Firms To Watch: Data privacy and data protection

Founded by Saverio Cavalcanti in April 2022, Cavalcanti Studio Legale has a core focus on data protection, IT and media and copyright law mandates.
Studio Legale Delfino e Associati Willkie Farr & Gallagher LLP‘s privacy and cybersecurity team has experience of GDPR and European regulations and is known for assisting clients in the pharma and technology sectors in particular.

Firms in the Spotlight Data privacy and data protection

ICT Legal Consulting

ICT Legal Consulting logo

Over the last 12 months, ICTLC – ICT Legal Consulting (ICTLC) has continued to grow significantly, consolidating our position as a leading European firm in the areas of information technology, privacy, data protection and cybersecurity compliance.

View Profile...

Data privacy and data protection in Italy

DLA Piper

DLA Piper’s data privacy and protection team features has a core focus on the financial services, insurance, media telecoms, life sciences, fashion and retail sectors. The department is often engaged to handle privacy-related disputes, cyberattacks and data driven projects, and is particularly reputed for its assistance in complex data protection projects for companies operating in the domestic market. Giulio Coraggio oversees the department, which includes Giulia Zappaterra, who assists major domestic companies with GDPR compliance.

Practice head(s):

Giulio Coraggio

Other key lawyers:

Giulia Zappaterra


‘The team is composed of high skilled lawyers (from the very youngest resources to the partners) with strong experience in the sector and capable of solving complex matters in very efficient and smart manners, always maintaining a high level of sophistication.’

‘I believe that the strength of the team is its diversity in terms of age, background and previous experiences of the lawyers.’

‘Each team member has different skills and strengths which are crucial to serve the client in all possible different situations.’

‘Giulio Coraggio has a deep knowledge of the sector and of our business. Thanks to this, his approach to resolving issues is very pragmatic and sensible. He goes straight to the point while always maintaining a high level of sophistication.’

‘Giulio Coraggio has a great ability to manage his team, selecting the most appropriate team member to deliver the service depending on the type of matter to be handled.’

‘Giulia Zappaterra is always very responsive to the client and focused on providing high level services in a very efficient manner.’

Key clients







Philip Morris




NTT Data



Banca PSA


SISPI – The IT company of the Municipality of Palermo


Work highlights

  • Assisted NTT Data with a ground-breaking digital transformation project relating to the creation of the national data management and e-learning platform of the whole Italian school system.
  • Assisted SISPI, the IT company of the Municipality of Palermo, in dealing with one of the largest cyberattacks impacting the public sector in Italy.

Hogan Lovells International LLP

The team at Hogan Lovells International LLP has extensive experience assisting domestic and international clients with GDPR, as well as Italian decree compliance. The team also assists the DPOs of domestic and multinational companies with privacy impact assessments, the review of privacy documentation and gap analysis. Massimiliano Masnada leads the department and has strong knowledgeable of social media privacy matters, in addition to the cross-border transfer of data, and has represented several clients before the Italian Data Protection Authority. Giulia Mariuz is also noted for her expertise in contractual matters.

Practice head(s):

Massimiliano Masnada

Other key lawyers:

Giulia Mariuz

Key clients


Bending Spoons




Pago PA


Work highlights

  • Assisted Foodinho (Glovo) in relation to litigation against the Italian Data Protection Authority.
  • Assisted PagoPA in developing a privacy compliance model under the GDPR with specific respect to the app IO.
  • Assisted Canal+ in respect to data protection relevant issues arising from the relationship with TIM regarding the development and commercialisation in Italy of a new platform on demand.

ICT Legal Consulting

ICT Legal Consulting assists significant domestic and multinational clients with international projects, often advising on cybersecurity and data protection matters as well as providing strategic advice on privacy matters. Paolo Balboni frequently advises clients on general IP matters, e-health, AI and big data and smart analytics. He jointly heads the team with Luca Bolognini, who is an experienced data protection and privacy lawyer, and Floriana FrancesconiVito Michele Pavese is also noted.


‘They have a unique know how on IT and data protection related matters. The quality of services delivered by the whole team is very high.’

‘Paolo Balboni is a guru at EU level on data protection matters. Nicola Franchetto is a dedicated partner and has an outstanding problem solving attitude’

‘They have a personal interest in really understanding the specificities of the business.’

‘The people I work with are particularly empathetic and show interest in the client and the projects. They are available to explain legal concepts that can be easily understood by everyone. They are always punctual in feedback.’

