Debora Stella

With over 20 years' experience advising on data protection and IT issues, today, I provide legal assistance to leading Italian and international companies on local and cross-border projects.

My recent experience includes advising on GDPR compliance programmes; the development of international CRM projects; compliance projects in multiple jurisdictions; sensitive data protection projects; data protection related issues connected to cloud computing projects; and drafting documentation for compliance with local data protection legislation.

In addition, I have assisted leading pharma and life science companies in their data protection issues; implemented data retention obligations for IT providers and telecoms companies; drafted data protection policies; assisted our clients on notification with the Garante (Italian Data Protection Authority) and trans-border data flows; developed staff training programmes; provided assistance on database sales and on the purchase or license of customer data and data sharing agreements; dealt with consumer complaints and offences and managed liaison with the Garante.

I also advise multinational companies on their commercial agreements in IT, such as licensing, distribution, outsourcing and cloud computing issues, as well as on Internet-related contracts.

As a legal expert, I have been part of privacy and security projects founded by the European Commission under the Seventh Framework Programme for Research (FP7) (for example the Coco-Cloud project), as well as a project under the Horizon 2020 programme with some of the top players in research and industrial innovation, and academic partners.

I am a member of the International Association of Privacy Professionals, I regularly contribute to international legal reviews and I am the author or co-author of numerous publications. I also speak about data protection regularly at professional conferences and roundtables.

Before joining Bird & Bird in 2003, I worked as commercial and data protection lawyer in the Milan offices of other major international law firms.

• I have vast experience in dealing with GDPR compliance projects either for large and international sized organisations (ranging across most of the countries in the EU), and for small and medium sized companies.
• I also act as DPO for a select number of clients and I am the Group DPO for a large international group of manufacturing companies with a strategic IoT programme in the EU.
• During my longstanding career I have also developed significant experience in data management connected to relational marketing projects in the luxury sector.
• Using my mixed expertise in data protection and the digital economy, I contributed specific focus to a data protection related issue connected to cloud computing, distributed technologies and the big data environment.
• I assist a client operating in the development of a public national logistic platform.
• I have assisted several top luxury brands in developing their strategy in setting up a global client management system.
• I also contributed to the drafting of standardised cloud computing terms of use and data protection clauses in the context of a H2020 project.