Menu

Tech, Data
& Cybersecurity

FIRSH assists companies on a day-to-day basis with all legal issues relating to IT law and new technologies.

Global objective :

To provide tailored based on a thorough understanding of the client’s business and constant legal agility, in order to secure and frame the company’s activity. 

Our work covers:

  • Software licence agreements.
  • SaaS, ASP, PaaS, Iaas agreements.
  • Open-source software licences.
  • Maintenance agreements.

Objective: to structure the organisation, secure its activity and build trust, with compliance also serving as a key investment. 

  • Assessment and mapping of processing activities.  
  • Contractual audit of confidentiality safeguards and preparation of a contractual toolkit. 
  • Management of compliance projects. 
  • Carrying out data protection impact assessments.
  • Training and hotline support. 
  • Outsourcing of the DPO function.
  • Pre-litigation and litigation assistance before the CNIL and competent authorities.
  • Assistance in the event of a personal data breach, including analysis, notification, crisis management and responses to authorities. 
  • IT development agreements.
  • Software / website assignment agreements. 
  • Integration agreements.
  • Subcontracting or outsourcing agreements. 
  • Hosting agreements.
  • SEO / referencing agreements.
  • IT charters.
  • Legal notices, general terms and conditions of sales, general terms of service and terms of use for merchant and non-merchant websites.
  • Sales law and consumer law for online sales.
  • Cookies policies and privacy policies.
  • Digital accessibility.
  • Contractual architecture for marketplace.
  • Legal framework for the sale and use of connected objects. 
  • Website development, hosting distribution, maintenance and related agreements.
  • Litigation, including competition matters and French Directorate General for Competition Policy, Consumer Affairs and Fraud Control (“DGCCRF”) investigations or controls.

In fast-changing digital environment, organisations must address a growing number of legal obligations relating to cybersecurity, data governance and digital resilience. FIRSH assists clients in understanding and complying with these regulatory frameworks, which are now essential to security, trust and sustainable performance. 

Our cybersecurity work includes:  

  • Compliance with current European and French digital regulations, including the Cyber Resilience Act (CRA), the Digital Operational Resilience Act (DORA), NIS1 and NIS2, the Data Governance Act (DGA), the Data Act and artificial intelligence regulation, including the EU AI Act. 
  • Drafting and negotiating strenghtened contractual clauses and embedded compliance mechanisms.
  • Reviewing cloud, IT and software agreements, security, support and audit clauses, resersibility and portability mechanisms, and incident-notification and cooperation obligations arising from the Data Act, DORA and the CRA.

Technology often moves faster than the law.

FIRSH considers regulatory foresight essential to supporting companies in their innovative activities. The firm contributes to the construction of tomorrow’s law by combining pragmatism, efficiency and ethics. In addition to legal support, FIRSH offers representation before public authorities and strategic advice to support development, including: 

  • Mapping public decision-makers.
  • Drafting analysis notes and white papers.   
  • Engagement with government, parliamentarians and local elected officials. 
  • Proposals for legislative and regulatory amendmnents. 
  • Organising meetings and conferences to advance the law on new legal issues. 
Our expertise
Artificial Intelligence
Learn more
Web 3.0, NFTs
& Blockchain
Learn more
Intellectual Property
& Media
Learn more