‘Highly professional and up-to-date, they have a transnational approach to GDPR and they inform clients of any relevant update in this matter.’

‘They fully understand the business of their client and they assist on a tailor made basis. Paolo Baldoni, one of the founders of the firm is an outstanding and recognised professional and lecturer in many GDPR events.’

‘Deep technical knowledge, constant cooperation and availability.’

‘The associates offer effective and timely advice.’

Key clients

Alpitour S.p.A.

Amissima Vita S.p.A.

Amplifon S.p.A.

Amundi SGR

Assimoco S.p.A.

Axpo Italia S.p.A.

Banca Nazionale del Lavoro S.p.A. – BNP Paribas

Banijay Italia S.p.A. (Banijay Group)

Bayview Italia 06 S.p.A.

Barilla G. e R. Fratelli S.p.A.

Bending Spoons S.p.A.

Bertazzoni S.p.A.

BitBang S.r.l.

Bper Banca S.p.A.

Brunello Cucinelli S.p.A.

Cembre S.p.A.

Centro Stampa Poligrafici S.r.l. (Monrif Group)

Cofidis S.p.A.

Consulcesi SA

Coop Italia Soc. Coop.

Cooperativa Socile e di Lavoro Operatori Sanitari Associati

CRC-Evans Offshore Limited

Crèdit Agricole Assicurazioni S.p.A.

Crèdit Agricole Italia S.p.A.

Crèdit Agricole Vita S.p.A.

Dedalus S.p.A. (Dedalus Group)

Diennea S.r.l.

Editoriale Nazionale (Monrif Group)

EGA Emiliana Grandi Alberghi (Monrif Group) S.p.A.

Endemol Shine Italia S.p.A. (Banijay Group)

Engineering – Ingegneria Informatica S.p.A.

Eridania Italia S.p.A.

Fabbri Holding Industriale S.p.A.

Fatro S.r.l.

Friul Intagli Industries

Gamechainger Limited

Giochi Preziosi S.p.A.

Grandi Navi Veloci S.p.A.

Growens S.p.A.

Gruppo Fabbri Vignola S.p.A.

Guess Europe Sagl

Lago S.p.A.

Linkem S.p.A.

Maserati S.p.A.

Mediamarket S.p.A.

Micys Company S.p.A. (Pupa)

Missoni S.p.A.

Modea S.r.l.

Monrif S.p.A. (Monrif Group)

Morato Pane S.p.A.

MSC Cruises SA

NetMind S.r.l.

Octo Group S.p.A.

Philips S.p.A.

Poste Italiane S.p.A.

Prima Assicurazioni S.p.A.

Register S.p.A.

Robin S.r.l. (Monrif Group)

Ro.mar S.r.l.

R+V Allgemeine Versicherung AG


Salvatore Ferragamo S.p.A.

Samsung Electronics Italia S.p.A.

Sapio Produzione Idrogeno Ossigeno S.r.l.

Sara Assicurazioni S.p.A.

Satec S.r.l.

ShopFully PTY Ltd

ShopFully S.p.A.

SGS Italia S.p.A.

Società Cattolica di Assicurazione S.p.A.

Soilmec S.p.A. (Trevi Group)

Stella McCartney Ltd

Terna S.p.A.

Trudi S.p.A.

Trevi S.p.A. (Trevi Group)

Trevi Finanziaria Industriale S.p.A. (Trevi Group)

Tod’s S.p.A.

UNHCR – United Nations High Commissioner for Refugees

Università Campus Bio-Medico di Roma

Vaillant Group Italia S.p.A. (Vaillant GmbH)

Value Retail Management Italy S.r.l.

Veratour S.p.A.

Vetefar Fossano S.r.l.

Virgin Active Italia S.p.A.

Vorwerk Italia S.a.S. di Vorwerk Management S.r.l.

Webees S.r.l.

Welcome Travel Group S.p.A.

Wetaxi S.r.l.

Vivienne Westwood Ltd

ZTE Italia S.r.l.

Work highlights

  • Assisted Stella McCartney LTD as its Data Protection Officer for outsourcing matters in Italy, France and Spain.
  • Acted as Data Protection Officer to Maserati S.p.A.
  • Acted as the external Data Protection Officer of the mother company of MSC Cruises located in Switzerland and a number of other companies of the group located in various jurisdictions.

