Photo of Stéphanie Martinier

Stéphanie Martinier is a partner in the Corporate Department, working in the Paris office.

Stéphanie advises French and international clients on the legal aspects of their investments in France. She has worked on a wide range of corporate transactions, including business acquisitions and sales (both for industrial clients and private equity funds), and joint ventures, and has been involved in the negotiation of sensitive commercial contracts. In addition, she has built long-term relationships with her clients advising them in this context on compliance with the General Data Protection Regulation (GDPR) and other French data privacy regulations.

Stéphanie has also developed expertise in the restructuring of corporate groups, in the negotiation of management packages and in dealing with the corporate aspects of the departure of top executives.

In addition, she manages the pro bono work of the Paris office and, as part of this commitment, provides training on the legal aspects of the creation of a business to young entrepreneurs through the program run by the not-for-profit Yes Akademia.

Stéphanie attended law school in both France and the United States, receiving a master of law from University Lyon III and a LL.M from University of Minnesota. She is licensed to practice law in France and New York, and has been with Proskauer since she graduated.

Six months after implementation of the European Union’s General Data Protection Regulation (“GDPR”),¹ many charitable organizations are still struggling with compliance. Our pro bono clients frequently ask whether consent is now required to send solicitations or communications via email to donors or potential donors.  Before addressing that discrete question, here are some key GDPR principles that apply to non-profit organizations:

What is personal data? Personal data encompasses any information that may directly or indirectly identify an individual (for example, a name is a direct identifying element, while a date of birth, email address, phone number, home address, or photo is an indirect identifying element).²  Personal data also includes information about the characteristics of an individual (hobbies for instance), opinions of a person, and online identifiers (cookies, IP address).  Because the definition of personal data is so broad, all charitable organizations process personal data.

What is data processing?³ Processing is defined very broadly in the GDPR and includes the collection, recording, storage, adaptation, use, erasure, and mere consultation of personal data.