
The Digital Services Act (DSA, Regulation 2022/2065) aims to hold online platforms accountable for illegal content by imposing moderation, algorithmic transparency, and advertiser traceability obligations. The Digital Markets Act (DMA, Regulation 2022/1925) specifically targets 'gatekeepers', large platforms, to ensure fair competition.
The DSA regulates content, the DMA regulates markets: the two texts are complementary.
The DSA (EU Regulation 2022/2065), applicable since 17 February 2024, imposes transparency and moderation obligations on all online platforms operating in the European Union. Companies hosting user-generated content must implement reporting mechanisms, cooperate with national authorities (ARCOM in France), and publish transparency reports.
Non-compliance can result in fines of up to 6% of worldwide annual turnover.
The AI Act (EU Regulation 2024/1689) comes into force progressively between 2025 and 2027. Prohibitions on unacceptable risk practices have applied since February 2025. Transparency obligations for limited-risk systems come into force in August 2025. Full requirements for high-risk systems will apply in August 2026.
INFLUXIO conducts classification audits of your AI systems and supports you in developing your compliance strategy.
The GDPR (Regulation 2016/679) provides a two-tier sanctions system. The most serious breaches (unlawful processing, lack of consent, unauthorized transfers) carry fines of up to €20 million or 4% of annual global turnover, whichever is higher. Breaches of technical and organizational obligations (register, DPO, breach notification) are sanctioned up to €10 million or 2% of global turnover.
Yes, the reversibility clause is essential in a SaaS contract. It guarantees that the client can retrieve all their data in an exploitable format at the end of the contract, avoiding any vendor lock-in effect. This clause must specify the restitution format, deadlines, financial terms, and the provider's data destruction obligations.
The GDPR reinforces this requirement through the right to data portability (Article 20).
A digital compliance audit is a structured examination of all of a company's digital practices against applicable regulations: GDPR, DSA, DMA, AI Act, NIS 2 Directive. It covers personal data processing, IT contracts, T&Cs, information system security, and subcontractor management. The audit identifies compliance gaps, assesses legal risks, and results in a prioritized action plan.
Yes, the AI Act (Regulation 2024/1689) applies to all entities placing or deploying an AI system on the EU market, including startups. However, the regulation provides relief for SMEs: access to regulatory sandboxes supervised by national authorities, partial exemptions from certain documentation requirements, and extended compliance deadlines.
Startups developing high-risk systems remain subject to full obligations.
Under French law, software is protected by copyright from the moment of creation, without any registration requirement (Article L.112-2 of the Intellectual Property Code). Protection covers source code, object code, and preparatory design material.
To strengthen proof of the creation date, registration with the APP (Agency for the Protection of Programs) or via an e-Soleau envelope is recommended. Development contracts must include an express assignment of economic rights.
GDPR compliance rests on several pillars: audit of your processes and tools (CRM, SaaS, tracking), DPO designation if required, drafting of the processing register, privacy policies and data processing agreements (DPA), implementation of procedures for managing data subject rights and breach notification. INFLUXIO supports you at every step.
Without an appropriate legal framework, risks multiply: inadequate T&Cs exposing you to consumer disputes, incomplete contracts with poorly defined liabilities, unprotected trademarks or content vulnerable to counterfeiting, GDPR non-compliance leading to financial penalties and loss of trust. Structured legal support secures your growth and protects your digital assets.
Related publications
Our latest articles.
In short
INFLUXIO is a law firm specialized in digital law, based in Paris and Brussels. GDPR, DSA, DMA, AI Act, NIS 2, SaaS contracts, e-commerce, platforms, CNIL compliance and IT litigation.
Response within 24 hours.