PANETTA Studio Legale | PANETTA Law Firm

PANETTA Studio Legale | PANETTA Law Firm demonstrates 'competence and skill at the highest level' in the data protection field and is a popular choice for international companies for cybersecurity, the protection of personal data and privacy matters. Rocco Panetta is able to draw on his previous experience as head of legal at the Italian DPA. Tommaso Mauro and Lorenzo Cristofaro are other key names.

Practice head(s):

Rocco Panetta

Other key lawyers:

Tommaso Mauro; Lorenzo Cristofaro


‘Great contacts and understanding of privacy regulators.’

‘Rocco Panetta has a commercial approach that makes him stand out.’

‘Rocco Panetta and his team have shown an incredible ability to adapt to our needs.’

Key clients



Bottega Veneta











Procter & Gamble

Hard Rock Café





IGT Lottery

Clear Channel

OTB (Diesel)

The Mall




Santander Consumer Bank


Illimity Bank


Richard Ginori





Amici Onlus












ACEA ato2







Kering EyeWear

Work highlights

  • Advised Conad during the launch of a new e-commerce platform.
  • Assisted Deliveroo and Roofoods during a proceeding before the Italian DPA as a result of an investigation under GDPR.
  • Advised TikTok before the Italian Data Protection Authority and the European Data Protection Board.

Portolano Cavallo

Portolano Cavallo is often engaged in high-profile disputes and M&A employment-related data protection work. The department’s client roster spans a number of industries with particularly sensitive data considerations, including healthcare, telecoms and e-commerce. Laura Liguori heads the department and frequently advises clients on the legal issues concerning social networks including cookies, employee monitoring and whistleblowing hotlines. Giulio Novellini is often engaged in GDPR compliance programmes and has negotiated several data processing agreements on the customer as well as provider side. Associate Eleonora Curreli provides additional support.

Practice head(s):

Laura Liguori

Other key lawyers:

Giulio Novellini; Eleonora Curreli


‘Very knowledgeable with solid connections to the Italian data protection authority. They give practical advice and are able to tailor advice to the needs of a multi-national organisation.’

‘Willing to be available at times that are likely inconvenient for them. Very thorough. Laura Liguori was wonderful to work with.’



The team at BonelliErede has key knowledge of regulated sectors, including healthcare, insurance and banking, and handles matters including risk clustering, customer profiling and data storage. The department is often engaged to assist clients in interactions with data protection authorities, challenging the decisions before courts, and also handles data exploitation matters concerning IoT. Tommaso Faelli oversees the department and is proficient in IP and IT data protection, especially in relation to e-commerce and cloud computing. Giulia Tenaglia advises Italian and international companies on innovative projects pertaining to data management.

Practice head(s):

Tommaso Faelli

Other key lawyers:

Giulia Tenaglia


‘Fantastic and available people, they answer very fast, and have fantastic skills.’

‘They work with an holistic approach and follow the client in any kind of concerns. They propose innovative solutions in the management of issues.’

‘Tommaso Faelli has an outstanding style of work, he is able to anticipate your needs, and demonstrates a deep knowledge of the matter. He is efficient and responsive.’

‘The team of Bonelli Erede has been very helpful in a wide range of matters.’

‘Giulia Tenaglia’s approach to privacy matters is remarkable.’

Work highlights

  • Represented the Italian energy company Enel Energia before the Court in the appeal against a fine imposed by the Italian Data Protection Authority.


Chiomenti assists clients with day-to-day data protection issues, including data transfers and data breaches as well as internal investigations. The practice also has extensive experience of cybersecurity and assists major international companies with the implementation of NIS regulations. The department is also home to a multidisciplinary team which advises companies in the process of digital transformation or those exploring new technologies such as blockchain. Gilberto Nava heads the department, which also includes Ersilia Lazzara, who regularly advises domestic and international clients on matters concerning the processing of personal data.

Practice head(s):

Gilberto Nava

Other key lawyers:

Ersilia Lazzara


‘Good team.’

‘Gilberto Nava is a competent lawyer, and really professional.’

‘The Chiomenti data privacy and data protection team is well organized, the professionals have a deep knowledge of the industry.’

‘Gilberto Nava is very experienced and has a strong problem-solving attitude. He has been very helpful in many critical situations and he was able to propose smooth solutions with a business oriented approach.’

Key clients

Ita Airways


ION Investment/Cerved

Castello SGR


Targa Telematics

Eni S.p.a.


