Lawyer and outsourced DPO: why Nicolas Courtier recommends Adequacy GDPR software

A lawyer since 1991 specializing in intellectual property, digital law, and personal data, Nicolas Courtier pursues three complementary activities: lawyer, outsourced DPO (personally or with DPOsystem), and associate lecturer at Aix-Marseille University. As an advisor, he systematically recommends at least two compliance tools to his clients, who, in the vast majority of cases, choose Adequacy for both the quality and reliability of the tool and the team's expertise. He explains why a SaaS-based register surpasses a simple Word or Excel file, discusses the processing record library, which has been enriched over the years, and shares his vision of a DPO who is both technical and legal, poised to embrace NIS2, the DMA, the DSA, and the AI Act within a global vision of information systems.

By
Alessandro Fiorentino
1
Min
Share this article
Nicolas Courtier Lawyer DPO Lecturer Aix-Marseille University

What path led you from law to data protection?

I have been a lawyer since 1991, and I had a diverse practice in my early career, while also having the opportunity to handle IT law cases very early on. I then gradually refocused on Intellectual Property, digital law, and personal data. That was what interested me most.

The entry into force of the GDPR accelerated the development of my firm's activity in the field of data protection. To this end, I developed a partnership with Netsystem, a digital transformation consulting firm, and its subsidiary DPOsystem. To effectively address data protection issues, it is necessary to combine technical and legal skills, and for that, one must know how to work synergistically.

Today, I therefore pursue three distinct yet complementary and intertwined activities: my profession as a lawyer, with the diverse practice it allows; outsourced DPO assignments (personally or in partnership with DPOsystem); and finally, teaching, as I am an associate lecturer at Aix-Marseille University.

Demandez une démo !

Un de nos experts vous présente comment Adequacy s’adapte à votre réalité terrain.

In what context did you become a partner of Adequacy?

Simply the search for the best tool!

Adequacy offers one of the best tools on the market, and I really enjoy working with it. Beyond the quality and reliability of the tool itself, the team's human qualities are remarkable: competent, responsive, and extremely efficient.

I always recommend at least two compliance tools to my clients, and in the vast majority of cases, they choose Adequacy for the reasons I've just mentioned.

How has a GDPR SaaS solution changed things for you and your clients?

While there are template register files to help companies with their compliance efforts, a simple Word or Excel file doesn't offer the assistance tools for building a register that you find in an online service. And it's then extremely difficult to update. Benefiting from a SaaS service like Adequacy is fundamental for keeping your register current, adapting to your own developments and changes in the field, such as those driven by case law. It also allows you to benefit from the publisher's work, as they themselves evolve the tool by intervening on the code.

The vision of compliance has evolved since 2017, mainly because we have learned and continue to learn. However, from the very beginning, Adequacy has been able to offer a robust tool in terms of IT reliability, and today it provides a very comprehensive library of processing records, which grows richer over the years and ensures it is always up-to-date.

Beyond the tool, what is the Adequacy team's greatest strength?

The teams are both friendly and competent; they know their tool inside and out.

Demandez une démo !

Un de nos experts vous présente comment Adequacy s’adapte à votre réalité terrain.

What is your vision for the DPO of tomorrow in light of NIS2 and the AI Act?

The challenge of this profession is that it relies on two skill sets: one technical, the other legal, in addition to requiring a thorough understanding of the organization it serves. And the context is evolving, the NIS2 directive for example, which is one of the next significant legislative developments, if not the most important one, is even more technical than the GDPR. DPOs will need to understand it. Technical and legal aspects are, and will continue to be, increasingly intertwined. However, while technical teams are skilled at implementing standards and adapting information systems accordingly, the work of legal professionals in interpreting legislation is different, aiming to guide organizations towards compliance. Both, however, must coordinate. Therefore, co-management needs to be implemented, and registry tools are the enablers for implementing this synergy.

The DPO must evolve compliance within a global vision of organizations' information systems and intangible assets. Technology is constantly evolving, and Europe is developing a whole new body of digital legislation with numerous texts whose list continues to grow (DMA, DSA, AI Act…). It seems to me that for the DPO to grasp the consequences of these on information systems and maintain compliance, they must have a comprehensive understanding of the evolution of technologies and the legislations that govern data protection.

All these legislations complement and are interpreted in relation to one another. A vision solely focused on personal data will no longer suffice, if it ever did.

FAQ - lawyer, outsourced DPO, and GDPR software

Why does a DPO lawyer recommend Adequacy GDPR software to their clients?

Nicolas Courtier always recommends at least two compliance tools, and in the vast majority of cases, his clients choose Adequacy for the quality and reliability of the tool, as well as for the team's expertise, responsiveness, and efficiency.

Why choose a SaaS processing register over a Word or Excel file?

A simple Word or Excel file doesn't offer the assistance tools for building a register that an online service provides, and it's difficult to update. A SaaS service like Adequacy allows you to keep your register current with your own developments and those of the subject matter, including case law, by leveraging the publisher's work, which updates the tool directly in the code.

What skills does the DPO role require?

The DPO relies on two skill sets, one technical and one legal, in addition to needing a thorough understanding of the organization they operate within. With texts like NIS2, even more technical than GDPR, technical and legal aspects are increasingly intertwined, requiring co-management between technical teams and legal professionals, with register tools serving as their support.

How should tomorrow's DPO approach the AI Act, DMA, and DSA?

Given the ever-expanding European digital legislation (DMA, DSA, AI Act), the DPO must adopt a holistic view of evolving technologies and laws. These texts complement and inform each other: a vision focused solely on personal data is no longer sufficient.

Demandez une démo !

Un de nos experts vous présente comment Adequacy s’adapte à votre réalité terrain.

The latest news

They have trusted us for years

Discover Adequacy

One of our experts introduces Adequacy to you in a real situation.