Introduction

Nicolas brings over 25 years' experience and a client-side and supplier-side perspective to complex technology transactions, digital transformation, EU digital regulations, including AI, data and cybersecurity.

Nicolas Quoy has deep experience advising and litigating on a wide range of issues raised by new technologies, including complex transactions, outsourcing, digital transformation and consortium agreements relating to innovative solutions. He advises clients on all types of digital projects and EU digital regulations, including Cloud, SaaS, IaaS, Big Data, AI, data protection (GDPR; Data Act), and cybersecurity and cyber resilience (NIS2; DORA; CRA). He also deals with e-commerce, copyright and intellectual property issues.

After working for 13 years in an international law firm (appointed Partner in 2008), 7 years as General Counsel for the Southern Europe region of Hewlett-Packard Enterprise, and 5 years in a leading French law firm  focussing on new technology law, Nicolas benefits from both dual experience (lawyer/corporate lawyer) and dual experience (on the client-user side and the IT service provider side).

Nicolas graduated from the University of Paris II, Panthéon-Assas (1992) and holds a doctorate in law (1998) on copyright infringement. He is admitted to the Paris Bar.

Nicolas teaches IT contract law in the Master 2 Droit de la Création et du Numérique programme at the University of Paris 1 Panthéon-Sorbonne, as well as at the University of Paris-Saclay and the University of Nantes.

  • Natixis - BPCE | Ongoing global assistance on a broad range of ICT contract negotiation, as well as drafting the bank standard ICT templates; advising in pre-litigation strategy with vendors.
  • A European bank | Advising on the contractual and regulatory framework for a co‑developed online vehicle leasing platform, incl. IP ownership and licensing, data sharing and privacy, SLA, security, governance, and responsibility allocation.
  • Suez | Advised and drafted its contractual policy and templates for the development of smart solutions (IoT), incl. modular contractual conditions (SaaS, on-prem, maintenance, professional services, hardware) for France, UK, US and Australia.
  • Bank and its private US private equity shareholder | Lead counsel on all ICT contracts following the acquisition of a retail bank in France for 1.9 Billion Euros, incl. BPO outsourcing to run the bank, project contracts to build the core banking solution, numerous data migration contracts and consulting contracts.
  • A US editor for its SaaS based on AI | Advised on EU Digital regulations (AI Act, Digital Operational Resilience Act - DORA), contracts with financial entities and data privacy matters.
  • A leader in luxury goods | Advised on AI generated content, including on its terms and conditions and on the Copyright Directive.
  • A listed French company in the field of energy transport and storage | Data privacy and GDPR assistance, e.g., advised on an internal investigation relating to allegations of harassment.
  • A French unicorn | Advising on EU Digital regulations (AI Act; Data Act; DORA); data breach notification to the French Data Protection Authority (CNIL) for compliance.
  • A large manufacturing group | Advised on a Data Subject Access Request (DSAR) in collaboration with Ashurst Advance using Ashurst AI powered tools.
  • Various US software editors | Advised on implications of the EU Data Act for their business and their SaaS solutions.