Enel X

Intesa Sanpaolo S.p.a.


Hic Mobile S.r.l.

Agile Telecom

InfoCert S.p.a.

Visura S.r.l.

Work highlights

  • Assisted Infocert with several strategic and sensitive matters including (i) advice on data protection matters concerning electronic signature solutions; (ii) support on the implementation of measures in the context of compliance activities, (iii) opinions on data protection and regulatory issues related to certified email services.
  • Advised Casavo on data protection and IT matters, including drafting the terms and conditions for the online platform and App, review of privacy policies, definition of roles and responsibilities of counterparties.
  • Assisted the new national Italian airline (ITA Airways) in relation to several regulatory profiles concerning IT and data protection aspects linked to the start-up of activities by the company and the innovative projects it has launched.


The team at Dentons is a point of reference in the market for GDPR implementation. The practice assists a wide range of international and domestic clients in their digital transformation, and is often engaged in data matters relating to IoT, cybersecurity, and digital media. Giangiacomo Olivi leads the department and has a specific focus on data management. Senior associate Fabia Cairoli provides support on data compliance projects and is also involved in assisting with clients' data-driven work. Associate Chiara Bocchi is also noted.

Practice head(s):

Giangiacomo Olivi

Other key lawyers:

Fabia Cairoli; Chiara Bocchi


‘Commitment, competence and dedication.’

‘Good team.’

‘Giangiacomo Olivi is an highly professional lawyer.’

‘The team has considerable experience, they listen to the customer carefully and they deal with the problem with in- depth solutions.’

‘The team has excellent listening skills and understanding of customer needs, they are prompt and punctual in responding to privacy issues submitted by the customer.’

‘The Dentons team is very competent.’

‘Giangiacomo Olivi is very competent and professional.’

Key clients


Banco BPM

Bending Spoons

BIC Formats

Bolton Group

Brunello Cucinelli



Coca Cola


Delta Airlines







Format Espresso

GEDI Gruppo Editoriale (La Repubblica / HuffingtonPost, etc.)



Intesa Sanpaolo


Jackleg Media

Johnson & Johnson Medical


Le Creuset





Motorola Solutions

Movendo Technology

NTT Data




The Student Hotel




Warner Bros


Xandr (WarnerMedia)


Work highlights

  • Assisting QVC in its strategic data privacy matters, including several multijurisdictional issues.
  • Assisting Bolton in a number of data privacy strategic issues.
  • Assisting Whirlpool in various matters related  to data management and innovative technology solutions, including global strategic governance.

Gianni & Origoni

Gianni & Origoni advises clients on the full spectrum of issues concerning cybersecurity, data protection and technology law. The team is well-equipped to handle international cybersecurity and data protection issues including drafting privacy agreements and specific data protection, as well as structuring data protection compliance systems. Stefano Mele has a track record handling cybersecurity matters and crisis management following cyber-attacks. Daniele Vecchi advises domestic and internal corporations on commercial transactions relating to IT and data protection issues, and Melissa Marchese assists with data protection management.


‘Melissa Marchese is an excellent lawyer, and is qualified in privacy matters. She knows the company and its business very well and suggested how to be compliant with the privacy directive.’

Key clients

Associazione Bancaria Italiana (ABI)

Arqit Quantum Inc

InfoCert S.p.A.

Open Fiber S.p.A.

Lindt & Sprüngli SpA/ Lindt & Sprüngli SA



Eni SpA

Auditel SpA

Costa Crociere SpA (Carnival Group)

Takeda Italia SpA

Techint SpA

Gellify Digital Investment SpA


Alitalia – Società Aerea Italiana SpA

Memento Labs Srl

Missoni SpA

Technogym SpA

Work highlights

  • Assisted 30+ national companies operating in the main strategic sectors in the application of the National Cybersecurity Perimeter Law.
  • Assisted Auditel, a company tracking TV audiences in Italy, in an innovative project.
  • Assisted Missoni S.p.A., in undertaking a “cleanse” operation aimed at ensuring that personal data was being processed at all times in full compliance with the applicable regulations and with the highest levels of security.

Orsingher Ortu – Avvocati Associati

The team at Orsingher Ortu – Avvocati Associati is well-equipped to handle cross-border matters and is often engaged in the management of data protection issues in complex transactions, as well as data processing agreements and the drafting of corporate policies. Fabrizio Sanna heads the department and focuses on IP as well as TMT litigation and transactions, including licensing and the drafting of agreements for purchases. Marta Minonne has significant experience of data protection privacy matters relating to corporate transactions, Domenico Colella is also a name to note.

