Nathalie Moreno

Partner at Kennedys

Speaker

Nathalie is a partner at Kennedys Law LLP, in London, where she leads the Technology and Data Protection practice.

She is a dual qualified lawyer in the UK and in France.

Nathalie is a recognised thought leader and trusted adviser in commercial, transactional and regulatory issues in technology and data protection, bringing 20 years of experience and extensive knowledge to clients across sectors and jurisdictions. She has a broad-based UK and international practice working with a diverse range of clients, including household multinational corporations to high growth businesses.

Her focus is on data rich industry sectors, including technology, financial services, healthcare & life sciences, retail & consumer, hospitality & leisure, advertising & marketing, automotive, media & publishing.

Nathalie’s practice encompasses the full range of data protection, e-privacy and cybersecurity issues including global data protection audits and compliance implementation programmes, policies, data processing/ sharing arrangements, vendor management, data protection impact assessments, privacy by design, marketing permissions, data collection and commercial exploitation, and data subject rights.

She is regularly advising on data governance and legal requirements in connection with the use of new technologies (AI, Gen AI, IoT, etc.). She also helps clients navigate the regulation of AI under the EU AI Act and of IoT devices under the EU Data Act.

She regularly provides strategic advice in relation to multi-jurisdictional data transfers including on the implementation of the new EU Standard Contractual Clauses (EU SCCs); the UK Addendum to the EU SCCs, BCRs, the EU-US Data Privacy Framework, intra-group data sharing arrangements, etc.), and in relation to conflicts between different applicable privacy laws.

Nathalie also advises on cybersecurity matters ranging from data breach response, forensic investigations and remediation, to system infrastructure and network security, the NIS Regulations/Directive, data security governance and standards.

Having been part of the European Commission and the World Bank, earlier in her career, she combines a strong regulatory expertise with commercial pragmatic solutions when it comes to advising clients on compliance with data protection laws or representing them in their dealings with the UK, the EU regulators or the EDBP.