Practice head(s):

Fabrizio Sanna

Other key lawyers:

Marta Minonne; Domenico Colella

Key clients


The Walt Disney Company




ITV Global Entertainment Limited






Borsa Italiana

F.C. Internazionale Milano



Egon Zendher



Antares Vision




Work highlights

  • Represented Yahoo! and Verizon before the Italian Supreme Court in a landmark case against the Italian Data Protection Authority on data protection law and de-indexing obligations and search engines.
  • Acted for Douglas in proceedings started by Italian Data Protection Authority to assess the client’s compliance with data protection law.
  • Advised F. C. Internazionale Milano (Inter football club) on a wide number of aspects related to data protection laws.

Osborne Clarke

The team at Osborne Clarke is proficient in handling contentious data protection issues and has extensive expertise in cyber-security and major data breaches. It is also sought after to assist international clients with cross-border data protection mandates. Gianluigi Marino heads the department and advises clients on compliance programmes, big data and outsourcing and cloud issues. Marialaura Boni has experience of advising on access requests. Antonio Racano is often engaged in assisting clients in the establishment and implementation of compliance programmes focused on data protection and privacy.

Practice head(s):

Gianluigi Marino

Other key lawyers:

Marialaura Boni; Antonio Racano


‘A group of highly trained professionals who are always available even outside office hours.’

‘Osborne Clarke is a strong, consistent, up to date and reliable point of reference for any data privacy coordinator. The team is able to provide a DPO role as a formal service.’

‘I worked with Marialaura Boni who was proactive, very fast in delivering support, flexible and fully available beyond normal working hours.’

‘Gianluigi Marino is an excellent, skilled lawyer with a sharp eye for business needs.’

‘Osborne Clarke has proved their ability to provide solutions for a wide set of needs, and can support their customers’ operations with dedicated and skilled account managers.’

‘Mr. Gianluigi Marino is an extremely well-prepared professional, he is helpful and punctual.’

‘The individuals are responsive and succeed in accomplishing the task in a tight time frame.’

‘Gianluigi Marino is very experienced and collaborative.’

Key clients

AMAT – Agenzia Ambiente Mobilità e Territorio

Asmodée Holding SAS

ByteDance (UK) Limited – TikTok – Perceiver Ltd.

Binda Italia S.r.l.

CBRE Group Inc.

Costim S.r.l. (Chorus Life S.p.A.)

Dplay Entertainment Ltd.

Engie Italia S.p.A.

Fanplayr Europe

Grifols Italia S.p.A.

Havas Group

Integral Ad Science

Italian Valley S.r.l.

Mail Boxes Etc.

Mediobanca – Banca di Credito Finanziario S.p.A.

Mowi Italia

Proofpoint Inc.

NTT DATA Italia S.p.A.

Satispay S.p.A.

SDM Società Dietetica Medica S.r.l.

Sony Music Entertainment Italy S.p.A.

Uber Technologies Inc. and Uber B.V

Work highlights

  • Assisted Costim, the general contractor of the Chorus Life ‘Smart City’ project, with a range of matters including data protection and privacy.
  • Assisted Havas Group, a French multinational advertising and PR company, on a range of data protection issues.
  • Assisted Satispay with data protection issues.


The department at ADVANT Nctm is routinely engaged in matters pertaining to IT and cybersecurity, privacy and personal data protection and privacy policies. It frequently assists national and international companies with GDPR compliance and also provides data breach management services to international insurers. Paolo Gallarati leads the department and is focused on matters relating to TMT and Marco Cappa advises DPO clients. Elsa Gentile and Virginia Paparozzi are other names to note.

Practice head(s):

Paolo Gallarati

Other key lawyers:

Elsa Gentile; Virginia Paparozzi; Marco Cappa


‘The team is a good mix of senior and junior lawyers, and is able to quickly propose solutions to changes in privacy legislation tailored to the industry.’

‘Rapid responses from associates and partners.’

‘Paolo Gallarati is brilliant and very experienced, he understands the matters at stake and provides guidance in a smart way. He is also a great example of knowledge, professionalism, and kindness.’

‘The team offers a very high level of expertise when providing advice by providing complete and constant professional support.’

‘The team includes professionals from across the EU, who have considerable, first-hand experience advising on privacy compliance.’

‘The professionals we worked with have remarkable expertise which reflects their prominent status in the Italian legal context for Privacy & IT Compliance.’

‘Excellent and capable, especially in the most complex fields of GDPR application.’

‘The most important thing that makes a huge difference with respect to its competitors is the composition of the team, the professionalism that they use to approach every kind of potential matter, the confidence that they transfer to the customer and the timely management of the most critical request. Not to forget, even if secondary, the billing factor where the fees are applied is very fair.’

Key clients

Italo – Nuovo Trasporto Viaggiatori S.p.A.

Vaillant Group Italia S.p.A.

Prometeon Tyre Group S.r.l.

Business Integration Partners S.p.A.

Wind Tre S.p.A.


SEIF– Società Editoriale Il Fatto S.p.A.


Astrazeneca S.p.A.

TEA S.p.A.

Work highlights

  • Assisted Corcym S.r.l., a new, independent, global medical-device company in a complex personal data protection compliance project.
  • Assisted Subaru Italia, an Italian subsidiary of a Japanese automotive international company, in relation to the data processing activities that the company carries out in the context of its core business.
  • Assisted Italo- Nuovo Trasporti Viaggiatori S.p.A. in the analysis of a previous customer privacy model to verify compliance with GDPR EU regulations.

Studio Professionale Associato a Baker & McKenzie

Studio Professionale Associato a Baker & McKenzie advises on transactions, new legislation, general day-to-day matters in the compliance space. The group assists clients with managing risk related to data security breaches and also provides support on preparing for future breaches through the implementation of appropriate policies and procedures on information security. Francesca Gaudino heads the privacy and data security department; she routinely assists clients with risk management strategies and global compliance programmes.

Practice head(s):

Francesca Gaudino


‘The professionals are always available.’

‘They are professional and have great expertise.’

‘They build a positive relationship with the customers.’

Key clients


Automobili Lamborghini

Work highlights

  • Assisting Industries SpA, Moncler Group in its e-commerce and m-commerce activities worldwide, notably to take back the management of the same from a third-party service provider.

Bird & Bird

The department at Bird & Bird assists clients with the full spectrum of data protection and cybersecurity matters, including advisory support, crisis management, and data breach prevention and response. The practice also frequently supports leading companies and organisations with legislative changes including the Cyber (NIS) Directive and GDPR. Adriano D’Ottavio advises international groups active in an array of sectors and Debora Stella is also noted.

Practice head(s):

Adriano D’Ottavio; Debora Stella


‘Adriano D’Ottavio knows the business very well our business and he is able to assist us in all complex data protection issues.’

‘High skills in data protection and new technologies.’

‘They have a practical approach to issues.’

Key clients

FlixBus Italia S.r.l.

Datafalls S.r.l. Group

Groupama Assicurazioni S.p.A.

Max Mara Fashion Group

Work highlights

  • Advised on data protection compliance projects for its European operations and data transfer assessments.
  • Advised Max Mara Fashion Group on data protection topics, especially in relation to certain marketing activities, and data protection compliance in other EU countries.
  • Advised FlixBus Italia on privacy and data protection matters.


EY TAX & LAW ITALY assists a diverse mix of clients including governmental bodies and regional and international corporations active in an array of sectors including distribution, transportation and web-based services. Alessandra Pietroletti acts as data protection adviser and data protection officer (DPO) to numerous companies in the automotive, banking and insurance, and public utilities sectors. She jointly heads the department with Luigi Neirotti.

Practice head(s):

Alessandra Pietroletti; Luigi Neirotti


‘Diversity and commitment of human resources and a high level of legal skills and knowledge.’

‘Deep legal knowledge, high organization and management skills.’

Key clients












Prima Industrie S.p.A.

Società per azioni esercizi aeroportuali SEA S.p.A.

Eni Plenitude S.p.A. Società Benefit

Work highlights

  • Acted as Data Protection Officer for the BMW Italy Group.
  • Assisted the Data Protection Officer of Azimut Holding S.p.A. Group.

Legance - Avvocati Associati

The team at Legance - Avvocati Associati handles the full array of issues pertaining to privacy and data protection-related matters. The team handles data protection litigation, GDPR issues, as well as advising on the legal aspects concerning the design of new technologies; it also assists financial institutions with the data protection aspects of credit collection. Andrea Fedi has considerable experience in compliance, privacy and anti-bribery issues, with Lucio Scudiero also a name to note.

Practice head(s):

Andrea Fedi

Other key lawyers:

Lucio Scudiero


‘Exceptional experience in data protection.’

‘Lucio Scudiero has outstanding knowledge of our business.’

‘Legance’s practice is well resourced and balanced. The team has the right mix of seniorities and is always able to deliver on time and effective advice. They know the intricacies of our complex organisation.’

‘The team effectively liaises with other colleagues and practices as necessary, thus providing a high quality cross-sectoral advice which is well appreciated by our company.’

‘Lucio Scudiero leads the team, he is already a veteran in the field with a strong commercial orientation and a wide knowledge of the law and its practice in different contexts. He has good relationships with the community of privacy professionals.’

‘The personal and professional skills of Lucio Scudiero as well as all other consultants and partners from Legance are very high and much appreciated.’

Key clients


Apax Partners

Bottega Veneta

Bristol-Myers Squibb S.R.L.

Do It Now Group

Ferriera Valsider

Generali Business Solutions


Grimaldi Group

Interactive Advertising Bureau Italia – Iab

Miroglio S.p.A.

Nuovo Pignone International



Just Eat Italy

Università Vita-Salute San Raffaele

Lexia Avvocati

Lexia Avvocati assists an array of clients including IT service providers, content creators, and compliance officers with GDPR mandates. The department regularly acts as a data protection officer for clients and handles matters pertaining to data breaches as well as technology transactions. Aurora Agostini oversees the team and has in-depth expertise of digital compliance matters and cross-border data transfers.

Practice head(s):

Aurora Agostini



‘The individuals in Lexia’s team are all well-educated in their field and have strong expertise in their vertical.’

‘An excellent team and constantly collaborating with the client.’

Orrick, Herrington & Sutcliffe

The team at Orrick, Herrington & Sutcliffe has extensive experience assisting leading companies and financial institutions with the full spectrum of data protection issues, ranging from GDPR compliance programmes to cyber breaches. Practice head Alessandro De Nicola advises on processing activities concerning big data use and data analytics, among other work. Of counsel Ivan Rotunno has a key focus on regulatory and compliance matters.

Practice head(s):

Alessandro De Nicola; Ivan Rotunno

Pirola Pennuto Zei & Associati

The regulatory, compliance and data protection practice at Pirola Pennuto Zei & Associati acts for leading domestic corporations, joint-stock companies and major banks. The practice is often engaged to assist with foreign compliance issues, as well as legislative decree and GDPR matters, and supports clients in overseeing whistleblowing reports. Roberta Di Vieto is the name to note.

Practice head(s):

Roberta Di Vieto


‘We have total trust in them.’

‘They are properly skilled and very cooperative, and they are ready to respond in case of urgencies.’

‘They do great work with us on privacy related matters. Prompt response and proactive when required.’

‘The team was very professional and willing to investigate each case.’

‘Competence, technical knowledge, and a practical approach.’

‘Availability and pragmatism.’

Key clients










Ughi E Nunziante

The team at Ughi E Nunziante has strong credentials in privacy and data protection, including advising domestic and international companies on GDPR. The department is often engaged to act as external DPOs and legal counsel to large regional companies, in particular in the design and fashion industries. Massimiliano Pappalardo and Agostino Clemente are the key names.

Practice head(s):

Agostino Clemente; Massimiliano Pappalardo


‘Massimiliano Pappalardo is my go to lawyer. He has great knowledge of local laws, and has good contacts with local authorities and has the right business savviness to take a risk based approach.’

‘The team is very professional, reliable and responsive. They are perfectly on time and on budget. They are really easy to work with and are extremely professional.’

‘Massimiliano Pappalardo is a great professional in data privacy. He is extremely reliable and responsive. It’s always a pleasure to work with him.’

‘The team has significant bench strength on data protection matters. The standard of advice is consistently high.’

‘Massimiliano Pappalardo is exceptional on data protection matters. He is responsive, pragmatic and very user friendly.’

Key clients

Calzedonia Group

Open Fiber S.p.A.

Renè Caovilla S.p.A.

Ospedali Fatebenefratelli

Jakala S.p.A.

Morrow Sodali S.p.A.

Fondazione Ente Nazionale di Previdenza ed Assistenza per gli Psicologi

Consap S.p.A.

Retail Hub S.r.l.


Locker InPost Italia S.r.l.